Use jabberd and qmail.

On 2/3/12, bilal ghayyad wrote:
> Hi All;
>
> Any advise for a good collaboration solution (open source)? Chat + Email
> call center.
>
> Regards
> Bilal
>
> –
> _____________________________________________________________________
> — Bandwidth and Colocation Provided by http://www.api-digital.com –
> New to Asterisk? Join us for a live introductory webinar every Thurs:
> http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
>

The Asterisk Development Team is pleased to announce the release of Asterisk 1.8.9.0. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/

The release of Asterisk 1.8.9.0 resolves several issues reported by the community and would have not been possible without your participation.

Thank you!

The following is a sample of the issues resolved in this release:

* AST-2012-001: prevent crash when an SDP offer is received with an encrypted video stream when support for video is disabled and res_srtp is loaded. (closes issue ASTERISK-19202)
Reported by: Catalin Sanda

* Handle AST_CONTROL_UPDATE_RTP_PEER frames in local bridge loop. Failing
to handle AST_CONTROL_UPDATE_RTP_PEER frames in the local bridge loop
causes the loop to exit prematurely. This causes a variety of negative side
effects, depending on when the loop exits. This patch handles the frame by
essentially swallowing the frame in the local loop, as the current channel
drivers expect the RTP bridge to handle the frame, and, in the case of the
local bridge loop, no additional action is necessary.
(closes issue ASTERISK-19095) Reported by: Stefan Schmidt Tested
by: Matt Jordan

* Fix timing source dependency issues with MOH. Prior to this patch,
res_musiconhold existed at the same module priority level as the timing
sources that it depends on. This would cause a problem when music on
hold was reloaded, as the timing source could be changed after
res_musiconhold was processed. This patch adds a new module priority
level, AST_MODPRI_TIMING, that the various timing modules are now loaded
at. This now occurs before loading other resource modules, such
that the timing source is guaranteed to be set prior to resolving
the timing source dependencies.
(closes issue ASTERISK-17474) Reporter: Luke H Tested by: Luke H,
Vladimir Mikhelson, zzsurf, Wes Van Tlghem, elguero, Thomas Arimont
Patched by elguero

* Fix RTP reference leak. If a blind transfer were initiated using a
REFER without a prior reINVITE to place the call on hold, AND if Asterisk
were sending RTCP reports, then there was a reference leak for the
RTP instance of the transferrer.
(closes issue ASTERISK-19192) Reported by: Tyuta Vitali

* Fix blind transfers from failing if an ‘h’ extension
is present. This prevents the ‘h’ extension from being run on the
transferee channel when it is transferred via a native transfer
mechanism such as SIP REFER. (closes issue ASTERISK-19173) Reported
by: Ross Beer Tested by: Kristjan Vrban Patches: ASTERISK-19173 by
Mark Michelson (license 5049)

* Restore call progress code for analog ports. Extracting sig_analog
from chan_dahdi lost call progress detection functionality. Fix
analog ports from considering a call answered immediately after
dialing has completed if the callprogress option is enabled.
(closes issue ASTERISK-18841)
Reported by: Richard Miller Patched by Richard Miller

* Fix regression that ‘rtp/rtcp set debup ip’ only works when a port
was also specified.
(closes issue ASTERISK-18693) Reported by: Davide Dal Reviewed by:
Walter Doekes

For a full list of changes in this release candidate, please see the ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.9.0

Thank you for your continued support of Asterisk!

Hello everyone,

I have noticed getting wired IPs blocked by Fail2ban. Has anyone else seen
this or can explain this?

Chain fail2ban-ASTERISK (1 references)
num target prot opt source destination
1 DROP all — 0.23.20.189 0.0.0.0/0

I also get things like, 0.0.5.2, etc….Fail2ban seems to be working when I
am testing. Are these numbers taken from the SIP packet or the TCP/IP
protocol source because they surely are not valid addresses.

Thanks

Asterisk Project Security Advisory – AST-2012-001

+————————————————————————+
| Product | Asterisk |
|———————-+————————————————-|
| Summary | SRTP Video Remote Crash Vulnerability |
|———————-+————————————————-|
| Nature of Advisory | Denial of Service |
|———————-+————————————————-|
| Susceptibility | Remote unauthenticated sessions |
|———————-+————————————————-|
| Severity | Moderate |
|———————-+————————————————-|
| Exploits Known | No |
|———————-+————————————————-|
| Reported On | 2012-01-15 |
|———————-+————————————————-|
| Reported By | Catalin Sanda |
|———————-+————————————————-|
| Posted On | 2012-01-19 |
|———————-+————————————————-|
| Last Updated On | January 19, 2012 |
|———————-+————————————————-|
| Advisory Contact | Joshua Colp < jcolp AT digium DOT com > |
|———————-+————————————————-|
| CVE Name | |
+————————————————————————+

+————————————————————————+
| Description | An attacker attempting to negotiate a secure video |
| | stream can crash Asterisk if video support has not been |
| | enabled and the res_srtp Asterisk module is loaded. |
+————————————————————————+

+————————————————————————+
| Resolution | Upgrade to one of the versions of Asterisk listed in the |
| | “Corrected In” section, or apply a patch specified in the |
| | “Patches” section. |
+————————————————————————+

+————————————————————————+
| Affected Versions |
|————————————————————————|
| Product | Release Series | |
|——————————-+—————-+———————–|
| Asterisk Open Source | 1.8.x | All versions |
|——————————-+—————-+———————–|
| Asterisk Open Source | 10.x | All versions |
+————————————————————————+

+————————————————————————+
| Corrected In |
|————————————————————————|
| Product | Release |
|——————————————+—————————–|
| Asterisk Open Source | 1.8.8.2 |
|——————————————+—————————–|
| Asterisk Open Source | 10.0.1 |
+————————————————————————+

+————————————————————————+
| Patches |
|————————————————————————|
| SVN URL |Branch|
|—————————————————————–+——|
|http://downloads.asterisk.org/pub/security/AST-2012-001-1.8.diff |v1.8 |
|—————————————————————–+——|
|http://downloads.asterisk.org/pub/security/AST-2012-001-10.diff |v10 |
+————————————————————————+

+————————————————————————+
| Links | https://issues.asterisk.org/jira/browse/ASTERISK-19202 |
+————————————————————————+

+————————————————————————+
| Asterisk Project Security Advisories are posted at |
| http://www.asterisk.org/security |
| |
| This document may be superseded by later versions; if so, the latest |
| version will be posted at |
| http://downloads.digium.com/pub/security/AST-2012-001.pdf and |
| http://downloads.digium.com/pub/security/AST-2012-001.html |
+————————————————————————+

+————————————————————————+
| Revision History |
|————————————————————————|
| Date | Editor | Revisions Made |
|—————–+——————–+———————————|
| 12-01-19 | Joshua Colp | Initial release |
+————————————————————————+

Asterisk Project Security Advisory – AST-2012-001
Copyright (c) 2012 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its
original, unaltered form.

Hello,

I can do simple, “yum install asterisk18-*” and it installs Asterisk and
Dahdi-tools/Dahdi-Linux on my OpenVZ container. Everything runs well and
smooth.

However, if I want to compile dahdi-linux on the same openvz then I get the
error, *”You do not appear to have the source for the 2.6.32-4-pve kernel
installed”.*
*
*
1- Based on above error and Google search I have concluded that dahdi-linux
module should be installed on mother node. So, I am puzzled. How does
Digium yum repository achive this without acessing the mother node?

2- Do I even need Dahdi, if the server doesn’t connect to PSTN at all and
it’s all SIP? If yes, what do I need it for?

Any feedback is much appreciated.

Thanks