Age | Commit message (Collapse) | Author | Files | Lines |
|
cross-site
AJAX request exploit.
(AST-2009-009)
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.4.26.3@227693 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
the From
URI and Authorization header would reveal whether it was valid or not.
(AST-2009-008)
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.4.26.3@227692 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.4.26.3@227686 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.4.26.3@227683 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.4.26.2@216185 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.4.26.2@216182 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.4.26.2@216175 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.4.26.2@216149 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.4.26.2@216138 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.4.26.2@216107 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.4.26.2@216100 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.4.26.2@216096 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
........
r216087 | russell | 2009-09-03 14:37:05 -0500 (Thu, 03 Sep 2009) | 2 lines
Fix a typo.
........
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@216089 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
https://origsvn.digium.com/svn/asterisk/branches/1.2
........
r216080 | russell | 2009-09-03 14:35:23 -0500 (Thu, 03 Sep 2009) | 2 lines
Add a note about IAX2 to UPGRADE.txt.
........
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@216085 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.4.26.2@216066 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
(closes issue #12912)
Reported by: rathaus
Tested by: tilghman, russell, dvossel, dbrooks
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.4.26.2@216015 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
https://origsvn.digium.com/svn/asterisk/branches/1.2
........
r216005 | russell | 2009-09-03 13:42:24 -0500 (Thu, 03 Sep 2009) | 2 lines
Add IAX2 security document related to AST-2009-006.
........
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@216008 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
(closes issue #12912)
Reported by: rathaus
Tested by: tilghman, russell, dvossel, dbrooks
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@216000 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.4.26.2@215953 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.4.26.2@215947 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.4.26.2@215942 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
From section 13.3.1.1 of RFC 3261:
If the UAS desires an extended period of time to answer the INVITE,
it will need to ask for an "extension" in order to prevent proxies
from canceling the transaction. A proxy has the option of canceling
a transaction when there is a gap of 3 minutes between responses in a
transaction. To prevent cancellation, the UAS MUST send a non-100
provisional response at every minute, to handle the possibility of
lost provisional responses.
(closes issue #11157)
Reported by: rjain
Tested by: twilson
Review: https://reviewboard.asterisk.org/r/315/
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@215682 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
In general channel names are in the form Foo/Bar-Z, but the channel name
could have multiple hyphens and look like Foo/B-a-r-Z. Use strrchr to
truncate the channel name at the last hyphen.
(closes issue #15810)
Reported by: dhubbard
Patches:
dw-softhangup-1.4.patch uploaded by dhubbard (license 733)
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@215270 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
(closes issue #15787)
Reported by: tim_ringenbach
Patches:
chan_local.diff uploaded by tim ringenbach (license 540)
Tested by: tim_ringenbach
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@214940 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
We have kept this comment around long enough, that it's pretty clear that we're
keeping the code, because changing the code would require a pretty fundamental
architectural shift. We've also taken criticism in some quarters, because it
was believed that it was referring to the code being nasty. No, the code isn't
nasty, just the operation itself is rather odd. Fixed for eternity (probably
not).
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@214701 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
something we didn't allow before.
(closes issue #15714)
Reported by: pprindeville
Patches:
20090813__issue15714.diff.txt uploaded by tilghman (license 14)
Tested by: pprindeville
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@214517 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
have better information.
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@214436 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
(Figured out while working with issue #14906)
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@214357 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
In ast_write(), if a channel has a list of audiohooks, those
lists are written to and the resulting frame is what ast_write()
should continue with. The problem was the returned audiohook frame
was not being handled at all, and the original frame passed
into it did not contain the mixed audio, so essentially audio
was being lost. One result of this was chan_spy's whisper
mode no longer worked. To complicate the issue, frames
passed into ast_write may either be a single frame, or a list
of frames. So, as the list of frames is processed in the
audiohook_write, the returned frames had to be added to a new
list.
(closes issue #15660)
Reported by: corruptor
Tested by: dvossel
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@214194 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@214069 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
(closes issue #15273)
Reported by: Benjamin Kluck
Patches:
say_c.patch uploaded by Benjamin Kluck (license 803)
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@214068 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
parethesis.
(closes issue #15242)
Reported by: Nick_Lewis
Patches:
pbx.c-funcparenthesis.patch2 uploaded by dbrooks (license 790)
pbx.c-funcparenthesis-1.4.diff uploaded by loloski (license 68)
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@213970 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
(closes issue #14730)
Reported by: pkempgen
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@213899 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
enabled.
(closes issue #15373)
Reported by: dcolombo
Patches:
chan_sip.patch uploaded by mbrancaleoni (license 342)
Tested by: dcolombo, mbrancaleoni
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@213631 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
(closes issue #15698)
Reported by: slavon
Patches:
20090817__issue15698.diff.txt uploaded by tilghman (license 14)
Tested by: slavon, tilghman
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@213559 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
dialplan.
(closes issue #15755)
Reported by: trendboy
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@213493 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
(closes issue #15751)
Reported by: atis
Patches:
ast_bridge_call_peer_cdr.patch uploaded by atis (license 242)
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@213339 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@213283 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
(closes issue #15699)
Reported by: edantie
Patches:
mixmonitor.patch uploaded by edantie (license 862)
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@213103 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
f38db490-d61c-443f-a65b-d21fe96a405b
|
|
to handle.
Without this patch, asterisk creates a temporary file before determining if the
specified command is valid. If invalid, we weren't properly cleaning up the file.
(closes issue #15730)
Reported by: zmehmood
Patches:
M15730.diff uploaded by junky (license 177)
Tested by: zmehmood
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@212763 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@212727 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
If more ports were specified than configured in misdn.conf a reload would crash
asterisk. The problem was the unconfigured port was using data from the
previously configured port. When the data for an unconfigured port was freed a
crash would result from the double free.
(closes issue #12113)
Reported by: agupta
Patches:
bug12113.patch uploaded by jpeeler (license 325)
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@212498 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@212430 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
The additional checks prevent generation of false TRANSFER events in certain situations.
(closes issue #14536)
Reported by: aragon
Patches:
queue-log-xfer-fix1.diff uploaded by mnicholson (license 96)
Tested by: aragon, mnicholson
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@211953 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
INVITEs.
There already was code present to be sure that a CANCEL will contain the same branch-id
as the INVITE it is cancelling. However, for INVITES which are challenged downstream,
this mechanism did not work properly. Now this is taken care of.
This is a backport of a fix already present in all 1.6.X branches and in trunk. It also
fixes ABE-1907.
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@211807 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.4.26.1@211596 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.4.26.1@211591 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@211583 f38db490-d61c-443f-a65b-d21fe96a405b
|
|
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@211528 f38db490-d61c-443f-a65b-d21fe96a405b
|