lp:asterisk/10

Branch merges

This import branch has no branches proposed for merge into it.

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

22648. By dlee on 2013-12-16

security: Inhibit execution of privilege escalating functions

This patch allows individual dialplan functions to be marked as
'dangerous', to inhibit their execution from external sources.

A 'dangerous' function is one which results in a privilege escalation.
For example, if one were to read the channel variable SHELL(rm -rf /)
Bad Things(TM) could happen; even if the external source has only read
permissions.

Execution from external sources may be enabled by setting
'live_dangerously' to 'yes' in the [options] section of asterisk.conf.
Although doing so is not recommended.

(closes issue ASTERISK-22905)
Review: http://reviewboard.digium.internal/r/432/
........

Merged revisions 403913 from http://svn.asterisk.org/svn/asterisk/branches/1.8

22647. By sgriepentrog on 2013-12-16

app_sms: BufferOverflow when receiving odd length 16 bit message

This patch prevents an infinite loop overwriting memory when
a message is received into the unpacksms16() function, where
the length of the message is an odd number of bytes.

(closes issue ASTERISK-22590)
Reported by: Jan Juergens
Tested by: Jan Juergens
........

Merged revisions 403853 from http://svn.asterisk.org/svn/asterisk/branches/1.8

22646. By kharwell on 2013-08-30

Fix memory leaks

(closes issue ASTERISK-22368)
Reported by: Corey Farrell
Patches:
     issueA22368_mixmonitor_free_filename.patch uploaded by wdoekes (license 5674)

22645. By mjordan on 2013-08-27

AST-2013-005: Fix crash caused by invalid SDP

If the SIP channel driver processes an invalid SDP that defines media
descriptions before connection information, it may attempt to reference
the socket address information even though that information has not yet
been set. This will cause a crash.

This patch adds checks when handling the various media descriptions that
ensures the media descriptions are handled only if we have connection
information suitable for that media.

Thanks to Walter Doekes, OSSO B.V., for reporting, testing, and providing
the solution to this problem.

(closes issue ASTERISK-22007)
Reported by: wdoekes
Tested by: wdoekes
patches:
  issueA22007_sdp_without_c_death.patch uploaded by wdoekes (License 5674)
........

Merged revisions 397756 from http://svn.asterisk.org/svn/asterisk/branches/1.8

22644. By mjordan on 2013-08-27

AST-2013-004: Fix crash when handling ACK on dialog that has no channel

A remote exploitable crash vulnerability exists in the SIP channel driver if an
ACK with SDP is received after the channel has been terminated. The handling
code incorrectly assumed that the channel would always be present.

This patch adds a check such that the SDP will only be parsed and applied if
Asterisk has a channel present that is associated with the dialog.

Note that the patch being applied was modified only slightly from the patch
provided by Walter Doekes of OSSO B.V.

(closes issue ASTERISK-21064)
Reported by: Colin Cuthbertson
Tested by: wdoekes, Colin Cutherbertson
patches:
  issueA21064_fix.patch uploaded by wdoekes (License 5674)
........

Merged revisions 397710 from http://svn.asterisk.org/svn/asterisk/branches/1.8

22643. By may on 2013-05-31

reject call attempts when gatekeeper is configured but not registered

(closes issue ASTERISK-21800)
Reported by: Dmitry Melekhov
Patches:
        ASTERISK-21800-1.patch
Tested by: Dmitry Melekhov
........

Merged revisions 390181 from http://svn.asterisk.org/svn/asterisk/branches/1.8

22642. By mjordan on 2013-03-27

AST-2013-003: Prevent username disclosure in SIP channel driver

When authenticating a SIP request with alwaysauthreject enabled, allowguest
disabled, and autocreatepeer disabled, Asterisk discloses whether a user
exists for INVITE, SUBSCRIBE, and REGISTER transactions in multiple ways. The
information is disclosed when:
 * A "407 Proxy Authentication Required" response is sent instead of a
   "401 Unauthorized" response
 * The presence or absence of additional tags occurs at the end of "403
   Forbidden" (such as "(Bad Auth)")
 * A "401 Unauthorized" response is sent instead of "403 Forbidden" response
   after a retransmission
 * Retransmission are sent when a matching peer did not exist, but not when a
   matching peer did exist.

This patch resolves these various vectors by ensuring that the responses sent
in all scenarios is the same, regardless of the presence of a matching peer.

This issue was reported by Walter Doekes, OSSO B.V. A substantial portion of
the testing and the solution to this problem was done by Walter as well - a
huge thanks to his tireless efforts in finding all the ways in which this
setting didn't work, providing automated tests, and working with Kinsey on
getting this fixed.

(closes issue ASTERISK-21013)
Reported by: wdoekes
Tested by: wdoekes, kmoore
patches:
  AST-2013-003-1.8 uploaded by kmoore, wdoekes (License 6273, 5674)
  AST-2013-003-10 uploaded by kmoore, wdoekes (License 6273, 5674)
  AST-2013-003-11 uploaded by kmoore, wdoekes (License 6273, 5674)

22641. By mjordan on 2013-03-27

AST-2013-002: Prevent denial of service in HTTP server

AST-2012-014, fixed in January of this year, contained a fix for Asterisk's
HTTP server for a remotely-triggered crash. While the fix put in place fixed
the possibility for the crash to be triggered, a denial of service vector still
exists with that solution if an attacker sends one or more HTTP POST requests
with very large Content-Length values. This patch resolves this by capping
the Content-Length at 1024 bytes. Any attempt to send an HTTP POST with
Content-Length greater than this cap will not result in any memory allocation.
The POST will be responded to with an HTTP 413 "Request Entity Too Large"
response.

This issue was reported by Christoph Hebeisen of TELUS Security Labs

(closes issue ASTERISK-20967)
Reported by: Christoph Hebeisen
patches:
  AST-2013-002-1.8.diff uploaded by mmichelson (License 5049)
  AST-2013-002-10.diff uploaded by mmichelson (License 5049)
  AST-2013-002-11.diff uploaded by mmichelson (License 5049)

22640. By mjordan on 2013-01-21

Update init.d scripts to handle stderr; readd splash screen for remote consoles

When r376428 was commited to re-order start up sequences to be more tolerant of
forking with thread primitives, a few items were changed that caused changes
in behavior on some distros. This includes:
 * Not displaying the splash screen on a remote console.
 * Displaying an error message on stderr when a remote console cannot connect
   to a running instance of Asterisk.

In the first case, the splash screen was re-added (thanks to Michael L. Young).
In the second case, the various init.d scripts were modified to pipe stderr
to /dev/null, as the error message is useful - if you execute a remote
console or a remote console command execution and it fail, it should tell
you. Note that the error message was always present, it just failed to be
printed prior to r376428.

Much thanks to the folks who quickly reported this problem, provided solutions,
and promptly tested the various init.d scripts on a variety of distros.

*** NOTE ***
If you're wondering why this got merged into 10, it's because we're going to
release a regression release with this in it. Might as well get it into the
branch so the tag reflects some version of reality.

(closes issue ASTERISK-20945)
Reported by: Warren Selby
Tested by: Michael L. Young, Jamuel Starkey, kaldemar, Danny Nicholas, mjordan
patches:
  asterisk-20945-remote-intro-msg.diff uploaded by elguero (license 5026)
  ASTERISK-20945-1.8-mjordan.diff uploaded by mjordan (license 6283)
........

Merged revisions 379760 from http://svn.asterisk.org/svn/asterisk/branches/1.8

22639. By mjordan on 2013-01-19

Fix astcanary startup problem due to wrong pid value from before daemon call

When Asterisk forks itself into the background via a call to daemon, it must
re-set the pid value of the new process. Otherwise, astcanary gets the pid
value of the process before the fork, which prevents it from running. Asterisk
eventually starts lowering its priority, as it can no longer communicate
with the proverbial canary in the coal mine.

This patch ensures that the correct process identifier is used by astcanary.

Note that this is getting committed to 10 as a regression fix.

(closes issue ASTERISK-20947)
Reported by: Jakob Hirsch
Tested by: mjordan
patches:
  asterisk-10.12.0.astcanary_ppid.diff uploaded by Jakob Hirsch (license 6113)
........

Merged revisions 379509 from http://svn.asterisk.org/svn/asterisk/branches/1.8