Here's the changelog:

2008-12-01  Tilghman Lesher <tlesher@digium.com>

	* Asterisk 1.2.30.3 released

2008-11-25 21:37 +0000 [r159245]  Tilghman Lesher <tlesher@digium.com>

	* channels/chan_iax2.c: Regression fix for last security fix. Set
	  the iseqno correctly. (closes issue #13918) Reported by:
	  ffloimair Patches: 20081119__bug13918.diff.txt uploaded by
	  Corydon76 (license 14) Tested by: ffloimair

2008-08-09  Tilghman Lesher <tlesher@digium.com>

	* Asterisk 1.2.30.2 released

2008-08-09 15:24 +0000 [r136945]  Tilghman Lesher <tlesher@digium.com>

	* include/asterisk/compat.h, include/asterisk/astobj2.h: Regression
	  fixes for Solaris

2008-07-25 15:00 +0000 [r133577]  Russell Bryant <russell@digium.com>

	* LICENSE: Fix the IAX2 URI for calling Digium

2008-07-23  Tilghman Lesher <tlesher@digium.com>

	* Asterisk 1.2.30.1 released

2008-07-24 03:46 +0000 [r133360]  Tilghman Lesher <tlesher@digium.com>

	* channels/chan_iax2.c: This part was not correctly patched for
	  AST-2008-010.

2008-07-22  Russell Bryant <russell@digium.com>

	* Asterisk 1.2.30 released

2008-07-22 21:14 +0000 [r132711]  Tilghman Lesher <tlesher@digium.com>

	* configs/iax.conf.sample, channels/chan_iax2.c: Fixes for
	  AST-2008-010 and AST-2008-011

2008-06-03  Russell Bryant <russell@digium.com>

	* Asterisk 1.2.29 released

2008-06-03 19:30 +0000 [r120109]  Joshua Colp <jcolp@digium.com>

	* channels/chan_sip.c: Copy the From header into a variable so that
	  pedantic SIP handling does not try to mess with a NULL pointer.
	  (AST-2008-008) (closes issue #12607) Reported by: hooi

2008-05-30 12:49 +0000 [r119008-119237]  Russell Bryant <russell@digium.com>

	* channels/chan_iax2.c: - Instead of only enforcing destination
	  call number checking on an ACK, check all full frames except for
	  PING and LAGRQ, which may be sent by older versions too quickly
	  to contain the destination call number. (As suggested by Tim
	  Panton on the asterisk-dev list) - Merge changes from
	  team/russell/iax2-frame-race, which prevents PING and LAGRQ from
	  being sent before the destination call number is known.

	* channels/chan_iax2.c: Merge changes from
	  team/russell/iax2-another-fix-to-the-fix As described in the
	  following post to the asterisk-dev mailing list, only enforce
	  destination call numbers when processing an ACK.
	  http://lists.digium.com/pipermail/asterisk-dev/2008-May/033217.html

2008-05-21  Russell Bryant <russell@digium.com>

	* Asterisk 1.2.28.1 released

2008-05-08 19:14 +0000 [r115564]  Russell Bryant <russell@digium.com>

	* channels/chan_iax2.c: Fix a race condition that bbryant just
	  found while doing some IAX2 testing. He was running Asterisk
	  trunk running IAX2 calls through a few Asterisk boxes, however,
	  the audio was extremely choppy. We looked at a packet trace and
	  saw a storm of INVAL and VNAK frames being sent from one box to
	  another. It turned out that what had happened was that one box
	  tried to send a CONTROL frame before the 3 way handshake had
	  completed. So, that frame did not include the destination call
	  number, because it didn't have it yet. Part of our recent work
	  for security issues included an additional check to ensure that
	  frames that are supposed to include the destination call number
	  have the correct one. This caused the frame to be rejected with
	  an INVAL. The frame would get retransmitted for forever, rejected
	  every time ... This race condition exists in all versions that
	  got the security changes, in theory. However, it is really only
	  likely that this would cause a problem in Asterisk trunk. There
	  was a control frame being sent (SRCUPDATE) at the _very_
	  beginning of the call, which does not exist in 1.2 or 1.4.
	  However, I am fixing all versions that could potentially be
	  affected by the introduced race condition. These changes are what
	  bbryant and I came up with to fix the issue. Instead of simply
	  dropping control frames that get sent before the handshake is
	  complete, the code attempts to wait a little while, since in most
	  cases, the handshake will complete very quickly. If it doesn't
	  complete after yielding for a little while, then the frame gets
	  dropped.

2008-05-07 16:22 +0000 [r115511]  Russell Bryant <russell@digium.com>

	* include/asterisk/dlinkedlists.h (removed), channels/chan_iax2.c:
	  Remove remnants of dlinkedlists. I didn't actually use them in
	  the final version of my IAX2 improvements.

2008-05-06 19:54 +0000 [r115421]  Jason Parker <jparker@digium.com>

	* contrib/scripts/get_ilbc_source.sh: read requires an argument on
	  some non-bash shells (closes issue #12593) Reported by: bkruse
	  Patches: getilbc.sh_12593_v1.diff uploaded by bkruse (license
	  132)

2008-05-05 17:53 +0000 [r115296]  Russell Bryant <russell@digium.com>

	* Makefile, include/asterisk/astobj2.h (added), astobj2.c (added),
	  include/asterisk/dlinkedlists.h (added), channels/chan_iax2.c:
	  Merge changes from team/russell/iax2_find_callno_1.2 These
	  changes address a critical performance issue introduced in the
	  latest release. The fix for the latest security issue included a
	  change that made Asterisk randomly choose call numbers to make
	  them more difficult to guess by attackers. However, due to some
	  inefficient (this is by far, an understatement) code, when
	  Asterisk chose high call numbers, chan_iax2 became unusable after
	  just a small number of calls. On a small embedded platform, it
	  would not be able to handle a single call. On my Intel Core 2 Duo
	  @ 2.33 GHz, I couldn't run more than about 16 IAX2 channels.
	  Ouch. These changes address some performance issues of the
	  find_callno() function that have bothered me for a very long
	  time. On every incoming media frame, it iterated through every
	  possible call number trying to find a matching active call. This
	  involved a mutex lock and unlock for each call number checked.
	  So, if the random call number chosen was 20000, then every media
	  frame would cause 20000 locks and unlocks. Previously, this
	  problem was not as obvious since Asterisk always chose the lowest
	  call number it could. A second container for IAX2 pvt structs has
	  been added. It is an astobj2 hash table. When we know the remote
	  side's call number, the pvt goes into the hash table with a hash
	  value of the remote side's call number. Then, lookups for
	  incoming media frames are a very fast hash lookup instead of an
	  absolutely insane array traversal. In a quick test, I was able to
	  get more than 3600% more IAX2 channels on my machine with these
	  changes.

2008-04-29 12:52 +0000 [r114822]  Kevin P. Fleming <kpfleming@digium.com>

	* contrib/scripts/get_ilbc_source.sh: stop script from appending
	  source code if run multiple times

2008-04-22  Russell Bryant <russell@digium.com>

	* Asterisk 1.2.28 released

2008-04-22 22:20 +0000 [r114561]  Russell Bryant <russell@digium.com>

	* channels/chan_iax2.c: When we receive a full frame that is
	  supposed to contain our call number, ensure that it has the
	  correct one. (closes issue #10078) (AST-2008-006)

2008-03-26 19:49 +0000 [r110869-111125]  Kevin P. Fleming <kpfleming@digium.com>

	* UPGRADE.txt: update UPGRADE notes to document usage of the script

	* contrib/scripts/get_ilbc_source.sh (added), codecs/ilbc: add a
	  script to make getting the iLBC source code simple for end users

	* codecs/ilbc/StateConstructW.h (removed), codecs/ilbc/packing.h
	  (removed), codecs/ilbc/getCBvec.c (removed),
	  codecs/ilbc/LPCdecode.c (removed), codecs/ilbc/enhancer.c
	  (removed), codecs/ilbc/lsf.c (removed), codecs/ilbc/iLBC_encode.c
	  (removed), codecs/ilbc/getCBvec.h (removed),
	  codecs/ilbc/LPCdecode.h (removed), codecs/ilbc/enhancer.h
	  (removed), codecs/ilbc/FrameClassify.c (removed),
	  codecs/ilbc/iLBC_define.h (removed), codecs/ilbc/lsf.h (removed),
	  codecs/ilbc/iLBC_encode.h (removed), codecs/ilbc/FrameClassify.h
	  (removed), codecs/ilbc/helpfun.c (removed), codecs/ilbc/doCPLC.c
	  (removed), codecs/ilbc/anaFilter.c (removed),
	  codecs/ilbc/helpfun.h (removed), codecs/ilbc/createCB.c
	  (removed), codecs/ilbc/doCPLC.h (removed),
	  codecs/ilbc/anaFilter.h (removed), UPGRADE.txt,
	  codecs/ilbc/iLBC_decode.c (removed), codecs/ilbc/constants.c
	  (removed), codecs/ilbc/createCB.h (removed),
	  codecs/ilbc/iLBC_decode.h (removed), codecs/ilbc/constants.h
	  (removed), codecs/ilbc/iCBSearch.c (removed),
	  codecs/ilbc/filter.c (removed), codecs/ilbc/gainquant.c
	  (removed), codecs/ilbc/hpInput.c (removed),
	  codecs/ilbc/hpOutput.c (removed), codecs/ilbc/iCBSearch.h
	  (removed), codecs/ilbc/filter.h (removed), codecs/ilbc/hpInput.h
	  (removed), codecs/ilbc/gainquant.h (removed),
	  codecs/ilbc/LPCencode.c (removed), codecs/ilbc/hpOutput.h
	  (removed), codecs/ilbc/StateSearchW.c (removed),
	  codecs/ilbc/LPCencode.h (removed), codecs/ilbc/StateSearchW.h
	  (removed), codecs/ilbc/iCBConstruct.c (removed),
	  codecs/ilbc/syntFilter.c (removed), codecs/ilbc/iCBConstruct.h
	  (removed), codecs/ilbc/syntFilter.h (removed),
	  codecs/ilbc/StateConstructW.c (removed), codecs/ilbc/packing.c
	  (removed): due to licensing restrictions, we cannot distribute
	  the source code for iLBC encoding and decoding... so remove it,
	  and add instructions on how the user can obtain it themselves

2008-03-20 21:53 +0000 [r110335]  Russell Bryant <russell@digium.com>

	* channels/chan_sip.c, channels/chan_iax2.c: Fix some very broken
	  code that was introduced in 1.2.26 as a part of the security fix.
	  The dnsmgr is not appropriate here. The dnsmgr takes a pointer to
	  an address structure that a background thread continuously
	  updates. However, in these cases, a stack variable was passed.
	  That means that the dnsmgr thread would be continuously writing
	  to bogus memory.

Looking forward to a bump on this in-tree (though long deprecated) branch of Asterisk. Thanks!

Should bump to 1.2.30.4 because bug 250748.

Changelog for 1.2.30.4:
2008-12-10  Tilghman Lesher <tlesher@digium.com>

	* Asterisk 1.2.30.4 released

2008-12-10 21:06 +0000 [r162868]  Tilghman Lesher <tlesher@digium.com>

	* channels/chan_iax2.c: Fix for AST-2008-012

2008-12-05 20:50 +0000 [r161421]  Sean Bright <sean.bright@gmail.com>

	* include/asterisk/astobj2.h, astobj2.c: Fix build errors on
	  FreeBSD (uint -> unsigned int). (closes issue #14006) Reported
	  by: alphaque Patches: astobj2.h-patch uploaded by alphaque
	  (license 259) (Slightly modified by seanbright)

Created attachment 177069 [details, diff]
use external dev-libs/ilbc-rfc3951

Created attachment 177070 [details]
quick ebuild without any gentoo patches

Need to review all previous patches, so it's disabled for now.

Comment 5 Mounir Lamouri (volkmar) (RETIRED) 2009-02-23 02:24:29 UTC

There is now 1.2.31.1 (http://www.asterisk.org/node/48562)
Version bump is quite important as it should fix some security bugs.

It seems that support for 1.2.x is over, the source code has been moved to
http://downloads.digium.com/pub/asterisk/old-releases/

I would vote for marking this bug absolute, hardmasking current "stable" 1.2.x ebuild in the portage and moving on to the next version(s).

ps. just rename my ebuild and fix src path if you still want to use 1.2

In response to Comment 6, I agree in principle - it is abundantly clear that the newer versions of asterisk need to make it out of the overlay ghetto and that 1.2 is destined is due for retirement and a well-earned pension. However, I personally don't think that 1.2 should be removed until:

1) All asterisk-related components of the voip overlay are rendered current
2) The ebuilds are reviewed, fully tested, subjected to QA procedures and committed to the portage tree

As this is presumably not going to happen overnight, I think that it would be in our best interests to have the final 1.2 release committed and the older versions removed. We should assume that some users have it operational in production, in which case we would do well to be supportive of their immediate needs. Not to mention that having security bugs drag out is never a good thing.

Although I use 1.4, I will try to allocate some time to test the revised 1.2 ebuild during the week ahead.

Comment 8 Rajiv Aaron Manglani (RETIRED) 2009-03-12 03:33:53 UTC

chainsaw added net-misc/asterisk-1.2.31.1 to the tree.

+*asterisk-1.2.31.1 (11 Mar 2009)
+
+  11 Mar 2009; <chainsaw@gentoo.org>
+  +files/1.2.0/asterisk-1.2.31.1-bri-fixups.diff,
+  +files/1.2.0/asterisk-1.2.31.1-comma-is-not-pipe.diff,
+  +files/1.2.0/asterisk-1.2.31.1-svn89254.diff, +asterisk-1.2.31.1.ebuild:
+  Version bump, for security bugs #250748 and #254304. Took a 1.4 build fix
+  that is relevant to 1.2, Digium bug #11238. Wrote patch to fix up typo in
+  open call, a comma is not a pipe sign. Used EAPI 2 for USE-based
+  dependencies instead of calling die. Patch from Mounir Lamouri adding
+  -lspeexdsp closes bug #206463 filed by John Read.