This module provides an interface to the Asterisk Manager Interface.
Its goal is to provide a flexible, powerful, and reliable way to
interact with Asterisk upon which other applications may be built.
It utilizes AnyEvent and therefore can integrate very easily into
event-based applications, but still provides blocking functions for use
with standard scripting.
* A possible buffer overflow during H.264 (video) format negotiation.
CVE-2013-2685
* A denial of service exists in Asterisk's HTTP server.
CVE-2013-2686
* A potential username disclosure exists in the SIP channel driver.
CVE-2013-2264
AST-2012-014: crashes due to large stack allocations in TCP;
affects remote unauthenticated SIP *over TCP* and remote authenticated
XMPP/HTTP connections.
AST-2012-015: DoS through resource consumption by exploiting device
state caching; exploitable if anonymous calls are permitted.
- while there, revise pbx_spool.c kevent timeout fix; rather than
clamping the timestamp, in the particular problem situation we hit
the loop (where dirlist is empty), pass in NULL rather than
INT_MAX-timenow similar to what's done in the inotify case.
Note: this port may be removed in the future; users are recommended to
migrate to ConfBridge, which is part of Asterisk itself and has improved
greatly in the rewrite for Asterisk 10.x.
- Fix channel reference leak in ChanSpy.
- dsp.c: Fix multiple issues when no-interdigit delay is present,
and fast DTMF 50ms/50ms.
- Fix bug where final queue member would not be removed from memory.
- Fix memory leak when CEL is successfully written to PostgreSQL database.
- Fix DUNDi message routing bug when neighboring peer is unreachable.
- If using ConfBridge, note that the dialplan arguments have changed.
- If using the built-in HTTP server, note that a bindaddr must now be given,
previously the default was 0.0.0.0 but this must now be given explicitly.
- Internal database now uses SQLite3 not BDB, conversion tools are provided.
See share/doc/asterisk/UPGRADE.txt for more.
- strip core-sounds and moh out of the main asterisk package,
they change comparatively rarely.
- provide all available languages.
- provide multiple codecs for all files, replacing the asterisk-native-sounds
package which only provided ulaw versions of the asterisk 1.4 files, ports
laid out to permit parallel building.
- the old asterisk-sounds package providing additional sound files beyond
the core ones is now "extra-sounds" modelled after the filename of the
distributed files.
Sofia-SIP is an open-source SIP User-Agent library, compliant with the
IETF RFC3261 specification (see the feature table). It can be used as a
building block for SIP client software for uses such as VoIP, IM, and
many other real-time and person-to-person communication services.
ok sthen@
