kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2026-01-21 17:12:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Release summaries: Add summaries for 13.7.1

Browse Source
This commit is contained in:
kharwell
2016-02-03 16:33:57 -05:00
parent d99d10bd4c
commit 20a93c6357
2 changed files with 189 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
asterisk-13.7.1-summary.html Normal file
View File

@@ -0,0 +1,34 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-13.7.1</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-13.7.1</h3><h3 align="center">Date: 2016-02-03</h3><h3 align="center">&lt;asteriskteam@digium.com&gt;</h3><hr><h2 align="center">Table of Contents</h2><ol>
<li><a href="#summary">Summary</a></li>
<li><a href="#contributors">Contributors</a></li>
<li><a href="#closed_issues">Closed Issues</a></li>
<li><a href="#open_issues">Open Issues</a></li>
<li><a href="#commits">Other Changes</a></li>
<li><a href="#diffstat">Diffstat</a></li>
</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.</p><p>Security Advisories:</p><ul>
<li><a href="http://downloads.asterisk.org/pub/security/AST-2016-001,AST-2016-002,AST-2016-003.html">AST-2016-001,AST-2016-002,AST-2016-003</a></li>
</ul><p>The data in this summary reflects changes that have been made since the previous release, asterisk-13.7.0.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
<tr valign="top"><td width="33%">3 Kevin Harwell <kharwell@lunkwill><br/>2 Richard Mudgett <rmudgett@digium.com><br/>1 Kevin Harwell <kharwell@lunkwill.digium.internal><br/>1 Joshua Colp <jcolp@digium.com><br/></td><td width="33%"><td width="33%">1 Walter Doekes <walter+asterisk@wjd.nu><br/>1 Walter Doekes<br/>1 Alex A. Welzl <a.welzl@sportradar.com><br/>1 Alexander Traud <pabstraud@compuserve.com><br/>1 Torrey Searle <tsearle@gmail.com><br/>1 Alexander Traud<br/></td></tr>
</table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Bug</h3><h4>Category: Channels/chan_sip/General</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-25397">ASTERISK-25397</a>: [patch]chan_sip: File descriptor leak with non-default timert1<br/>Reported by: Alexander Traud<ul>
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=f08083f0f0c2df619a78e68239c56b617c002424">[f08083f0f0]</a> Richard Mudgett -- AST-2016-002 chan_sip.c: Fix retransmission timeout integer overflow.</li>
</ul><br><h4>Category: Core/UDPTL</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-25603">ASTERISK-25603</a>: [patch]udptl: Uninitialized lengths and bufs in udptl_rx_packet cause ast_frdup crash<br/>Reported by: Walter Doekes<ul>
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=b0646ff0daa0b53709989bc2c356585dfc14c818">[b0646ff0da]</a> Richard Mudgett -- AST-2016-003 udptl.c: Fix uninitialized values.</li>
</ul><br><h4>Category: Resources/res_http_websocket</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-24972">ASTERISK-24972</a>: Transport Layer Security (TLS) Protocol BEAST Vulnerability - Investigate vulnerability of HTTP server<br/>Reported by: Alex A. Welzl<ul>
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=1e7854dfa24dfd47e1810941a4860ea8a6b7dcad">[1e7854dfa2]</a> Joshua Colp -- AST-2016-001 http: Provide greater control of TLS and set modern defaults.</li>
</ul><br><hr><a name="open_issues"><h2 align="center">Open Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all open issues from the issue tracker that were referenced by changes that went into this release.</p><h3>Bug</h3><h4>Category: Core/UDPTL</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-25742">ASTERISK-25742</a>: Secondary IFP Packets can result in accessing uninitialized pointers and a crash<br/>Reported by: Torrey Searle<ul>
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=b0646ff0daa0b53709989bc2c356585dfc14c818">[b0646ff0da]</a> Richard Mudgett -- AST-2016-003 udptl.c: Fix uninitialized values.</li>
</ul><br><hr><a name="commits"><h2 align="center">Commits Not Associated with an Issue</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all changes that went into this release that did not reference a JIRA issue.</p><table width="100%" border="1">
<tr><th>Revision</th><th>Author</th><th>Summary</th></tr>
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=d99d10bd4cc3be1bafcbd5bed774ba741b0b8b5f">d99d10bd4c</a></td><td>Kevin Harwell</td><td>Release summaries: Remove previous versions</td></tr>
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=e937a6db11293d9fc50268b0a08c66670d32afed">e937a6db11</a></td><td>Kevin Harwell</td><td>.version: Update for 13.7.1</td></tr>
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=30a6826f1e3e64e9997859fd56cbbc16be4f5bfc">30a6826f1e</a></td><td>Kevin Harwell</td><td>.lastclean: Update for 13.7.1</td></tr>
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=1c79fa7eb8d8334d0a89970560cd602f38553464">1c79fa7eb8</a></td><td>Kevin Harwell</td><td>realtime: Add database scripts for 13.7.1</td></tr>
</table><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>asterisk-13.7.0-summary.html | 423 --------------
asterisk-13.7.0-summary.txt | 1080 -------------------------------------
b/.version | 2
b/channels/chan_sip.c | 7
b/configs/samples/http.conf.sample | 20
b/include/asterisk/tcptls.h | 10
b/main/http.c | 5
7 files changed, 41 insertions(+), 1506 deletions(-)</pre><br></html>

155
asterisk-13.7.1-summary.txt Normal file
View File

@@ -0,0 +1,155 @@
Release Summary
asterisk-13.7.1
Date: 2016-02-03
<asteriskteam@digium.com>
----------------------------------------------------------------------
Table of Contents
1. Summary
2. Contributors
3. Closed Issues
4. Open Issues
5. Other Changes
6. Diffstat
----------------------------------------------------------------------
Summary
[Back to Top]
This release has been made to address one or more security vulnerabilities
that have been identified. A security advisory document has been published
for each vulnerability that includes additional information. Users of
versions of Asterisk that are affected are strongly encouraged to review
the advisories and determine what action they should take to protect their
systems from these issues.
Security Advisories:
* AST-2016-001,AST-2016-002,AST-2016-003
The data in this summary reflects changes that have been made since the
previous release, asterisk-13.7.0.
----------------------------------------------------------------------
Contributors
[Back to Top]
This table lists the people who have submitted code, those that have
tested patches, as well as those that reported issues on the issue tracker
that were resolved in this release. For coders, the number is how many of
their patches (of any size) were committed into this release. For testers,
the number is the number of times their name was listed as assisting with
testing a patch. Finally, for reporters, the number is the number of
issues that they reported that were affected by commits that went into
this release.
Coders Testers Reporters
3 Kevin Harwell 1 Walter Doekes
2 Richard Mudgett 1 Walter Doekes
1 Kevin Harwell 1 Alex A. Welzl
1 Joshua Colp 1 Alexander Traud
1 Torrey Searle
1 Alexander Traud
----------------------------------------------------------------------
Closed Issues
[Back to Top]
This is a list of all issues from the issue tracker that were closed by
changes that went into this release.
Bug
Category: Channels/chan_sip/General
ASTERISK-25397: [patch]chan_sip: File descriptor leak with non-default
timert1
Reported by: Alexander Traud
* [f08083f0f0] Richard Mudgett -- AST-2016-002 chan_sip.c: Fix
retransmission timeout integer overflow.
Category: Core/UDPTL
ASTERISK-25603: [patch]udptl: Uninitialized lengths and bufs in
udptl_rx_packet cause ast_frdup crash
Reported by: Walter Doekes
* [b0646ff0da] Richard Mudgett -- AST-2016-003 udptl.c: Fix
uninitialized values.
Category: Resources/res_http_websocket
ASTERISK-24972: Transport Layer Security (TLS) Protocol BEAST
Vulnerability - Investigate vulnerability of HTTP server
Reported by: Alex A. Welzl
* [1e7854dfa2] Joshua Colp -- AST-2016-001 http: Provide greater control
of TLS and set modern defaults.
----------------------------------------------------------------------
Open Issues
[Back to Top]
This is a list of all open issues from the issue tracker that were
referenced by changes that went into this release.
Bug
Category: Core/UDPTL
ASTERISK-25742: Secondary IFP Packets can result in accessing
uninitialized pointers and a crash
Reported by: Torrey Searle
* [b0646ff0da] Richard Mudgett -- AST-2016-003 udptl.c: Fix
uninitialized values.
----------------------------------------------------------------------
Commits Not Associated with an Issue
[Back to Top]
This is a list of all changes that went into this release that did not
reference a JIRA issue.
+------------------------------------------------------------------------+
| Revision | Author | Summary |
|------------+---------------+-------------------------------------------|
| d99d10bd4c | Kevin Harwell | Release summaries: Remove previous |
| | | versions |
|------------+---------------+-------------------------------------------|
| e937a6db11 | Kevin Harwell | .version: Update for 13.7.1 |
|------------+---------------+-------------------------------------------|
| 30a6826f1e | Kevin Harwell | .lastclean: Update for 13.7.1 |
|------------+---------------+-------------------------------------------|
| 1c79fa7eb8 | Kevin Harwell | realtime: Add database scripts for 13.7.1 |
+------------------------------------------------------------------------+
----------------------------------------------------------------------
Diffstat Results
[Back to Top]
This is a summary of the changes to the source code that went into this
release that was generated using the diffstat utility.
asterisk-13.7.0-summary.html | 423 --------------
asterisk-13.7.0-summary.txt | 1080 -------------------------------------
b/.version | 2
b/channels/chan_sip.c | 7
b/configs/samples/http.conf.sample | 20
b/include/asterisk/tcptls.h | 10
b/main/http.c | 5
7 files changed, 41 insertions(+), 1506 deletions(-)