0ca7560...
by
Leif Madsen
on 2011-12-08
Update svn:externals to checkout last version of menuselect for the 1.6.1 branch.
git-svn-id: https:/ /origsvn. digium. com/svn/ asterisk/ branches/ 1.6.1@347661 65c4cc65- 6c06-0410- ace0-fbb531ad65 f3
4725caf...
by
Matthew Nicholson <email address hidden>
on 2011-04-21
Added limits to the number of unauthenticated sessions TCP based protocols are allowed to have open simultaneously. Also added timeouts for unauthenticated sessions where it made sense to do so.
Unrelated, the manager interface now properly checks if the user has the "system" privilege before executing shell commands via the Originate action.
AST-2011-005
AST-2011-006
(closes issue #18787)
Reported by: kobaz
(related to issue #18996)
Reported by: tzafrir
git-svn-id: https:/ /origsvn. digium. com/svn/ asterisk/ branches/ 1.6.1@314685 65c4cc65- 6c06-0410- ace0-fbb531ad65 f3
35cc260...
by
Matthew Nicholson <email address hidden>
on 2011-04-05
Limit the number of unauthenticated manager sessions and also limit the time they have to authenticate.
AST-2011-005
(closes issue #18996)
Reported by: tzafrir
Tested by: mnicholson
git-svn-id: https:/ /origsvn. digium. com/svn/ asterisk/ branches/ 1.6.1@312763 65c4cc65- 6c06-0410- ace0-fbb531ad65 f3
32756c5...
by
Matthew Nicholson <email address hidden>
on 2011-03-17
Don't write items to the manager socket twice.
AST-2011-003
(closes issue 0018987)
Reported by: ks-steven
git-svn-id: https:/ /origsvn. digium. com/svn/ asterisk/ branches/ 1.6.1@311139 65c4cc65- 6c06-0410- ace0-fbb531ad65 f3
b9b9d4d...
by
Terry Wilson <email address hidden>
on 2011-03-16
Fix crash on fdopen failure
See security advisory AST-2011-004
(closes issue #18845)
Reported by: cmaj
Patches:
patch- main-tcptls- 1.8.3-rc2- open-session- crash-take2. diff.txt uploaded by cmaj (license 830)
patch- main-tcptls- 1.8.3-rc2- open-session- crash-take3. diff.txt uploaded by cmaj (license 830)
Tested by: cmaj, twilson
git-svn-id: https:/ /origsvn. digium. com/svn/ asterisk/ branches/ 1.6.1@310995 65c4cc65- 6c06-0410- ace0-fbb531ad65 f3
adefcd6...
by
Terry Wilson <email address hidden>
on 2011-03-16
Don't keep trying to write to a closed connection
See security advisory AST-2011-003.
git-svn-id: https:/ /origsvn. digium. com/svn/ asterisk/ branches/ 1.6.1@310994 65c4cc65- 6c06-0410- ace0-fbb531ad65 f3
b0f933a...
by
Matthew Nicholson <email address hidden>
on 2011-02-24
silence gcc 4.2 compiler warning
git-svn-id: https:/ /origsvn. digium. com/svn/ asterisk/ branches/ 1.6.1@308725 65c4cc65- 6c06-0410- ace0-fbb531ad65 f3
d3cbc97...
by
Matthew Nicholson <email address hidden>
on 2011-02-21
Properly check the bounds of arrays when decoding UDPTL packets. Also, remove broken support for receiving UDPTL packets larger than 16k. That shouldn't ever happen anyway.
AST-2011-002
FAX-281
git-svn-id: https:/ /origsvn. digium. com/svn/ asterisk/ branches/ 1.6.1@308517 65c4cc65- 6c06-0410- ace0-fbb531ad65 f3
d696f78...
by
Matthew Nicholson <email address hidden>
on 2011-01-17
Merged revisions 301305 via svnmerge from
https:/ /origsvn. digium. com/svn/ asterisk/ branches/ 1.4
........
r301305 | mnicholson | 2011-01-11 12:34:40 -0600 (Tue, 11 Jan 2011) | 4 lines
Prevent buffer overflows in ast_uri_encode()
ABE-2705
........
git-svn-id: https:/ /origsvn. digium. com/svn/ asterisk/ branches/ 1.6.1@302142 65c4cc65- 6c06-0410- ace0-fbb531ad65 f3
b614055...
by
Terry Wilson <email address hidden>
on 2010-05-24
Merged revisions 265320,265467 via svnmerge from
https:/ /origsvn. digium. com/svn/ asterisk/ trunk
........
r265320 | twilson | 2010-05-24 14:06:40 -0500 (Mon, 24 May 2010) | 14 lines
Add the FullyBooted AMI event
It is possible to connect to the manager interface before all Asterisk modules
are loaded. To ensure that an application does not send AMI actions that might
require a module that has not yet loaded, the application can listen for the
FullyBooted manager event. It will be sent upon connection if all modules have
been loaded, or as soon as loading is complete. The event:
Event: FullyBooted
Privilege: system,all
Status: Fully Booted
Review: https:/ /reviewboard. asterisk. org/r/639/
........
r265467 | twilson | 2010-05-24 17:21:58 -0500 (Mon, 24 May 2010) | 1 line
Merge the rest of the FullyBooted patch
........
git-svn-id: https:/ /origsvn. digium. com/svn/ asterisk/ branches/ 1.6.1@265519 65c4cc65- 6c06-0410- ace0-fbb531ad65 f3