asterisk-iax2-18.12.1-1.el8.1 > 6 6_6 3!y덏%!E/֡cQ] !E/֡|ikSõ>@;r[Tvo^x1׋0޺/?LHcM׻+*Y3U<ٹظÀۛ\Z0[ypm56QZ rp a:|Z|j2 J(k!O1a@ӳƩJ0qSu&d^/'{ЅXbiECFd䑰yyiGXXBG"]xC~|n`D@(m(Laa&[F5$G7`{5v2N`sGKNt-*.d1dfc9d8ab1b6e4edab2fcb39f77a792e35cb91c6d5219c47af7e04462db989ecf346b415c3ed156985d368b76d5d0b599c40307c3!y덏%!E/֡cQ] !E/֡{O`D&דDpZUbS.Ύ%ێPh1UEn8e'%H-Κ|7N? VxDG*>:Zz$j1-7-QÕ TGSJ>kf8XzCÐKX"[4f5m8:PXMmlFa my߄ XM@*h6@ǡZ!8rLɩjX%Ip 6*nX\LC f;Cty.qb^ yT.6wOqjdZ?N>~t=V+; 닋^[_i/hd/h2.QCJŰA`c1}mo1zMA{ʫ-E/ŋ׀?kRl]=֢J*ğ !J"L|#GsXerD4k;Q4}|QF'4!NEҤ6 !ʿ7C_*?>p=0? d  Adh  & 4 P  Tp@/(v89 :ZG<HXItX|Y؈\ظ]^5bٵdEeJfMlOthuۄv۠wDx`y| ܨܬCasterisk-iax218.12.11.el8.1IAX2 channel driver for AsteriskIAX2 channel driver for AsteriskcPGbuildvm-x86-07.iad2.fedoraproject.org;%Fedora ProjectFedora ProjectGPLv2Fedora ProjectUnspecifiedhttp://www.asterisk.org/linuxx86_64j\ a3hAAAcPGcPGcPGcPGcPGcPGcPGdb48763287b6ef804207497283acd495e6a2cce77bde13e5511098dc3ccf69c83c551c46a8dd392b77c1fe6b359818893692361c95ea53048ecde8b963f0bd1a321e40956318aea954e9bc0ad8a08bb48e5cf2d1aae45e7ae2bb74147ee315e0../../../../usr/lib64/asterisk/modules/chan_iax2.soasteriskasteriskrootrootrootrootrootasteriskasteriskrootrootrootrootrootasterisk-18.12.1-1.el8.1.src.rpmasterisk-iax2asterisk-iax2(x86-64)config(asterisk-iax2)@@@@@@@@@@    @asteriskconfig(asterisk-iax2)libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libgcc_s.so.1()(64bit)libgcc_s.so.1(GCC_3.0)(64bit)libgcc_s.so.1(GCC_3.3.1)(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)18.12.1-1.el8.118.12.1-1.el8.13.0.4-14.6.0-14.0-15.2-14.14.3b@bbbbbbbbbbTa@a@` @`C` @`t6@`.V`!'`@` l_^@_/@_@_@_P_P_G@_^^ϧ^I^^^&@^j$@^B@^0"@^r^@]+]]Γ@]@]@]]rJ@]9]8H@],j\h\@\y\f\R@\]I>]I-I-I-I-IH,HCH@HWH@H@H@HkmHQHO@H1kH @Gu@GGG@G@G@G߮G΋@G@G@G@GG{|Gt@Gl@GiGiGg@GcGcG_@G_@G^{G]*@GO@GB@GAzG=@G9G G m@F%@FS@F^F^F @F@FF;@F;@FF@FtF#@F@FEF@F@Fzh@FvsFvsFvsFvsFvsFu"@Fu"@Fr@FAF1F@EWE@E@E8@E7hE6@E6@E6@E2"DDD(@DWIDLDGwDGwDF&@D - 18.12.1-1.1Michal Josef Špaček - 18.12.1-1Michal Josef Špaček - 18.11.2-1Michal Josef Špaček - 18.10.1-1Michal Josef Špaček - 18.9.0-1Michal Josef Špaček - 18.8.0-1Michal Josef Špaček - 18.7.1-1Michal Josef Špaček - 18.6.0-1Michal Josef Špaček - 18.5.1-1Michal Josef Špaček - 18.4.0-1.6Jitka Plesnikova - 18.4.0-1.5Fedora Release Engineering - 18.4.0-1.4Sahana Prasad - 18.4.0-1.3Fedora Release Engineering - 18.4.0-1.2Jitka Plesnikova - 18.4.0-1.1Jared K. Smith - 18.4.0-1Jared K Smith - 18.3.0-1Jared K. Smith - 18.2.1-1Pavel Raiskup - 18.2.0-1.2Fedora Release Engineering - 18.2.0-1.1Jared K. Smith - 18.2.0-1Jared K. Smith - 18.1.0-1Jared K. Smith - 18.0.1-2Jared K. Smith - 18.0.1-1Jared K. Smith - 18.0.0-1Josef Řídký - 17.7.0-2Jared K. Smith - 17.7.0-1Josef Řídký - 17.5.0-2.3Fedora Release Engineering - 17.5.0-2.2Jitka Plesnikova - 17.5.0-2.1Jared K. Smith - 17.5.0-0.rc1.1Jared K. Smith - 17.4.0-2Jared K. Smith - 17.4.0-1Jared K. Smith - 17.4.0-0.rc2.1Jared K. Smith - 17.4.0-0.rc1.1Jared K. Smith - 17.3.0-1Jared K. Smith - 17.2.0-1Fedora Release Engineering - 17.2.0-0.rc1.2.1Tom Callaway - 17.1.0-2Jared K. Smith - 17.1.0-1Jared K. Smith - 17.1.0-0.rc1.1Jared K. Smith - 17.0.1-1Jared K. Smith - 17.0.0-2Jared K. Smith - 17.0.0-1Jared K. Smith - 16.6.1-1Jared K. Smith - 16.6.0-1Jared K. Smith - 16.5.1-1Jared K. Smith - 16.5.0-1Fedora Release Engineering - 16.4.1-2Jared K. Smith - 16.4.1-1Jitka Plesnikova - 16.4.0-2Jared K. Smith - 16.4.0-1Jared K. Smith - 16.2.1-1Jared K. Smith - 16.2.0-1Fedora Release Engineering - 16.1.0-4Björn Esser - 16.1.0-3Björn Esser - 16.1.0-2Jared Smith - 16.1.0-1Jared Smith - 16.0.1-1Jared Smith - 16.0.0-1Jared K. Smith - 15.5.0-1Jitka Plesnikova - 15.4.1-2Jared K. Smith - 15.4.1-1Jared K. Smith - 15.4.0-1jsmith - 15.3.0-1Jared Smith - 15.2.2-2Jared Smith - 15.2.2-1Jared Smith - 15.2.1-3Jared Smith - 15.2.1-2Jared Smith - 15.2.1-1Igor Gnatenko - 15.2.0-5Fedora Release Engineering - 15.2.0-4Jared Smith - 15.2.0-3Björn Esser - 15.2.0-2Jared Smith - 15.2.0-1Jared Smith - 15.1.5-1Jared Smith - 15.1.4-2Jared Smith - 15.1.4-1Jared Smith - 15.1.3-1Jared Smith - 15.1.2-1Jared Smith - 15.1.1-1Jared Smith - 15.1.0-1Jared Smith - 15.0.0-1Jared Smith - 14.6.2-1Jared Smith - 14.6.1-6Jared Smith - 14.6.1-5Jared Smith - 14.6.1-4Jared Smith - 14.6.1-3Jared Smith - 14.6.1-1Jared Smith - 14.6.0-2Jared Smith - 14.6.0-1Fedora Release Engineering - 14.5.0-4Fedora Release Engineering - 14.5.0-3Till Maas - 14.5.0-2Jared Smith - 14.5.0-1Jitka Plesnikova - 13.11.2-1.2Fedora Release Engineering - 13.11.2-1.1Jared Smith - 13.11.2-1Jared Smith - 13.11.1-1Jitka Plesnikova - 13.9.1-1.1Jared Smith - 13.9.1-1Jared Smith - 13.7.2-2.1Michal Toman - 13.7.2-2Jared Smith - 13.7.2-1Jared Smith - 13.7.1-2Jared Smith - 13.7.1-1Fedora Release Engineering - 13.3.2-3.1Jared Smith - 13.3.2-3Robert Scheck - 13.3.2-2Fedora Release Engineering - 13.3.2-1.2Jitka Plesnikova - 13.3.2-1.1Jeffrey C. Ollie - 13.3.2-1:Jeffrey C. Ollie - 13.3.1-1:Jeffrey C. Ollie - 13.3.0-1:Jeffrey C. Ollie - 13.2.0-1:Jeffrey C. Ollie - 13.1.1-1:Jeffrey C. Ollie - 13.1.0-1Peter Robinson 13.0.2-3Tom Callaway - 13.0.2-2Jeffrey C. Ollie - 13.0.2-1Jeffrey C. Ollie - 13.0.1-1Jeffrey C. Ollie - 13.0.0-1Tom Callaway - 11.13.1-2Jeffrey C. Ollie - 11.13.1-1Jeffrey C. Ollie - 11.13.0-1Jeffrey C. Ollie - 11.12.1-1Jeffrey C. Ollie - 11.12.0-1Jeffrey C. Ollie - 11.11.0-1Jitka Plesnikova - 11.10.2-2.2Fedora Release Engineering - 11.10.2-2.1Jeffrey Ollie - 11.10.2-2:Jeffrey Ollie - 11.10.2-1:Jeffrey Ollie - 11.10.1-1:Jeffrey Ollie - 11.10.0-1:Fedora Release Engineering - 11.9.0-2.1Dennis Gilmore - 11.9.0-2Jeffrey Ollie - 11.9.0-1:Jeffrey Ollie - 11.8.1-1:Jeffrey Ollie - 11.8.0-1:Jeffrey Ollie - 11.7.0-1:Jeffrey Ollie - 11.6.1-1:Jeffrey Ollie - 11.6.0-1:Jeffrey Ollie - 11.5.1-3:Jeffrey Ollie - 11.5.1-2:Jeffrey Ollie - 11.5.1-1:Fedora Release Engineering - 11.4.0-2.2Petr Pisar - 11.4.0-2.1Rex Dieter 11.4.0-2Jeffrey Ollie - 11.4.0-1:Tom Callaway - 11.3.0-2:Jeffrey Ollie - 11.3.0-1:Jeffrey Ollie - 11.2.2-1:Jeffrey Ollie - 11.2.1-1:Jeffrey Ollie - 11.2.0-1:Jeffrey Ollie - 11.1.2-1:Jeffrey Ollie - 11.1.1-1:Jeffrey Ollie - 11.1.0-1:Jeffrey Ollie - 11.0.2-1:Dan Horák - 11.0.1-3Dennis Gilmore - 11.0.1-2Jeffrey Ollie - 11.0.1-1Jeffrey Ollie - 11.0.0-1:Jeffrey Ollie - 11.0.0-0.7.rc2:Jeffrey Ollie - 11.0.0-0.6.rc1Jeffrey Ollie - 11.0.0-0.5.beta2Jeffrey Ollie - 11.0.0-0.4.beta2Jeffrey Ollie - 10.8.0-1Dan Horák - 11.0.0-0.3.beta1Dan Horák - 10.7.1-2Jeffrey Ollie - 10.7.1-1Jeffrey Ollie - 10.7.0-1Jeffrey Ollie - 10.6.1-1Jeffrey Ollie - 10.6.0-1Jeffrey Ollie - 11.0.0-0.2.beta1Fedora Release Engineering - 10.5.2-1.2Petr Pisar - 10.5.2-1.1Jeffrey Ollie - 10.5.2-1:Petr Pisar - 10.5.1-1.1Jeffrey Ollie - 10.5.1-1Jeffrey Ollie - 10.5.0-1Petr Pisar - 10.4.2-1.1Jeffrey Ollie - 10.4.2-1Jeffrey Ollie - 10.4.1-1Jeffrey Ollie - 10.4.0-1Jeffrey Ollie - 10.3.1-1Russell Bryant - 10.3.0-1Russell Bryant - 10.2.1-1Jeffrey C. Ollie - 10.1.2-2Jeffrey C. Ollie - 10.1.2-1Jeffrey C. Ollie - 10.1.1-1Jeffrey C. Ollie - 10.1.0-1Russell Bryant - 10.0.0-2Fedora Release Engineering - 10.0.0-1.1Jeffrey C. Ollie - 10.0.0-1Jeffrey C. Ollie - 10.0.0-1Jeffrey C. Ollie - 10.0.0-0.7.rc3Jeffrey C. Ollie - 10.0.0-0.6.rc2Jeffrey C. Ollie - 10.0.0-0.5.rc1Jeffrey C. Ollie - 10.0.0-0.4.beta2Jeffrey C. Ollie - 10.0.0-0.3.beta2Jeffrey C. Ollie - 10.0.0-0.2.beta2Jeffrey C. Ollie - 10.0.0-0.1.beta1Petr Sabata - 1.8.5.0-1.2Petr Sabata - 1.8.5.0-1.1Jeffrey C. Ollie - 1.8.5.0-1Jeffrey C. Ollie - 1.8.5-0.2Jeffrey C. Ollie - 1.8.5-0.1.rc1Jeffrey C. Ollie - 1.8.5-0.1.rc1Jeffrey C. Ollie - 1.8.4.4-2Jeffrey C. Ollie - 1.8.4.4-1Jeffrey C. Ollie - 1.8.4.3-3Jeffrey C. Ollie - 1.8.4.3-2Jeffrey C. Ollie - 1.8.4.3-1Jeffrey C. Ollie - 1.8.4.2-2Marcela Mašláňová - 1.8.4.2-1.2Marcela Mašláňová - 1.8.4.2-1.1Jeffrey C. Ollie - 1.8.4.2-1:Jeffrey C. Ollie - 1.8.3.3-1Jeffrey C. Ollie - 1.8.3.2-2Jeffrey C. Ollie - 1.8.3.2-1Jeffrey C. Ollie - 1.8.3.1-1 - 1.8.3-1 - 1.8.3-0.7.rc3Jeffrey C. Ollie - 1.8.3-0.6.rc2Jeffrey C. Ollie - 1.8.3-0.5.rc2Jeffrey C. Ollie - 1.8.3-0.4.rc2Fedora Release Engineering - 1.8.3-0.3.rc2Jeffrey C. Ollie - 1.8.3-0.2.rc2Jeffrey C. Ollie - 1.8.3-0.1.rc1Jeffrey C. Ollie - 1.8.2.3-1Jeffrey C. Ollie - 1.8.2.2-2Jeffrey C. Ollie - 1.8.2.2-1Jeffrey C. Ollie - 1.8.2.1-1Jeffrey C. Ollie - 1.8.2-1Jeffrey C. Ollie - 1.8.1.1-1Jeffrey C. Ollie - 1.8.1-1Dennis Gilmore - 1.8.0-6Dennis Gilmore - 1.8.0-5Dennis Gilmore - 1.8.0-4Jeffrey C. Ollie - 1.8.0-3Jeffrey C. Ollie - 1.8.0-2Jeffrey C. Ollie - 1.8.0-1Jeffrey C. Ollie - 1.8.0-0.8.rc5:Jeffrey C. Ollie - 1.8.0-0.7.rc3Jeffrey C. Ollie - 1.8.0-0.6.rc2Jeffrey C. Ollie - 1.8.0-0.5.beta5Jeffrey C. Ollie - 1.8.0-0.4.beta4Jeffrey C. Ollie - 1.8.0-0.3.beta3Jeffrey C. Ollie - 1.8.0-0.2.beta2Jeffrey C. Ollie - 1.8.0-0.1.beta2Jeffrey C. Ollie - 1.6.2.10-1Jeffrey C. Ollie - 1.6.2.8-0.3.rc1Marcela Maslanova - 1.6.2.8-0.2.rc1Jeffrey C. Ollie - 1.6.2.7-1Jeffrey C. Ollie - 1.6.2.7-0.2.rc3Jeffrey C. Ollie - 1.6.2.7-0.1.rc2Jeffrey C. Ollie - 1.6.2.6-1Jeffrey C. Ollie - 1.6.2.6-0.1.rc2Jeffrey C. Ollie - 1.6.2.5-2Jeffrey C. Ollie - 1.6.2.5-1Jeffrey C. Ollie - 1.6.2.4-1Jeffrey C. Ollie - 1.6.2.2-1Jeffrey C. Ollie - 1.6.2.1-1Jeffrey C. Ollie - 1.6.2.1-0.1.rc1Jeffrey C. Ollie - 1.6.2.0-1Jeffrey C. Ollie - 1.6.2.0-0.16.rc8Jeffrey C. Ollie - 1.6.2.0-0.15.rc7Jeffrey C. Ollie - 1.6.2.0-0.14.rc6Jeffrey C. Ollie - 1.6.2.0-0.13.rc6Jeffrey C. Ollie - 1.6.2.0-0.12.rc6Jeffrey C. Ollie - 1.6.2.0-0.11.rc5Jeffrey C. Ollie - 1.6.2.0-0.10.rc4Jeffrey C. Ollie - 1.6.2.0-0.9.rc3Jeffrey C. Ollie - 1.6.2.0-0.8.rc3Jeffrey C. Ollie - 1.6.2.0-0.7.rc3Jeffrey C. Ollie - 1.6.2.0-0.6.rc3Jeffrey C. Ollie - 1.6.2.0-0.5.rc3Jeffrey C. Ollie - 1.6.2.0-0.4.rc3Jeffrey C. Ollie - 1.6.2.0-0.3.rc2Jeffrey C. Ollie - 1.6.2.0-0.2.rc2Jeffrey C. Ollie - 1.6.2.0-0.1.rc2Jeffrey C. Ollie - 1.6.1.6-2Jeffrey C. Ollie - 1.6.1.6-1Jeffrey C. Ollie - 1.6.1-0.26.rc1Tomas Mraz - 1.6.1-0.25.rc1Fedora Release Engineering - 1.6.1-0.24.rc1Jeffrey C. Ollie - 1.6.1-0.23.rc1Fedora Release Engineering - 1.6.1-0.22.rc1Jeffrey C. Ollie - 1.6.1-0.21.rc1Tomas Mraz - 1.6.1-0.13.beta4Jeffrey C. Ollie - 1.6.1-0.12.beta4Jeffrey C. Ollie - 1.6.1-0.10.beta4Jeffrey C. Ollie - 1.6.1-0.9.beta4Jeffrey C. Ollie - 1.6.1-0.8.beta4Jeffrey C. Ollie - 1.6.1-0.7.beta3Alex Lancaster - 1.6.1-0.6.beta2Jeffrey C. Ollie - 1.6.1-0.5.beta2Jeffrey C. Ollie - 1.6.1-0.4.beta2Jeffrey C. Ollie - 1.6.1-0.3.beta2Jeffrey C. Ollie - 1.6.1-0.2.beta2Jeffrey C. Ollie - 1.6.0.1-3Jeffrey C. Ollie - 1.6.0.1-2Jeffrey C. Ollie - 1.6.0-1- Bastien Nocera - 1.6.0-0.22.beta9Jeffrey C. Ollie - 1.6.0-0.21.beta9Jeffrey C. Ollie - 1.6.0-0.20.beta9Jeffrey C. Ollie - 1.6.0-0.19.beta9Jeffrey C. Ollie - 1.6.0-0.18.beta9Jeffrey C. Ollie - 1.6.0-0.17.beta9Jeffrey C. Ollie - 1.6.0-0.16.beta9Jeffrey C. Ollie - 1.6.0-0.15.beta9Jeffrey C. Ollie - 1.6.0-0.14.beta9Jeffrey C. Ollie - 1.6.0-0.13.beta8Jeffrey C. Ollie - 1.6.0-0.12.beta7.1Jeffrey C. Ollie - 1.6.0-0.11.beta7.1Jeffrey C. Ollie - 1.6.0-0.10.beta7Jeffrey C. Ollie - 1.6.0-0.9.beta6Jeffrey C. Ollie - 1.6.0-0.8.beta6Jeffrey C. Ollie - 1.6.0-0.6.beta6Tom "spot" Callaway - 1.6.0-0.5.beta5Jeffrey C. Ollie - 1.6.0-0.4.beta5Jeffrey C. Ollie - 1.6.0-0.3.beta4Jeffrey C. Ollie - 1.6.0-0.2.beta4Jeffrey C. Ollie - 1.6.0-0.1.beta4Jeffrey C. Ollie - 1.4.18-1Jeffrey C. Ollie - 1.4.17-1Jeffrey C. Ollie - 1.4.16.2-1Jeffrey C. Ollie - 1.4.16.1-2Jeffrey C. Ollie - 1.4.16.1-1Jeffrey C. Ollie - 1.4.16-2Jeffrey C. Ollie - 1.4.16-1Jeffrey C. Ollie - 1.4.15-7Jeffrey C. Ollie - 1.4.15-6Jeffrey C. Ollie - 1.4.15-5Jeffrey C. Ollie - 1.4.15-4Jeffrey C. Ollie - 1.4.15-3Jeffrey C. Ollie - 1.4.15-2Jeffrey C. Ollie - 1.4.15-1Jeffrey C. Ollie - 1.4.14-2Jeffrey C. Ollie - 1.4.14-1Jeffrey C. Ollie - 1.4.13-7Jeffrey C. Ollie - 1.4.13-6Jeffrey C. Ollie - 1.4.13-1Jeffrey C. Ollie - 1.4.12.1-1Jeffrey C. Ollie - 1.4.11-1Jeffrey C. Ollie - 1.4.10.1-1Jeffrey C. Ollie - 1.4.10-1Jeffrey C. Ollie - 1.4.9-7Jeffrey C. Ollie - 1.4.9-6Jeffrey C. Ollie - 1.4.9-5Jeffrey C. Ollie - 1.4.9-4Jeffrey C. Ollie - 1.4.9-3Jeffrey C. Ollie - 1.4.9-2Jeffrey C. Ollie - 1.4.9-1Jeffrey C. Ollie - 1.4.8-1Jeffrey C. Ollie - 1.4.7.1-1Jeffrey C. Ollie - 1.4.7-1Jeffrey C. Ollie - 1.4.6-4Jeffrey C. Ollie - 1.4.6-3Jeffrey C. Ollie - 1.4.6-2Jeffrey C. Ollie - 1.4.6-1Jeffrey C. Ollie - 1.4.5-10Jeffrey C. Ollie - 1.4.5-9Jeffrey C. Ollie - 1.4.5-8Jeffrey C. Ollie - 1.4.5-7Jeffrey C. Ollie - 1.4.5-6Jeffrey C. Ollie - 1.4.5-5Jeffrey C. Ollie - 1.4.5-4Jeffrey C. Ollie - 1.4.5-3Jeffrey C. Ollie - 1.4.5-1Jeffrey C. Ollie - 1.4.4-2Jeffrey C. Ollie - 1.4.4-1Jeffrey C. Ollie - 1.4.2-1Jeffrey C. Ollie - 1.4.1-2Jeffrey C. Ollie - 1.4.1-1Jeffrey C. Ollie - 1.4.0-6.beta4Jeffrey C. Ollie - 1.4.0-5.beta3Jeffrey C. Ollie - 1.4.0-4.beta3Jeffrey C. Ollie - 1.4.0-3.beta3Jeffrey C. Ollie - 1.4.0-2.beta3Jeffrey C. Ollie - 1.4.0-1.beta3Jeffrey C. Ollie - 1.4.0-0.beta2Jeffrey C. Ollie - 1.2.10-1Jeffrey C. Ollie - 1.2.9.1Jeffrey C. Ollie - 1.2.8Jeffrey C. Ollie - 1.2.7.1-6Jeffrey C. Ollie - 1.2.7.1-5Jeffrey C. Ollie - 1.2.7.1-4Jeffrey C. Ollie - 1.2.7.1-3Jeffrey C. Ollie - 1.2.7.1-2Jeffrey C. Ollie - 1.2.7-1Jeffrey C. Ollie - 1.2.6-3Jeffrey C. Ollie - 1.2.6-2Jeffrey C. Ollie - 1.2.6-1Jeffrey C. Ollie - 1.2.5-1Jeffrey C. Ollie - 1.2.4-4Jeffrey C. Ollie - 1.2.4-3Jeffrey C. Ollie - 1.2.4-2Jeffrey C. Ollie - 1.2.4-1Jeffrey C. Ollie - 1.2.3-4Jeffrey C. Ollie - 1.2.3-3Jeffrey C. Ollie - 1.2.3-2Jeffrey C. Ollie - 1.2.3-1- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild- Update to upstream 18.12.1 release.- Update to upstream 18.11.2 release.- Update to upstream 18.10.1 release.- Update to upstream 18.9.0 release.- Update to upstream 18.8.0 release.- Update to upstream 18.7.1 release.- Update to upstream 18.6.0 release.- Update to upstream 18.5.1 release.- Fix build (#1977579)- Perl 5.36 rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild- Rebuilt with OpenSSL 3.0.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild- Perl 5.34 rebuild- Update to upstream 18.4.0 release for bug fixes- Update to upstream 18.3.0 release for security updates and bug fixes- Update to upstream 18.2.1 release for security updates, related to: - AST-2021-001/CVE-2020-35776: Remote crash in res_pjsip_diversion - AST-2021-002/CVE-2021-26717: Remote crash possible when negotiating T.38 - AST-2021-003/CVE-2021-26712: Remote attacker could prematurely tear down SRTP calls - AST-2021-004/CVE-2021-26714: An unsuspecting user could crash Asterisk with multiple hold/unhold requests - AST-2021-005/CVE-2021-26906: Remote Crash Vulnerability in PJSIP channel driver- rebuild for libpq ABI fix rhbz#1908268- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild- Update to upstream 18.2.0 release for security fixes, bug fixes, and features- Update to upstream 18.1.0 release for bug fixes and features- Add dependency on sox- Update to 18.0.1 release for AST-2020-001 and AST-2020-002 security fixes- Update to upstream 18.0.0 release for new features- Rebuilt for new net-snmp release- Update to upstream 17.7.0 release- Rebuilt for new net-snmp release- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild- Perl 5.32 rebuild - Add missing source files- Update to upststream 7.5.0-rc1 release for testing- app_page no longer depends on app_meetme- Update to upstream 7.4.0 release for bug fixes- Update to upstream 7.4.0-rc2- Update to upstream 7.4.0 RC 1- Update to upstream 7.3.0 release for bug fixes- Update to upstream 7.2.0 release for bug fixes- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild- rebuild for libsrtp2- Update to upstream 17.1.0 release for security and bug fixes- Update to upstream 17.1.0 pre-release for security and bug fixes- Update to upstream 17.0.1 release for AST-2019-006, AST-2019-007, AST-2019-008 security updates- Move from python2 to python3- Update to upstream 17.0.0 release for new features- Update to upstream 16.6.1 for bug fixes - Work on building in EPEL-7 and EPEL-8- Update to upstream 16.6.0 for security and bug fixes - Update to using bundled pjproject release 2.9- Update for upstream security release 16.5.1, with AST-2019-004 and AST-2019-005- Update to upstream 16.5.0 release for security and bug fixes- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild- Update to upstream 16.4.1 release for security updates AST-2019-002 and AST-2019-003 related to remote crash vulnerabilities- Perl 5.30 rebuild- Update to upstream 16.4.0 release for bug fixes- Update to upstream 16.2.1 release for security / CVE-2019-7251 / AST-2019-001- Update to upstream 16.2.0 release for bug fixes- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild- Rebuilt for libcrypt.so.2 (#1666033)- Add patch to explicitly use python2 shebangs- Update to upstream 16.1.0 security release- Update to upstream 16.0.1 security release- Update to upstream 16.0.0 release- Update to upstream 15.5.0 release for security and bug fixes- Perl 5.28 rebuild- Update to upstream 15.4.1 release for AST-2018-007 and AST-2018-008 security issues- Update to upstream 15.4.0 release- Update to upstream 15.3.0 release- Update asterisk.service to wait for the network to come up- Update to upstream 15.2.2 release for security updates - This update addresses security alerts AST-2018-001 through AST-2018-006 - Upstream changelog at https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-15.2.2- Verify GPG signatures on source packages- Add missing BuildRequires on gcc/gcc-c++- Update to upstream 15.2.1 release- Escape macros in %changelog- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Update requirements for systemd- Rebuilt for switch to libxcrypt- Update to upstream 15.2.0 release - Upstream changelog at http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-15.2.0- Update to upstream 15.1.5 release for AST-2017-014/CVE-2017-17850 security issue- Require mariadb-connector-c-devel, see RHBZ#1488483- Update to upstream 15.1.4 release for AST-2017-012 security issue- Update to upstream 15.1.3 release for security issue AST-2017-013- Update to upstream 15.1.2 release- Update to upstream 15.1.1 release for AST-2017-09, AST-2017-010, and AST-2017-011 security updates- Update to upstream 15.1.0 release- Update to upstream 15.0.0 release- Update to upstream 14.6.2 release- Re-enable corosync, see RHBZ#1478089- Add dependency on unbound-devel for res_resolver_unbound- Disable corosync modules until corosync works in ppc64le again- Fix MySQL header path (due to change in mariadb-devel patckage)- Update to upstream 14.6.1 release - Solves AST-2017-005, AST-2017-006, and AST-2017-007 security issues- Add perl to BuildRequires- Update to upstream 14.6.0 release - Re-enable radius sub-packages- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Excludearch s390x- Update to upstream 14.5.0 release- Perl 5.26 rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild- Update to upstream 13.11.2 bug-fix release- Stop building the -radius subpackage, due to orphaned freeradius-client dependency - Update to upstream 13.11.1 security release for AST-2016-006 and AST-2016-007- Perl 5.24 rebuild- Update to upstream 13.9.1 release - Use bootstrap.sh instead of calling autoconf tools manually - Fix up shifting pjproject submodules - Fix up requires on speexdsp-devel for EPEL7 (RHBZ#1310444)- Fix alembic requirement- Do not use -m32/-m64 on MIPS- Update to upstream release 13.7.2 to fix ASTERISK-25702- Create sub-package for alembic scripts- Update to upstream 13.7.1 release for security fixes - Resolves AST-2016-001: BEAST vulnerability in HTTP server - Resolves AST-2016-002: File descriptor exhaustion in chan_sip - Resolves AST-2016-003: Remote crash vulnerability receiving UDPTL FAX data - Full changelog at http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.7.1 - Also build the 'radius' sub-package against freeradius-client-devel, as the radiusclient-ng project is dead- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Remove %defattr macro invocations, as they are no longer needed- Rebuild for libical 2.0.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild- Perl 5.22 rebuild- The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28, 11.6, and 13.1 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-5, 1.8.32.3, 11.6-cert11, - 11.17.1, 12.8.2, 13.1-cert2, and 13.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2015-003: TLS Certificate Common name NULL byte exploit - - When Asterisk registers to a SIP TLS device and and verifies the server, - Asterisk will accept signed certificates that match a common name other than - the one Asterisk is expecting if the signed certificate has a common name - containing a null byte after the portion of the common name that Asterisk - expected. This potentially allows for a man in the middle attack. - - For more information about the details of this vulnerability, please read - security advisory AST-2015-003, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert11 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-13.1-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.3.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-003.pdf- The Asterisk Development Team has announced the release of Asterisk 13.3.1. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 13.3.1 resolves an issue reported by the - community and would have not been possible without your participation. - Thank you! - - The following is the issue resolved in this release: - - * --- pjsip: resolve compatibility problem with ast_sip_session - (Closes issue ASTERISK-24941. Reported by Matt Jordan) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-13.3.1- The Asterisk Development Team has announced the release of Asterisk 13.3.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 13.3.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-24703 - ARI: Add the ability to "transfer" (redirect) a - channel (Reported by Matt Jordan) - * ASTERISK-17899 - Handle crypto lifetime in SDES-SRTP negotiation - (Reported by Dwayne Hubbard) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24616 - Crash in res_format_attr_h264 due to invalid - string copy (Reported by Yura Kocyuba) - * ASTERISK-24748 - res_pjsip: If wizards explicitly configured in - sorcery.conf false ERROR messages may occur (Reported by Joshua - Colp) - * ASTERISK-24769 - res_pjsip_sdp_rtp: Local ICE candidates leaked - (Reported by Matt Jordan) - * ASTERISK-24742 - [patch] Fix ast_odbc_find_table function in - res_odbc (Reported by ibercom) - * ASTERISK-24479 - Enable REF_DEBUG for module references - (Reported by Corey Farrell) - * ASTERISK-24701 - Stasis: Write timeout on WebSocket fails to - fully disconnect underlying socket, leading to events being - dropped with no additional information (Reported by Matt Jordan) - * ASTERISK-24772 - ODBC error in realtime sippeers when device - unregisters under MariaDB (Reported by Richard Miller) - * ASTERISK-24752 - Crash in bridge_manager_service_req when bridge - is destroyed by ARI during shutdown (Reported by Richard - Mudgett) - * ASTERISK-24741 - dtls_handler causes Asterisk to crash (Reported - by Zane Conkle) - * ASTERISK-24015 - app_transfer fails with PJSIP channels - (Reported by Private Name) - * ASTERISK-24727 - PJSIP: Crash experienced during multi-Asterisk - transfer scenario. (Reported by Mark Michelson) - * ASTERISK-24771 - ${CHANNEL(pjsip)} - segfault (Reported by - Niklas Larsson) - * ASTERISK-24716 - Improve pjsip log messages for presence - subscription failure (Reported by Rusty Newton) - * ASTERISK-24612 - res_pjsip: No information if a required sorcery - wizard is not loaded (Reported by Joshua Colp) - * ASTERISK-24768 - res_timing_pthread: file descriptor leak - (Reported by Matthias Urlichs) - * ASTERISK-24685 - "pjsip show version" CLI command (Reported by - Joshua Colp) - * ASTERISK-24632 - install_prereq script installs pjproject - without IPv6 support (Reported by Rusty Newton) - * ASTERISK-24085 - Documentation - We should remove or further - document the 'contact' section in pjsip.conf (Reported by Rusty - Newton) - * ASTERISK-24791 - Crash in ast_rtcp_write_report (Reported by - JoshE) - * ASTERISK-24700 - CRASH: NULL channel is being passed to - ast_bridge_transfer_attended() (Reported by Zane Conkle) - * ASTERISK-24451 - chan_iax2: reference leak in sched_delay_remove - (Reported by Corey Farrell) - * ASTERISK-24799 - [patch] make fails with undefined reference to - SSLv3_client_method (Reported by Alexander Traud) - * ASTERISK-22670 - Asterisk crashes when processing ISDN AoC - Events (Reported by klaus3000) - * ASTERISK-24689 - Segfault on hangup after outgoing PRI-Euroisdn - call (Reported by Marcel Manz) - * ASTERISK-24740 - [patch]Segmentation fault on aoc-e event - (Reported by Panos Gkikakis) - * ASTERISK-24787 - [patch] - Microsoft exchange incompatibility - for playing back messages stored in IMAP - play_message: No - origtime (Reported by Graham Barnett) - * ASTERISK-24814 - asterisk/lock.h: Fix syntax errors for non-gcc - OSX with 64 bit integers (Reported by Corey Farrell) - * ASTERISK-24796 - Codecs and bucket schema's prevent module - unload (Reported by Corey Farrell) - * ASTERISK-24724 - 'httpstatus' Web Page Produces Incomplete HTML - (Reported by Ashley Sanders) - * ASTERISK-24499 - Need more explicit debug when PJSIP dialstring - is invalid (Reported by Rusty Newton) - * ASTERISK-24785 - 'Expires' header missing from 200 OK on - REGISTER (Reported by Ross Beer) - * ASTERISK-24677 - ARI GET variable on channel provides unhelpful - response on non-existent variable (Reported by Joshua Colp) - * ASTERISK-24797 - bridge_softmix: G.729 codec license held - (Reported by Kevin Harwell) - * ASTERISK-24812 - ARI: Creating channels through /channels - resource always uses SLIN, which results in unneeded transcoding - (Reported by Matt Jordan) - * ASTERISK-24800 - Crash in __sip_reliable_xmit due to invalid - thread ID being passed to pthread_kill (Reported by JoshE) - * ASTERISK-17721 - Incoming SRTP calls that specify a key lifetime - fail (Reported by Terry Wilson) - * ASTERISK-23214 - chan_sip WARNING message 'We are requesting - SRTP for audio, but they responded without it' is ambiguous and - wrong in some cases (Reported by Rusty Newton) - * ASTERISK-15434 - [patch] When ast_pbx_start failed, both an - error response and BYE are sent to the caller (Reported by - Makoto Dei) - * ASTERISK-18105 - most of asterisk modules are unbuildable in - cygwin environment (Reported by feyfre) - * ASTERISK-24828 - Fix Frame Leaks (Reported by Kevin Harwell) - * ASTERISK-24751 - Integer values in json payload to ARI cause - asterisk to crash (Reported by jeffrey putnam) - * ASTERISK-24838 - chan_sip: Locking inversion occurs when - building a peer causes a peer poke during request handling - (Reported by Richard Mudgett) - * ASTERISK-24825 - Caller ID not recognized using - Centrex/Distinctive dialing (Reported by Richard Mudgett) - * ASTERISK-24830 - res_rtp_asterisk.c checks USE_PJPROJECT not - HAVE_PJPROJECT (Reported by Stefan Engström) - * ASTERISK-24840 - res_pjsip: conflicting endpoint identifiers - (Reported by Kevin Harwell) - * ASTERISK-24755 - Asterisk sends unexpected early BYE to - transferrer during attended transfer when using a Stasis bridge - (Reported by John Bigelow) - * ASTERISK-24739 - [patch] - Out of files -- call fails -- - numerous files with inodes from under /usr/share/zoneinfo, - mostly posixrules (Reported by Ed Hynan) - * ASTERISK-23390 - NewExten Event with application AGI shows up - before and after AGI runs (Reported by Benjamin Keith Ford) - * ASTERISK-24786 - [patch] - Asterisk terminates when playing a - voicemail stored in LDAP (Reported by Graham Barnett) - * ASTERISK-24808 - res_config_odbc: Improper escaping of - backslashes occurs with MySQL (Reported by Javier Acosta) - * ASTERISK-24807 - Missing mandatory field Max-Forwards (Reported - by Anatoli) - * ASTERISK-20850 - [patch]Nested functions aren't portable. - Adapting RAII_VAR to use clang/llvm blocks to get the - same/similar functionality. (Reported by Diederik de Groot) - * ASTERISK-24872 - [patch] AMI PJSIPShowEndpoint closes AMI - connection on error (Reported by Dmitriy Serov) - * ASTERISK-19470 - Documentation on app_amd is incorrect (Reported - by Frank DiGennaro) - * ASTERISK-21038 - Bad command completion of "core set debug - channel" (Reported by Richard Kenner) - * ASTERISK-18708 - func_curl hangs channel under load (Reported by - Dave Cabot) - * ASTERISK-16779 - Cannot disallow unknown format '' (Reported by - Atis Lezdins) - * ASTERISK-24876 - Investigate reference leaks from - tests/channels/local/local_optimize_away (Reported by Corey - Farrell) - * ASTERISK-24882 - chan_sip: Improve usage of REF_DEBUG (Reported - by Corey Farrell) - * ASTERISK-24817 - init_logger_chain: unreachable code block - (Reported by Corey Farrell) - * ASTERISK-24880 - [patch]Compilation under OpenBSD (Reported by - snuffy) - * ASTERISK-24879 - [patch]Compilation fails due to 64bit time - under OpenBSD (Reported by snuffy) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24745 - [patch]Add no_answer to ARI hangup causes - (Reported by Ben Merrills) - * ASTERISK-24811 - asterisk-publication sorcery object does not - use realtime (Reported by Matt Hoskins) - * ASTERISK-24790 - Reduce spurious noise in logs from voicemail - - Couldn't find mailbox %s in context (Reported by Graham Barnett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-13.3.0- The Asterisk Development Team has announced the release of Asterisk 13.2.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 13.2.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24342 - PJSIP: Qualifying endpoints attempts to do them - all at the same time. (Reported by Richard Mudgett) - * ASTERISK-24514 - res_pjsip_outbound_registration: stack overflow - when using non-default sorcery wizard (Reported by Kevin - Harwell) - * ASTERISK-24472 - Asterisk Crash in OpenSSL when calling over WSS - from JSSIP (Reported by Badalian Vyacheslav) - * ASTERISK-24607 - res_pjsip_session: re-INVITE with declined - media streams results in 488 (Reported by Matt Jordan) - * ASTERISK-24563 - Direct Media calls within private network - sometimes get one way audio (Reported by Kevin Harwell) - * ASTERISK-24604 - res_rtp_asterisk: Crash during restart due to - race condition in accessing codec in stored ast_frame and codec - core (Reported by Matt Jordan) - * ASTERISK-24614 - Deadlock when DEBUG_THREADS compiler flag - enabled (Reported by Richard Mudgett) - * ASTERISK-24449 - Reinvite for T.38 UDPTL fails if SRTP is - enabled (Reported by Andreas Steinmetz) - * ASTERISK-24619 - [patch]Gcc 4.10 fixes in r413589 (1.8) wrongly - casts char to unsigned int (Reported by Walter Doekes) - * ASTERISK-24536 - AMI redirect with PJSIP fails to move extra - channel (Reported by Niklas Larsson) - * ASTERISK-24459 - bridge_native_rtp: Native RTP bridging is - chosen for RTP compatible channels when the DTMF mode is not - compatible (Reported by Yaniv Simhi) - * ASTERISK-24337 - Spammy DEBUG message needs to be at a higher - level - 'Remote address is null, most likely RTP has been - stopped' (Reported by Rusty Newton) - * ASTERISK-24513 - Local channel apparently leaked in off-nominal - DTMF attended transfer (Reported by Mark Michelson) - * ASTERISK-23733 - 'reload acl' fails if acl.conf is not present - on startup (Reported by Richard Kenner) - * ASTERISK-24628 - [patch] chan_sip - CANCEL is sent to wrong - destination when 'sendrpid=yes' (in proxy environment) (Reported - by Karsten Wemheuer) - * ASTERISK-23841 - DTMF atxfer doesn't set CallerID for the recall - calls to the transferrer. (Reported by Richard Mudgett) - * ASTERISK-24376 - res_pjsip_refer: REFER request for remote - session attempts to direct channel to external_replaces - extension instead of context, without providing for the - Referred-To SIP URI (Reported by Matt Jordan) - * ASTERISK-24591 - Stasis() side of an ARI originated channel - cannot be Redirected (Reported by Kinsey Moore) - * ASTERISK-24049 - Asterisk Manager Interface: A number of list - type responses aren't using astman_send_listack (Reported by - Jonathan Rose) - * ASTERISK-24637 - Channel re-enters Stasis() when it should not - (Reported by John Bigelow) - * ASTERISK-24474 - sip_to_pjsip.py lacks documentation and does - not function (Reported by John Kiniston) - * ASTERISK-24672 - [PATCH] Memory leak in func_curl CURLOPT - (Reported by Kristian Høgh) - * ASTERISK-20744 - [patch] Security event logging does not work - over syslog (Reported by Michael Keuter) - * ASTERISK-24665 - Configure check required for - pjsip_get_dest_info() (Reported by Mark Michelson) - * ASTERISK-23850 - Park Application does not respect Return - Context Priority (Reported by Andrew Nagy) - * ASTERISK-23991 - [patch]asterisk.pc file contains a small error - in the CFlags returned (Reported by Diederik de Groot) - * ASTERISK-24655 - res_pjsip_outbound_publish: Hang on shutdown - while attempting to publish (Reported by Kevin Harwell) - * ASTERISK-24485 - res_pjsip cannot be unloaded or shutdown - (Reported by Corey Farrell) - * ASTERISK-24663 - [patch] Unnamed semaphore autoconf check fails - on cross compilation (Reported by abelbeck) - * ASTERISK-24624 - Transfer to invalid extension results in hung - channel. (Reported by Zane Conkle) - * ASTERISK-24615 - When Multiple Transports Exist in pjsip.conf, - Incorrect External Addresses is Used in SIP Packets When - Responding to INVITE (Reported by David Justl) - * ASTERISK-24288 - [patch] - ODBC usage with app_voicemail - - voicemail is not deleted after review, hangup (Reported by LEI - FU) - * ASTERISK-24048 - [patch] contrib/scripts/install_prereq selects - 32-bit packages on 64-bit hosts (Reported by Ben Klang) - * ASTERISK-24600 - Stuck IAX channels, Asterisk stops responding - to most traffic, potential deadlock (Reported by Jeff Collell) - * ASTERISK-24560 - Creating a named ARI bridge twice causes a - crash (Reported by Kinsey Moore) - * ASTERISK-24682 - app_dial: Multiple DialEnd events emitted when - MACRO_RESULT or GOSUB_RESULT are an unexpected value (Reported - by Matt Jordan) - * ASTERISK-24640 - Registration pending stays forever after sip - reload (Reported by Max Man) - * ASTERISK-24673 - outgoing sip registers cannot be removed or - modified without doing restart (or doing module unload - chan_sip.so) (Reported by Stefan Engström) - * ASTERISK-24709 - [patch] msg_create_from_file used by MixMonitor - m() option does not queue an MWI event (Reported by Gareth - Palmer) - * ASTERISK-24649 - Pushing of channel into bridge fails; Stasis - fails to get app name (Reported by John Bigelow) - * ASTERISK-24355 - [patch] chan_sip realtime uses case sensitive - column comparison for 'defaultuser' (Reported by - HZMI8gkCvPpom0tM) - * ASTERISK-24693 - Investigate and fix memory leaks in Asterisk - (Reported by Kevin Harwell) - * ASTERISK-24626 - Voicemail passwords not being stored in ARA - (Reported by Paddy Grice) - * ASTERISK-24539 - Compile fails on OSX because of sem_timedwait - in bridge_channel.c (Reported by George Joseph) - * ASTERISK-24544 - Compile fails on OSX Yosemite because of - incorrect detection of htonll and ntohll (Reported by George - Joseph) - * ASTERISK-24723 - confbridge: CLI command 'confbridge list XXXX' - no longer displays user menus (Reported by Matt Jordan) - * ASTERISK-24721 - manager: ModuleLoad action incorrectly reports - 'module not found' during a Reload operation (Reported by Matt - Jordan) - * ASTERISK-24719 - ConfBridge recording channels get stuck when - recording started/stopped more than once (Reported by Richard - Mudgett) - * ASTERISK-24715 - chan_sip: stale nonce causes failure (Reported - by Kevin Harwell) - * ASTERISK-24728 - tcptls: Bad file descriptor error when - reloading chan_sip (Reported by Kevin Harwell) - * ASTERISK-24729 - Outbound registration not occuring on new - registrations after reload. (Reported by Richard Mudgett) - * ASTERISK-24676 - Security Vulnerability: URL request injection - in libCURL (CVE-2014-8150) (Reported by Matt Jordan) - * ASTERISK-24666 - Security Vulnerability: RTP not closed after - sip call using unsupported codec (Reported by Y Ateya) - * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL - versions (Reported by Jared Biel) - * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by - Stephan Eisvogel) - * ASTERISK-24736 - Memory Leak Fixes (Reported by Mark Michelson) - * ASTERISK-24635 - PJSIP outbound PUBLISH crashes when no response - is ever received (Reported by Marco Paland) - * ASTERISK-24737 - When agent not logged in, agent status shows - unavailable, queue status shows agent invalid (Reported by - Richard Mudgett) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24552 - ARI: Allow associating a channel as an - initiator of an Origination for record keeping purposes - (Reported by Matt Jordan) - * ASTERISK-24553 - ARI/AMI: Include language in standard channel - snapshot output (Reported by Matt Jordan) - * ASTERISK-24643 - res_pjsip: Add user=phone option (Reported by - Matt Jordan) - * ASTERISK-24644 - res_pjsip_keepalive: Add keepalive module for - connection-oriented transports. (Reported by Matt Jordan) - * ASTERISK-24412 - [patch]Incomplete channel originate/continue - handling with ARI (Reported by Nir Simionovich (GreenfieldTech - - Israel)) - * ASTERISK-24678 - [PATCH] Added atxfer* settings to - features.conf.sample (Reported by Niklas Larsson) - * ASTERISK-24575 - [patch]Make capath work for res_pjsip (Reported - by cloos) - * ASTERISK-24671 - Missing docs for the CDR AMI Event (Reported by - Dan Jenkins) - * ASTERISK-24316 - For httpd server, need option to define server - name for security purposes (Reported by Andrew Nagy) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-13.2.0- The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28.cert-4, 1.8.32.2, 11.6-cert10, - 11.15.1, 12.8.1, and 13.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2015-001: File descriptor leak when incompatible codecs are offered - - Asterisk may be configured to only allow specific audio or - video codecs to be used when communicating with a - particular endpoint. When an endpoint sends an SDP offer - that only lists codecs not allowed by Asterisk, the offer - is rejected. However, in this case, RTP ports that are - allocated in the process are not reclaimed. - - This issue only affects the PJSIP channel driver in - Asterisk. Users of the chan_sip channel driver are not - affected. - - * AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability - - CVE-2014-8150 reported an HTTP request injection - vulnerability in libcURL. Asterisk uses libcURL in its - func_curl.so module (the CURL() dialplan function), as well - as its res_config_curl.so (cURL realtime backend) modules. - - Since Asterisk may be configured to allow for user-supplied - URLs to be passed to libcURL, it is possible that an - attacker could use Asterisk as an attack vector to inject - unauthorized HTTP requests if the version of libcURL - installed on the Asterisk server is affected by - CVE-2014-8150. - - For more information about the details of these vulnerabilities, please read - security advisory AST-2015-001 and AST-2015-002, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2015-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2015-002.pdf- The Asterisk Development Team has announced the release of Asterisk 13.1.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 13.1.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - New Features made in this release: - ----------------------------------- - * ASTERISK-24554 - AMI/ARI: Generate events on connected line - changes (Reported by Matt Jordan) - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24436 - Missing header in res/res_srtp.c when compiling - against libsrtp-1.5.0 (Reported by Patrick Laimbock) - * ASTERISK-24455 - func_cdr: CDR_PROP leaks payload (Reported by - Corey Farrell) - * ASTERISK-24454 - app_queue: ao2_iterator not destroyed, causing - leak (Reported by Corey Farrell) - * ASTERISK-24430 - missing letter "p" in word response in - OriginateResponse event documentation (Reported by Dafi Ni) - * ASTERISK-24437 - Review implementation of ast_bridge_impart for - leaks and document proper usage (Reported by Scott Griepentrog) - * ASTERISK-24453 - manager: acl_change_sub leaks (Reported by - Corey Farrell) - * ASTERISK-24457 - res_fax: fax gateway frames leak (Reported by - Corey Farrell) - * ASTERISK-24458 - chan_phone fails to build on big endian systems - (Reported by Tzafrir Cohen) - * ASTERISK-21721 - SIP Failed to parse multiple Supported: headers - (Reported by Olle Johansson) - * ASTERISK-24304 - asterisk crashing randomly because of unistim - channel (Reported by dhanapathy sathya) - * ASTERISK-24190 - IMAP voicemail causes segfault (Reported by - Nick Adams) - * ASTERISK-24462 - res_pjsip: Stale qualify statistics after - disablementation (Reported by Kevin Harwell) - * ASTERISK-24465 - audiohooks list leaks reference to formats - (Reported by Corey Farrell) - * ASTERISK-24466 - app_queue: fix a couple leaks to struct - call_queue (Reported by Corey Farrell) - * ASTERISK-24432 - Install refcounter.py when REF_DEBUG is enabled - (Reported by Corey Farrell) - * ASTERISK-24411 - [patch] Status of outbound registration is not - changed upon unregistering. (Reported by John Bigelow) - * ASTERISK-24476 - main/app.c / app_voicemail: ast_writestream - leaks (Reported by Corey Farrell) - * ASTERISK-24480 - res_http_websockets: Module reference decrease - below zero (Reported by Corey Farrell) - * ASTERISK-24482 - func_talkdetect: Fix stasis message leak in - audiohook callback (Reported by Corey Farrell) - * ASTERISK-24487 - configuration: sections should be loadable as - template even when not marked (Reported by Scott Griepentrog) - * ASTERISK-20127 - [Regression] Config.c config_text_file_load() - unescapes semicolons ("\;" -> ";") turning them into comments - (corruption) on rewrite of a config file (Reported by George - Joseph) - * ASTERISK-24438 - res_pjsip_multihomed.so blocks Asterisk reload - when DNS settings invalid (Reported by Melissa Shepherd) - * ASTERISK-24307 - Unintentional memory retention in stringfields - (Reported by Etienne Lessard) - * ASTERISK-24491 - Memory leak in res_hep (Reported by Zane - Conkle) - * ASTERISK-24492 - main/file.c: ast_filestream sometimes causes - extra calls to ast_module_unref (Reported by Corey Farrell) - * ASTERISK-24447 - Bridge DTMF hooks: Audio doesn't pass when - waiting for more matching digits. (Reported by Richard Mudgett) - * ASTERISK-24257 - agent must dial acceptdtmf twice to bridge to - queue caller (Reported by Steve Pitts) - * ASTERISK-24504 - chan_console: Fix reference leaks to pvt - (Reported by Corey Farrell) - * ASTERISK-24250 - [patch] Voicemail with multi-recipients To: - header fix (Reported by abelbeck) - * ASTERISK-24468 - Incoming UCS2 encoded SMS truncated if SMS - length exceeds 50 (roughly) national symbols (Reported by - Dmitriy Bubnov) - * ASTERISK-24500 - Regression introduced in chan_mgcp by SVN - revision r227276 (Reported by Xavier Hienne) - * ASTERISK-24505 - manager: http connections leak references - (Reported by Corey Farrell) - * ASTERISK-24502 - Build fails when dev-mode, dont optimize and - coverage are enabled (Reported by Corey Farrell) - * ASTERISK-24444 - PBX: Crash when generating extension for - pattern matching hint (Reported by Leandro Dardini) - * ASTERISK-24489 - Crash: Asterisk crashes when converting RTCP - packet to JSON for res_hep_rtcp and report blocks are greater - than 1 (Reported by Gregory Malsack) - * ASTERISK-24498 - Segmentation fault in res_hep_rtcp on attended - transfer (Reported by Beppo Mazzucato) - * ASTERISK-24501 - ARI: Moving a channel between bridges followed - by a hangup can cause an ARI client to not receive an expected - ChannelLeftBridge event before StasisEnd (Reported by Matt - Jordan) - * ASTERISK-24336 - PJSIP timer_min_se value under 90 causes crash - (Reported by Leon Rowland) - * ASTERISK-23651 - Reloading some modules that are loaded already, - results in 'No such module' before a successful reload (Reported - by Rusty Newton) - * ASTERISK-24522 - ConfBridge: delay occurs between kicking all - endmarked users when last marked user leaves (Reported by Matt - Jordan) - * ASTERISK-15242 - transmit_refer leaks sip_refer structures - (Reported by David Woolley) - * ASTERISK-24508 - pjsip - REFER request from SNOM is rejected - with "400 bad request" - DEBUG shows "Received a REFER without a - parseable Refer-To" (Reported by Beppo Mazzucato) - * ASTERISK-24535 - stringfields: Fix regression from fix for - unintentional memory retention and another issue exposed by the - fix (Reported by Corey Farrell) - * ASTERISK-24471 - Crash - assert_fail in libc in - pjmedia_sdp_neg_negotiate from /usr/local/lib/libpjmedia.so.2 - (Reported by yaron nahum) - * ASTERISK-24528 - res_pjsip_refer: Sending INVITE with Replaces - in-dialog with invalid target causes crash (Reported by Joshua - Colp) - * ASTERISK-24531 - res_pjsip_acl: ACLs not applied on initial - module load (Reported by Matt Jordan) - * ASTERISK-24469 - Security Vulnerability: Mixed IPv4/IPv6 ACLs - allow blocked addresses through (Reported by Matt Jordan) - * ASTERISK-24542 - [patch]Failure showing codecs via 'core show - channeltype ' (Reported by snuffy) - * ASTERISK-24533 - 2 threads created per chan_sip entry (Reported - by xrobau) - * ASTERISK-24516 - [patch]Asterisk segfaults when playing back - voicemail under high concurrency with an IMAP backend (Reported - by David Duncan Ross Palmer) - * ASTERISK-24572 - [patch]App_meetme is loaded without its - defaults when the configuration file is missing (Reported by - Nuno Borges) - * ASTERISK-24573 - [patch]Out of sync conversation recording when - divided in multiple recordings (Reported by Nuno Borges) - * ASTERISK-24537 - Stasis: StasisStart/StasisEnd events are not - reliably transmitted during transfers (Reported by Matt Jordan) - * ASTERISK-24556 - Asterisk 13 core dumps when calling from pjsip - extension to another pjsip extension (Reported by Abhay Gupta) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24279 - Documentation: Clarify the behaviour of the CDR - property 'unanswered' (Reported by Matt Jordan) - * ASTERISK-24283 - [patch]Microseconds precision in the eventtime - column in the cel_odbc module (Reported by Etienne Lessard) - * ASTERISK-24530 - [patch] app_record stripping 1/4 second from - recordings (Reported by Ben Smithurst) - * ASTERISK-24577 - Speed up loopback switches by avoiding unneeded - lookups (Reported by Birger "WIMPy" Harzenetter) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-13.1.0- Add speexdsp as build dep as speex_echo.h has moved - rhbz 1181021- update for lua 5.3- The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are - released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-019: Remote Crash Vulnerability in WebSocket Server - - When handling a WebSocket frame the res_http_websocket module dynamically - changes the size of the memory used to allow the provided payload to fit. If a - payload length of zero was received the code would incorrectly attempt to - resize to zero. This operation would succeed and end up freeing the memory but - be treated as a failure. When the session was subsequently torn down this - memory would get freed yet again causing a crash. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-019, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-019.pdf- The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1, and 13.0.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerabilities: - - * AST-2014-012: Unauthorized access in the presence of ACLs with mixed IP - address families - - Many modules in Asterisk that service incoming IP traffic have ACL options - ("permit" and "deny") that can be used to whitelist or blacklist address - ranges. A bug has been discovered where the address family of incoming - packets is only compared to the IP address family of the first entry in the - list of access control rules. If the source IP address for an incoming - packet is not of the same address as the first ACL entry, that packet - bypasses all ACL rules. - - * AST-2014-018: Permission Escalation through DB dialplan function - - The DB dialplan function when executed from an external protocol, such as AMI, - could result in a privilege escalation. Users with a lower class authorization - in AMI can access the internal Asterisk database without the required SYSTEM - class authorization. - - In addition, the release of 11.6-cert8 and 11.14.1 resolves the following - security vulnerability: - - * AST-2014-014: High call load with ConfBridge can result in resource exhaustion - - The ConfBridge application uses an internal bridging API to implement - conference bridges. This internal API uses a state model for channels within - the conference bridge and transitions between states as different things - occur. Unload load it is possible for some state transitions to be delayed - causing the channel to transition from being hung up to waiting for media. As - the channel has been hung up remotely no further media will arrive and the - channel will stay within ConfBridge indefinitely. - - In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves - the following security vulnerability: - - * AST-2014-017: Permission Escalation via ConfBridge dialplan function and - AMI ConfbridgeStartRecord Action - - The CONFBRIDGE dialplan function when executed from an external protocol (such - as AMI) can result in a privilege escalation as certain options within that - function can affect the underlying system. Additionally, the AMI - ConfbridgeStartRecord action has options that would allow modification of the - underlying system, and does not require SYSTEM class authorization in AMI. - - Finally, the release of 12.7.1 and 13.0.1 resolves the following security - vulnerabilities: - - * AST-2014-013: Unauthorized access in the presence of ACLs in the PJSIP stack - - The Asterisk module res_pjsip provides the ability to configure ACLs that may - be used to reject SIP requests from various hosts. However, the module - currently fails to create and apply the ACLs defined in its configuration - file on initial module load. - - * AST-2014-015: Remote crash vulnerability in PJSIP channel driver - - The chan_pjsip channel driver uses a queue approach for relating to SIP - sessions. There exists a race condition where actions may be queued to answer - a session or send ringing after a SIP session has been terminated using a - CANCEL request. The code will incorrectly assume that the SIP session is still - active and attempt to send the SIP response. The PJSIP library does not - expect the SIP session to be in the disconnected state when sending the - response and asserts. - - * AST-2014-016: Remote crash vulnerability in PJSIP channel driver - - When handling an INVITE with Replaces message the res_pjsip_refer module - incorrectly assumes that it will be operating on a channel that has just been - created. If the INVITE with Replaces message is sent in-dialog after a session - has been established this assumption will be incorrect. The res_pjsip_refer - module will then hang up a channel that is actually owned by another thread. - When this other thread attempts to use the just hung up channel it will end up - using a freed channel which will likely result in a crash. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, - AST-2014-016, AST-2014-017, and AST-2014-018, which were released at the same - time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert8 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.32.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-013.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-015.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-016.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-017.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-018.pdf- The Asterisk Development Team is pleased to announce the release of - Asterisk 13.0.0. This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - Asterisk 13 is the next major release series of Asterisk. It is a Long Term - Support (LTS) release, similar to Asterisk 11. For more information about - support time lines for Asterisk releases, see the Asterisk versions page: - https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions - - For important information regarding upgrading to Asterisk 13, please see the - Asterisk wiki: - - https://wiki.asterisk.org/wiki/display/AST/Upgrading+to+Asterisk+13 - - A short list of new features includes: - - * Asterisk security events are now provided via AMI, allowing end users to - monitor their Asterisk system in real time for security related issues. - - * Both AMI and ARI now allow external systems to control the state of a mailbox. - Using AMI actions or ARI resources, external systems can programmatically - trigger Message Waiting Indicators (MWI) on subscribed phones. This is of - particular use to those who want to build their own VoiceMail application - using ARI. - - * ARI now supports the reception/transmission of out of call text messages using - any supported channel driver/protocol stack through ARI. Users receive out of - call text messages as JSON events over the ARI websocket connection, and can - send out of call text messages using HTTP requests. - - * The PJSIP stack now supports RFC 4662 Resource Lists, allowing Asterisk to act - as a Resource List Server. This includes defining lists of presence state, - mailbox state, or lists of presence state/mailbox state; managing - subscriptions to lists; and batched delivery of NOTIFY requests to - subscribers. - - * The PJSIP stack can now be used as a means of distributing device state or - mailbox state via PUBLISH requests to other Asterisk instances. This is - analogous to Asterisk's clustering support using XMPP or Corosync; unlike - existing clustering mechanisms, using the PJSIP stack to perform the - distribution of state does not rely on another daemon or server to perform the - work. - - And much more! - - More information about the new features can be found on the Asterisk wiki: - - https://wiki.asterisk.org/wiki/display/AST/Asterisk+13+Documentation - - A full list of all new features can also be found in the CHANGES file: - - http://svnview.digium.com/svn/asterisk/branches/13/CHANGES - - For a full list of changes in the current release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0- rebuild for new libsrtp- The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, - 11.13.1, 12.6.1, and 13.0.0-beta3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following security vulnerability: - - * AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability - - Asterisk is susceptible to the POODLE vulnerability in two ways: - 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their - encrypted connections. - 2) The core TLS handling in Asterisk, which is used by the chan_sip channel - driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by - default allow a TLS connection to fallback to SSLv3. This allows for a - MITM to potentially force a connection to fallback to SSLv3, exposing it - to the POODLE vulnerability. - - These issues have been resolved in the versions released in conjunction with - this security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2014-011, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-011.pdf- The Asterisk Development Team has announced the release of Asterisk 11.13.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.13.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-24032 - Gentoo compilation emits warning: - "_FORTIFY_SOURCE" redefined (Reported by Kilburn) - * ASTERISK-24225 - Dial option z is broken (Reported by - dimitripietro) - * ASTERISK-24178 - [patch]fromdomainport used even if not set - (Reported by Elazar Broad) - * ASTERISK-22252 - res_musiconhold cleanup - REF_DEBUG reload - warnings and ref leaks (Reported by Walter Doekes) - * ASTERISK-23997 - chan_sip: port incorrectly incremented for RTCP - ICE candidates in SDP answer (Reported by Badalian Vyacheslav) - * ASTERISK-24019 - When a Music On Hold stream starts it restarts - at beginning of file. (Reported by Jason Richards) - * ASTERISK-23767 - [patch] Dynamic IAX2 registration stops trying - if ever not able to resolve (Reported by David Herselman) - * ASTERISK-24211 - testsuite: Fix the dial_LS_options test - (Reported by Matt Jordan) - * ASTERISK-24249 - SIP debugs do not stop (Reported by Avinash - Mohod) - * ASTERISK-23577 - res_rtp_asterisk: Crash in - ast_rtp_on_turn_rtp_state when RTP instance is NULL (Reported by - Jay Jideliov) - * ASTERISK-23634 - With TURN Asterisk crashes on multiple (7-10) - concurrent WebRTC (avpg/encryption/icesupport) calls (Reported - by Roman Skvirsky) - * ASTERISK-24301 - Security: Out of call MESSAGE requests - processed via Message channel driver can crash Asterisk - (Reported by Matt Jordan) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-24171 - [patch] Provide a manpage for the aelparse - utility (Reported by Jeremy Lainé) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.13.0- The Asterisk Development Team has announced security releases for Certified - Asterisk 11.6 and Asterisk 11 and 12. The available security releases are - released as versions 11.6-cert6, 11.12.1, and 12.5.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - Please note that the release of these versions resolves the following security - vulnerability: - - * AST-2014-010: Remote Crash when Handling Out of Call Message in Certain - Dialplan Configurations - - Additionally, the release of Asterisk 12.5.1 resolves the following security - vulnerability: - - * AST-2014-009: Remote Crash Based on Malformed SIP Subscription Requests - - Note that the crash described in AST-2014-010 can be worked around through - dialplan configuration. Given the likelihood of the issue, an advisory was - deemed to be warranted. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-009 and AST-2014-010, which were released at the - same time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert6 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.12.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.5.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-009.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-010.pdf- The Asterisk Development Team has announced the release of Asterisk 11.12.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.12.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-23911 - URIENCODE/URIDECODE: WARNING about passing an - empty string is a bit over zealous (Reported by Matt Jordan) - * ASTERISK-23985 - PresenceState Action response does not contain - ActionID; duplicates Message Header (Reported by Matt Jordan) - * ASTERISK-23814 - No call started after peer dialed (Reported by - Igor Goncharovsky) - * ASTERISK-24087 - [patch]chan_sip: sip_subscribe_mwi_destroy - should not call sip_destroy (Reported by Corey Farrell) - * ASTERISK-23818 - PBX_Lua: after asterisk startup module is - loaded, but dialplan not available (Reported by Dennis Guse) - * ASTERISK-18345 - [patch] sips connection dropped by asterisk - with a large INVITE (Reported by Stephane Chazelas) - * ASTERISK-23508 - Memory Corruption in - __ast_string_field_ptr_build_va (Reported by Arnd Schmitter) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-21178 - Improve documentation for manager command - Getvar, Setvar (Reported by Rusty Newton) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.12.0- The Asterisk Development Team has announced the release of Asterisk 11.11.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.11.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-22551 - Session timer : UAS (Asterisk) starts counting - at Invite, UAC starts counting at 200 OK. (Reported by i2045) - * ASTERISK-23792 - Mutex left locked in chan_unistim.c (Reported - by Peter Whisker) - * ASTERISK-23582 - [patch]Inconsistent column length in *odbc - (Reported by Walter Doekes) - * ASTERISK-23803 - AMI action UpdateConfig EmptyCat clears all - categories but the requested one (Reported by zvision) - * ASTERISK-23035 - ConfBridge with name longer than max (32 chars) - results in several bridges with same conf_name (Reported by - Iñaki Cívico) - * ASTERISK-23824 - ConfBridge: Users cannot be muted via CLI or - AMI when waiting to enter a conference (Reported by Matt Jordan) - * ASTERISK-23683 - #includes - wildcard character in a path more - than one directory deep - results in no config parsing on module - reload (Reported by tootai) - * ASTERISK-23827 - autoservice thread doesn't exit at shutdown - (Reported by Corey Farrell) - * ASTERISK-23609 - Security: AMI action MixMonitor allows - arbitrary programs to be run (Reported by Corey Farrell) - * ASTERISK-23673 - Security: DOS by consuming the number of - allowed HTTP connections. (Reported by Richard Mudgett) - * ASTERISK-23246 - DEBUG messages in sdp_crypto.c display despite - a DEBUG level of zero (Reported by Rusty Newton) - * ASTERISK-23766 - [patch] Specify timeout for database write in - SQLite (Reported by Igor Goncharovsky) - * ASTERISK-23844 - Load of pbx_lua fails on sample extensions.lua - with Lua 5.2 or greater due to addition of goto statement - (Reported by Rusty Newton) - * ASTERISK-23818 - PBX_Lua: after asterisk startup module is - loaded, but dialplan not available (Reported by Dennis Guse) - * ASTERISK-23834 - res_rtp_asterisk debug message gives wrong - length if ICE (Reported by Richard Kenner) - * ASTERISK-23790 - [patch] - SIP From headers longer than 256 - characters result in dropped call and 'No closing bracket' - warnings. (Reported by uniken1) - * ASTERISK-23917 - res_http_websocket: Delay in client processing - large streams of data causes disconnect and stuck socket - (Reported by Matt Jordan) - * ASTERISK-23908 - [patch]When using FEC error correction, - asterisk tries considers negative sequence numbers as missing - (Reported by Torrey Searle) - * ASTERISK-23921 - refcounter.py uses excessive ram for large refs - files (Reported by Corey Farrell) - * ASTERISK-23948 - REF_DEBUG fails to record ao2_ref against - objects that were already freed (Reported by Corey Farrell) - * ASTERISK-23916 - [patch]SIP/SDP fmtp line may include whitespace - between attributes (Reported by Alexander Traud) - * ASTERISK-23984 - Infinite loop possible in ast_careful_fwrite() - (Reported by Steve Davies) - * ASTERISK-23897 - [patch]Change in SETUP ACK handling (checking - PI) in revision 413765 breaks working environments (Reported by - Pavel Troller) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-23492 - Add option to safe_asterisk to disable - backgrounding (Reported by Walter Doekes) - * ASTERISK-22961 - [patch] DTLS-SRTP not working with SHA-256 - (Reported by Jay Jideliov) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.11.0- Perl 5.20 rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Drop the 389 directory server schema (1061414)- The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.15, 11.6, and Asterisk 1.8, 11, and 12. The available security - releases are released as versions 1.8.15-cert7, 11.6-cert4, 1.8.28.2, 11.10.2, - and 12.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - These releases resolve security vulnerabilities that were previously fixed in - 1.8.15-cert6, 11.6-cert3, 1.8.28.1, 11.10.1, and 12.3.1. Unfortunately, the fix - for AST-2014-007 inadvertently introduced a regression in Asterisk's TCP and TLS - handling that prevented Asterisk from sending data over these transports. This - regression and the security vulnerabilities have been fixed in the versions - specified in this release announcement. - - The security patches for AST-2014-007 have been updated with the fix for the - regression, and are available at http://downloads.asterisk.org/pub/security - - Please note that the release of these versions resolves the following security - vulnerabilities: - - * AST-2014-005: Remote Crash in PJSIP Channel Driver's Publish/Subscribe - Framework - - * AST-2014-006: Permission Escalation via Asterisk Manager User Unauthorized - Shell Access - - * AST-2014-007: Denial of Service via Exhaustion of Allowed Concurrent HTTP - Connections - - * AST-2014-008: Denial of Service in PJSIP Channel Driver Subscriptions - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-005, AST-2014-006, AST-2014-007, and AST-2014-008, - which were released with the previous versions that addressed these - vulnerabilities. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.15-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.28.2 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.10.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.3.2 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-005.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-006.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-007.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-008.pdf- The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.15, 11.6, and Asterisk 1.8, 11, and 12. The available security - releases are released as versions 1.8.15-cert6, 11.6-cert3, 1.8.28.1, 11.10.1, - and 12.3.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolves the following issue: - - * AST-2014-007: Denial of Service via Exhaustion of Allowed Concurrent HTTP - Connections - - Establishing a TCP or TLS connection to the configured HTTP or HTTPS port - respectively in http.conf and then not sending or completing a HTTP request - will tie up a HTTP session. By doing this repeatedly until the maximum number - of open HTTP sessions is reached, legitimate requests are blocked. - - Additionally, the release of 11.6-cert3, 11.10.1, and 12.3.1 resolves the - following issue: - - * AST-2014-006: Permission Escalation via Asterisk Manager User Unauthorized - Shell Access - - Manager users can execute arbitrary shell commands with the MixMonitor manager - action. Asterisk does not require system class authorization for a manager - user to use the MixMonitor action, so any manager user who is permitted to use - manager commands can potentially execute shell commands as the user executing - the Asterisk process. - - Additionally, the release of 12.3.1 resolves the following issues: - - * AST-2014-005: Remote Crash in PJSIP Channel Driver's Publish/Subscribe - Framework - - A remotely exploitable crash vulnerability exists in the PJSIP channel - driver's pub/sub framework. If an attempt is made to unsubscribe when not - currently subscribed and the endpoint's “sub_min_expiry” is set to zero, - Asterisk tries to create an expiration timer with zero seconds, which is not - allowed, so an assertion raised. - - * AST-2014-008: Denial of Service in PJSIP Channel Driver Subscriptions - - When a SIP transaction timeout caused a subscription to be terminated, the - action taken by Asterisk was guaranteed to deadlock the thread on which SIP - requests are serviced. Note that this behavior could only happen on - established subscriptions, meaning that this could only be exploited if an - attacker bypassed authentication and successfully subscribed to a real - resource on the Asterisk server. - - These issues and their resolutions are described in the security advisories. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-005, AST-2014-006, AST-2014-007, and AST-2014-008, - which were released at the same time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.15-cert6 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.28.1 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert3 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.10.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.3.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-005.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-006.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-007.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-008.pdf- The Asterisk Development Team has announced the release of Asterisk 11.10.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.10.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-23547 - [patch] app_queue removing callers from queue - when reloading (Reported by Italo Rossi) - * ASTERISK-23559 - app_voicemail fails to load after fix to - dialplan functions (Reported by Corey Farrell) - * ASTERISK-22846 - testsuite: masquerade super test fails on all - branches (still) (Reported by Matt Jordan) - * ASTERISK-23545 - Confbridge talker detection settings - configuration load bug (Reported by John Knott) - * ASTERISK-23546 - CB_ADD_LEN does not do what you'd think - (Reported by Walter Doekes) - * ASTERISK-23620 - Code path in app_stack fails to unlock list - (Reported by Bradley Watkins) - * ASTERISK-23616 - Big memory leak in logger.c (Reported by - ibercom) - * ASTERISK-23576 - Build failure on SmartOS / Illumos / SunOS - (Reported by Sebastian Wiedenroth) - * ASTERISK-23550 - Newer sound sets don't show up in menuselect - (Reported by Rusty Newton) - * ASTERISK-18331 - app_sms failure (Reported by David Woodhouse) - * ASTERISK-19465 - P-Asserted-Identity Privacy (Reported by - Krzysztof Chmielewski) - * ASTERISK-23605 - res_http_websocket: Race condition in shutting - down websocket causes crash (Reported by Matt Jordan) - * ASTERISK-23707 - Realtime Contacts: Apparent mismatch between - PGSQL database state and Asterisk state (Reported by Mark - Michelson) - * ASTERISK-23381 - [patch]ChanSpy- Barge only works on the initial - 'spy', if the spied-on channel makes a new call, unable to - barge. (Reported by Robert Moss) - * ASTERISK-23665 - Wrong mime type for codec H263-1998 (h263+) - (Reported by Guillaume Maudoux) - * ASTERISK-23664 - Incorrect H264 specification in SDP. (Reported - by Guillaume Maudoux) - * ASTERISK-22977 - chan_sip+CEL: missing ANSWER and PICKUP event - for INVITE/w/replaces pickup (Reported by Walter Doekes) - * ASTERISK-23709 - Regression in Dahdi/Analog/waitfordialtone - (Reported by Steve Davies) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-23649 - [patch]Support for DTLS retransmission - (Reported by NITESH BANSAL) - * ASTERISK-23564 - [patch]TLS/SRTP status of channel not currently - available in a CLI command (Reported by Patrick Laimbock) - * ASTERISK-23754 - [patch] Use var/lib directory for log file - configured in asterisk.conf (Reported by Igor Goncharovsky) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.10.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- build against gmime-devel not gmime22-devel - do not use -m64 on aarch64- The Asterisk Development Team has announced the release of Asterisk 11.9.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.9.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-22790 - check_modem_rate() may return incorrect rate - for V.27 (Reported by Paolo Compagnini) - * ASTERISK-23034 - [patch] manager Originate doesn't abort on - failed format_cap allocation (Reported by Corey Farrell) - * ASTERISK-23061 - [Patch] 'textsupport' setting not mentioned in - sip.conf.sample (Reported by Eugene) - * ASTERISK-23028 - [patch] Asterisk man pages contains unquoted - minus signs (Reported by Jeremy Lainé) - * ASTERISK-23046 - Custom CDR fields set during a GoSUB called - from app_queue are not inserted (Reported by Denis Pantsyrev) - * ASTERISK-23027 - [patch] Spelling typo "transfered" instead of - "transferred" (Reported by Jeremy Lainé) - * ASTERISK-23008 - Local channels loose CALLERID name when DAHDI - channel connects (Reported by Michael Cargile) - * ASTERISK-23100 - [patch] In chan_mgcp the ident in transmitted - request and request queue may differ - fix for locking (Reported - by adomjan) - * ASTERISK-22988 - [patch]T38 , SIP 488 after Rejecting image - media offer due to invalid or unsupported syntax (Reported by - adomjan) - * ASTERISK-22861 - [patch]Specifying a null time as parameter to - GotoIfTime or ExecIfTime causes segmentation fault (Reported by - Sebastian Murray-Roberts) - * ASTERISK-17837 - extconfig.conf - Maximum Include level (1) - exceeded (Reported by pz) - * ASTERISK-22662 - Documentation fix? - queues.conf says - persistentmembers defaults to yes, it appears to lie (Reported - by Rusty Newton) - * ASTERISK-23134 - [patch] res_rtp_asterisk port selection cannot - handle selinux port restrictions (Reported by Corey Farrell) - * ASTERISK-23220 - STACK_PEEK function with no arguments causes - crash/core dump (Reported by James Sharp) - * ASTERISK-19773 - Asterisk crash on issuing Asterisk-CLI 'reload' - command multiple times on cli_aliases (Reported by Joel Vandal) - * ASTERISK-22757 - segfault in res_clialiases.so on reload when - mapping "module reload" command (Reported by Gareth Blades) - * ASTERISK-17727 - [patch] TLS doesn't get all certificate chain - (Reported by LN) - * ASTERISK-23178 - devicestate.h: device state setting functions - are documented with the wrong return values (Reported by - Jonathan Rose) - * ASTERISK-23232 - LocalBridge AMI Event LocalOptimization value - is opposite to what's expected (Reported by Leon Roy) - * ASTERISK-23098 - [patch]possible null pointer dereference in - format.c (Reported by Marcello Ceschia) - * ASTERISK-23297 - Asterisk 12, pbx_config.so segfaults if - res_parking.so is not loaded, or if res_parking.conf has no - configuration (Reported by CJ Oster) - * ASTERISK-23069 - Custom CDR variable not recorded when set in - macro called from app_queue (Reported by Bryan Anderson) - * ASTERISK-19499 - ConfBridge MOH is not working for transferee - after attended transfer (Reported by Timo Teräs) - * ASTERISK-23261 - [patch]Output mixup in - ${CHANNEL(rtpqos,audio,all)} (Reported by rsw686) - * ASTERISK-23279 - [patch]Asterisk doesn't support the dynamic - payload change in rtp mapping in the 200 OK response (Reported - by NITESH BANSAL) - * ASTERISK-23255 - UUID included for Redhat, but missing for - Debian distros in install_prereq script (Reported by Rusty - Newton) - * ASTERISK-23260 - [patch]ForkCDR v option does not keep CDR - variables for subsequent records (Reported by zvision) - * ASTERISK-23141 - Asterisk crashes on Dial(), in - pbx_find_extension at pbx.c (Reported by Maxim) - * ASTERISK-23336 - Asterisk warning "Don't know how to indicate - condition 33 on ooh323c" on outgoing calls from H323 to SIP peer - (Reported by Alexander Semych) - * ASTERISK-23231 - Since 405693 If we have res_fax.conf file set - to minrate=2400, then res_fax refuse to load (Reported by David - Brillert) - * ASTERISK-23135 - Crash - segfault in ast_channel_hangupcause_set - - probably introduced in 11.7.0 (Reported by OK) - * ASTERISK-23323 - [patch]chan_sip: missing p->owner checks in - handle_response_invite (Reported by Walter Doekes) - * ASTERISK-23406 - [patch]Fix typo in "sip show peer" (Reported by - ibercom) - * ASTERISK-23310 - bridged channel crashes in bridge_p2p_rtp_write - (Reported by Jeremy Lainé) - * ASTERISK-22911 - [patch]Asterisk fails to resume WebRTC call - from hold (Reported by Vytis Valentinavičius) - * ASTERISK-23104 - Specifying the SetVar AMI without a Channel - cause Asterisk to crash (Reported by Joel Vandal) - * ASTERISK-21930 - [patch]WebRTC over WSS is not working. - (Reported by John) - * ASTERISK-23383 - Wrong sense test on stat return code causes - unchanged config check to break with include files. (Reported by - David Woolley) - * ASTERISK-20149 - Crash when faxing SIP to SIP with strictrtp set - to yes (Reported by Alexandr Gordeev) - * ASTERISK-17523 - Qualify for static realtime peers does not work - (Reported by Maciej Krajewski) - * ASTERISK-21406 - [patch] chan_sip deadlock on monlock between - unload_module and do_monitor (Reported by Corey Farrell) - * ASTERISK-23373 - [patch]Security: Open FD exhaustion with - chan_sip Session-Timers (Reported by Corey Farrell) - * ASTERISK-23340 - Security Vulnerability: stack allocation of - cookie headers in loop allows for unauthenticated remote denial - of service attack (Reported by Matt Jordan) - * ASTERISK-23311 - Manager - MoH Stop Event fails to show up when - leaving Conference (Reported by Benjamin Keith Ford) - * ASTERISK-23420 - [patch]Memory leak in manager_add_filter - function in manager.c (Reported by Etienne Lessard) - * ASTERISK-23488 - Logic error in callerid checksum processing - (Reported by Russ Meyerriecks) - * ASTERISK-23461 - Only first user is muted when joining - confbridge with 'startmuted=yes' (Reported by Chico Manobela) - * ASTERISK-20841 - fromdomain not honored on outbound INVITE - request (Reported by Kelly Goedert) - * ASTERISK-22079 - Segfault: INTERNAL_OBJ (user_data=0x6374652f) - at astobj2.c:120 (Reported by Jamuel Starkey) - * ASTERISK-23509 - [patch]SayNumber for Polish language tries to - play empty files for numbers divisible by 100 (Reported by - zvision) - * ASTERISK-23103 - [patch]Crash in ast_format_cmp, in ao2_find - (Reported by JoshE) - * ASTERISK-23391 - Audit dialplan function usage of channel - variable (Reported by Corey Farrell) - * ASTERISK-23548 - POST to ARI sometimes returns no body on - success (Reported by Scott Griepentrog) - * ASTERISK-23460 - ooh323 channel stuck if call is placed directly - and gatekeeper is not available (Reported by Dmitry Melekhov) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-22980 - [patch]Allow building cdr_radius and cel_radius - against libfreeradius-client (Reported by Jeremy Lainé) - * ASTERISK-22661 - Unable to exit ChanSpy if spied channel does - not have a call in progress (Reported by Chris Hillman) - * ASTERISK-23099 - [patch] WSS: enable ast_websocket_read() - function to read the whole available data at first and then wait - for any fragmented packets (Reported by Thava Iyer)- The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.15, 11.6, and Asterisk 1.8, 11, and 12. The available security - releases are released as versions 1.8.15-cert5, 11.6-cert2, 1.8.26.1, 11.8.1, - and 12.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolve the following issues: - - * AST-2014-001: Stack overflow in HTTP processing of Cookie headers. - - Sending a HTTP request that is handled by Asterisk with a large number of - Cookie headers could overflow the stack. - - Another vulnerability along similar lines is any HTTP request with a - ridiculous number of headers in the request could exhaust system memory. - - * AST-2014-002: chan_sip: Exit early on bad session timers request - - This change allows chan_sip to avoid creation of the channel and - consumption of associated file descriptors altogether if the inbound - request is going to be rejected anyway. - - Additionally, the release of 12.1.1 resolves the following issue: - - * AST-2014-003: res_pjsip: When handling 401/407 responses don't assume a - request will have an endpoint. - - This change removes the assumption that an outgoing request will always - have an endpoint and makes the authenticate_qualify option work once again. - - Finally, a security advisory, AST-2014-004, was released for a vulnerability - fixed in Asterisk 12.1.0. Users of Asterisk 12.0.0 are encouraged to upgrade to - 12.1.1 to resolve both vulnerabilities. - - These issues and their resolutions are described in the security advisories. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2014-001, AST-2014-002, AST-2014-003, and AST-2014-004, - which were released at the same time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.15-cert5 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.26.1 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.8.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2014-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-002.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-003.pdf - * http://downloads.asterisk.org/pub/security/AST-2014-004.pdf- The Asterisk Development Team has announced the release of Asterisk 11.8.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.8.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - Bugs fixed in this release: - ----------------------------------- - * ASTERISK-22544 - Italian prompt vm-options has advertisement in - it (Reported by Rusty Newton) - * ASTERISK-21383 - STUN Binding Requests Not Being Sent Back from - Asterisk to Chrome (Reported by Shaun Clark) - * ASTERISK-22478 - [patch]Can't use pound(hash) symbol for custom - DTMF menus in ConfBridge (processed as directive) (Reported by - Nicolas Tanski) - * ASTERISK-12117 - chan_sip creates a new local tag (from-tag) for - every register message (Reported by Pawel Pierscionek) - * ASTERISK-20862 - Asterisk min and max member penalties not - honored when set with 0 (Reported by Schmooze Com) - * ASTERISK-22746 - [patch]Crash in chan_dahdi during caller id - read (Reported by Michael Walton) - * ASTERISK-22788 - [patch] main/translate.c: access to variable f - after free in ast_translate() (Reported by Corey Farrell) - * ASTERISK-21242 - Segfault when T.38 re-invite retransmission - receives 200 OK (Reported by Ashley Winters) - * ASTERISK-22590 - BufferOverflow in unpacksms16() when receiving - 16 bit multipart SMS with app_sms (Reported by Jan Juergens) - * ASTERISK-22905 - Prevent Asterisk functions that are 'dangerous' - from being executed from external interfaces (Reported by Matt - Jordan) - * ASTERISK-23021 - Typos in code : "avaliable" instead of - "available" (Reported by Jeremy Lainé) - * ASTERISK-22970 - [patch]Documentation fix for QUOTE() (Reported - by Gareth Palmer) - * ASTERISK-21960 - ooh323 channels stuck (Reported by Dmitry - Melekhov) - * ASTERISK-22350 - DUNDI - core dump on shutdown - segfault in - sqlite3_reset from /usr/lib/libsqlite3.so.0 (Reported by Birger - "WIMPy" Harzenetter) - * ASTERISK-22942 - [patch] - Asterisk crashed after - Set(FAXOPT(faxdetect)=t38) (Reported by adomjan) - * ASTERISK-22856 - [patch]SayUnixTime in polish reads minutes - instead of seconds (Reported by Robert Mordec) - * ASTERISK-22854 - [patch] - Deadlock between cel_pgsql unload and - core_event_dispatcher taskprocessor thread (Reported by Etienne - Lessard) - * ASTERISK-22910 - [patch] - REPLACE() calls strcpy on overlapping - memory when is empty (Reported by Gareth Palmer) - * ASTERISK-22871 - cel_pgsql module not loading after "reload" or - "reload cel_pgsql.so" command (Reported by Matteo) - * ASTERISK-23084 - [patch]rasterisk needlessly prints the - AST-2013-007 warning (Reported by Tzafrir Cohen) - * ASTERISK-17138 - [patch] Asterisk not re-registering after it - receives "Forbidden - wrong password on authentication" - (Reported by Rudi) - * ASTERISK-23011 - [patch]configure.ac and pbx_lua don't support - lua 5.2 (Reported by George Joseph) - * ASTERISK-22834 - Parking by blind transfer when lot full orphans - channels (Reported by rsw686) - * ASTERISK-23047 - Orphaned (stuck) channel occurs during a failed - SIP transfer to parking space (Reported by Tommy Thompson) - * ASTERISK-22946 - Local From tag regression with sipgate.de - (Reported by Stephan Eisvogel) - * ASTERISK-23010 - No BYE message sent when sip INVITE is received - (Reported by Ryan Tilton) - * ASTERISK-23135 - Crash - segfault in ast_channel_hangupcause_set - - probably introduced in 11.7.0 (Reported by OK) - - Improvements made in this release: - ----------------------------------- - * ASTERISK-22728 - [patch] Improve Understanding Of 'Forcerport' - When Running "sip show peers" (Reported by Michael L. Young) - * ASTERISK-22659 - Make a new core and extra sounds release - (Reported by Rusty Newton) - * ASTERISK-22919 - core show channeltypes slicing (Reported by - outtolunc) - * ASTERISK-22918 - dahdi show channels slices PRI channel dnid on - output (Reported by outtolunc) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.8.0- The Asterisk Development Team has announced the release of Asterisk 11.7.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.7.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release: - - * --- app_confbridge: Can now set the language used for announcements - to the conference. - (Closes issue ASTERISK-19983. Reported by Jonathan White) - - * --- app_queue: Fix CLI "queue remove member" queue_log entry. - (Closes issue ASTERISK-21826. Reported by Oscar Esteve) - - * --- chan_sip: Do not increment the SDP version between 183 and 200 - responses. - (Closes issue ASTERISK-21204. Reported by NITESH BANSAL) - - * --- chan_sip: Allow a sip peer to accept both AVP and AVPF calls - (Closes issue ASTERISK-22005. Reported by Torrey Searle) - - * --- chan_sip: Fix Realtime Peer Update Problem When Un-registering - And Expires Header In 200ok - (Closes issue ASTERISK-22428. Reported by Ben Smithurst) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.7.0- The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.15, 11.2, and Asterisk 1.8, 10, and 11. The available security - releases are released as versions 1.8.15-cert4, 11.2-cert3, 1.8.24.1, 10.12.4, - 10.12.4-digiumphones, and 11.6.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolve the following issues: - - * A buffer overflow when receiving odd length 16 bit messages in app_sms. An - infinite loop could occur which would overwrite memory when a message is - received into the unpacksms16() function and the length of the message is an - odd number of bytes. - - * Prevent permissions escalation in the Asterisk Manager Interface. Asterisk - now marks certain individual dialplan functions as 'dangerous', which will - inhibit their execution from external sources. - - A 'dangerous' function is one which results in a privilege escalation. For - example, if one were to read the channel variable SHELL(rm -rf /) Bad - Things(TM) could happen; even if the external source has only read - permissions. - - Execution from external sources may be enabled by setting 'live_dangerously' - to 'yes' in the [options] section of asterisk.conf. Although doing so is not - recommended. - - These issues and their resolutions are described in the security advisories. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2013-006 and AST-2013-007, which were - released at the same time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.15-cert4 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.2-cert3 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.24.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.12.4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.12.4-digiumphones - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.6.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2013-006.pdf - * http://downloads.asterisk.org/pub/security/AST-2013-007.pdf- The Asterisk Development Team has announced the release of Asterisk 11.6.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.6.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release: - - * --- Confbridge: empty conference not being torn down - (Closes issue ASTERISK-21859. Reported by Chris Gentle) - - * --- Let Queue wrap up time influence member availability - (Closes issue ASTERISK-22189. Reported by Tony Lewis) - - * --- Fix a longstanding issue with MFC-R2 configuration that - prevented users - (Closes issue ASTERISK-21117. Reported by Rafael Angulo) - - * --- chan_iax2: Fix saving the wrong expiry time in astdb. - (Closes issue ASTERISK-22504. Reported by Stefan Wachtler) - - * --- Fix segfault for certain invalid WebSocket input. - (Closes issue ASTERISK-21825. Reported by Alfred Farrugia) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.6.0- Disable hardened build, as it's apparently causing problems loading modules.- Enable hardened build BZ#954338 - Significant clean ups- The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.15, 11.2, and Asterisk 1.8, 10, and 11. The available security releases - are released as versions 1.8.15-cert2, 11.2-cert2, 1.8.23.1, 10.12.3, 10.12.3-digiumphones, - and 11.5.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolve the following issues: - - * A remotely exploitable crash vulnerability exists in the SIP channel driver if - an ACK with SDP is received after the channel has been terminated. The - handling code incorrectly assumes that the channel will always be present. - - * A remotely exploitable crash vulnerability exists in the SIP channel driver if - an invalid SDP is sent in a SIP request that defines media descriptions before - connection information. The handling code incorrectly attempts to reference - the socket address information even though that information has not yet been - set. - - These issues and their resolutions are described in the security advisories. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2013-004 and AST-2013-005, which were - released at the same time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.15-cert3 - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.2-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.23.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.12.3 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.12.3-digiumphones - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.5.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2013-004.pdf - * http://downloads.asterisk.org/pub/security/AST-2013-005.pdf - - The Asterisk Development Team has announced the release of Asterisk 11.5.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.5.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release: - - * --- Fix Segfault In app_queue When "persistentmembers" Is Enabled - And Using Realtime - (Closes issue ASTERISK-21738. Reported by JoshE) - - * --- IAX2: fix race condition with nativebridge transfers. - (Closes issue ASTERISK-21409. Reported by alecdavis) - - * --- Fix The Payload Being Set On CN Packets And Do Not Set Marker - Bit - (Closes issue ASTERISK-21246. Reported by Peter Katzmann) - - * --- Fix One-Way Audio With auto_* NAT Settings When SIP Calls - Initiated By PBX - (Closes issue ASTERISK-21374. Reported by Michael L. Young) - - * --- chan_sip: NOTIFYs for BLF start queuing up and fail to be sent - out after retries fail - (Closes issue ASTERISK-21677. Reported by Dan Martens) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.5.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild- Perl 5.18 rebuild- rebuild (libical)- The Asterisk Development Team has announced the release of Asterisk 11.4.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.4.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release: - - * --- Fix Sorting Order For Parking Lots Stored In Static Realtime - (Closes issue ASTERISK-21035. Reported by Alex Epshteyn) - - * --- Fix StopMixMonitor Hanging Up When Unable To Stop MixMonitor On - A Channel - (Closes issue ASTERISK-21294. Reported by daroz) - - * --- When a session timer expires during a T.38 call, re-invite with - correct SDP - (Closes issue ASTERISK-21232. Reported by Nitesh Bansal) - - * --- Fix white noise on SRTP decryption - (Closes issue ASTERISK-21323. Reported by andrea) - - * --- Fix reload skinny with active devices. - (Closes issue ASTERISK-16610. Reported by wedhorn) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.4.0- fix build with lua 5.2- The Asterisk Development Team has announced the release of Asterisk 11.3.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.3.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release: - - * --- Fix issue where chan_mobile fails to bind to first available - port - (Closes issue ASTERISK-16357. Reported by challado) - - * --- Fix Queue Log Reporting Every Call COMPLETECALLER With "h" - Extension Present - (Closes issue ASTERISK-20743. Reported by call) - - * --- Retain XMPP filters across reconnections so external modules - continue to function as expected. - (Closes issue ASTERISK-20916. Reported by kuj) - - * --- Ensure that a declined media stream is terminated with a '\r\n' - (Closes issue ASTERISK-20908. Reported by Dennis DeDonatis) - - * --- Fix pjproject compilation in certain circumstances - (Closes issue ASTERISK-20681. Reported by Dinesh Ramjuttun) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.3.0- The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.15 and Asterisk 1.8, 10, and 11. The available security releases - are released as versions 1.8.15-cert2, 1.8.20.2, 10.12.2, 10.12.2-digiumphones, - and 11.2.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolve the following issues: - - * A possible buffer overflow during H.264 format negotiation. The format - attribute resource for H.264 video performs an unsafe read against a media - attribute when parsing the SDP. - - This vulnerability only affected Asterisk 11. - - * A denial of service exists in Asterisk's HTTP server. AST-2012-014, fixed - in January of this year, contained a fix for Asterisk's HTTP server for a - remotely-triggered crash. While the fix prevented the crash from being - triggered, a denial of service vector still exists with that solution if an - attacker sends one or more HTTP POST requests with very large Content-Length - values. - - This vulnerability affects Certified Asterisk 1.8.15, Asterisk 1.8, 10, and 11 - - * A potential username disclosure exists in the SIP channel driver. When - authenticating a SIP request with alwaysauthreject enabled, allowguest - disabled, and autocreatepeer disabled, Asterisk discloses whether a user - exists for INVITE, SUBSCRIBE, and REGISTER transactions in multiple ways. - - This vulnerability affects Certified Asterisk 1.8.15, Asterisk 1.8, 10, and 11 - - These issues and their resolutions are described in the security advisories. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2013-001, AST-2013-002, and AST-2013-003, which were - released at the same time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.15-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.20.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.12.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.12.2-digiumphones - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.2.2 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2013-001.pdf - * http://downloads.asterisk.org/pub/security/AST-2013-002.pdf - * http://downloads.asterisk.org/pub/security/AST-2013-003.pdf- The Asterisk Development Team has announced the release of Asterisk 11.2.1. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.2.1 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - * --- Fix astcanary startup problem due to wrong pid value from before - daemon call - (Closes issue ASTERISK-20947. Reported by Jakob Hirsch) - - * --- Update init.d scripts to handle stderr; readd splash screen for - remote consoles - (Closes issue ASTERISK-20945. Reported by Warren Selby) - - * --- Reset RTP timestamp; sequence number on SSRC change - (Closes issue ASTERISK-20906. Reported by Eelco Brolman) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.2.1- The Asterisk Development Team has announced the release of Asterisk 11.2.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.2.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release: - - * --- app_meetme: Fix channels lingering when hung up under certain - conditions - (Closes issue ASTERISK-20486. Reported by Michael Cargile) - - * --- Fix stuck DTMF when bridge is broken. - (Closes issue ASTERISK-20492. Reported by Jeremiah Gowdy) - - * --- Add missing support for "who hung up" to chan_motif. - (Closes issue ASTERISK-20671. Reported by Matt Jordan) - - * --- Remove a fixed size limitation for producing SDP and change how - ICE support is disabled by default. - (Closes issue ASTERISK-20643. Reported by coopvr) - - * --- Fix chan_sip websocket payload handling - (Closes issue ASTERISK-20745. Reported by Iñaki Baz Castillo) - - * --- Fix pjproject compilation in certain circumstances - (Closes issue ASTERISK-20681. Reported by Dinesh Ramjuttun) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.2.0- The Asterisk Development Team has announced a security release for Asterisk 11, - Asterisk 11.1.2. This release addresses the security vulnerabilities reported in - AST-2012-014 and AST-2012-015, and replaces the previous version of Asterisk 11 - released for these security vulnerabilities. The prior release left open a - vulnerability in res_xmpp that exists only in Asterisk 11; as such, other - versions of Asterisk were resolved correctly by the previous releases. - - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolve the following two issues: - - * Stack overflows that occur in some portions of Asterisk that manage a TCP - connection. In SIP, this is exploitable via a remote unauthenticated session; - in XMPP and HTTP connections, this is exploitable via remote authenticated - sessions. The vulnerabilities in SIP and HTTP were corrected in a prior - release of Asterisk; the vulnerability in XMPP is resolved in this release. - - * A denial of service vulnerability through exploitation of the device state - cache. Anonymous calls had the capability to create devices in Asterisk that - would never be disposed of. Handling the cachability of device states - aggregated via XMPP is handled in this release. - - These issues and their resolutions are described in the security advisories. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2012-014 and AST-2012-015. - - For a full list of changes in the current release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.1.2 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2012-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2012-015.pdf - - Thank you for your continued support of Asterisk - and we apologize for having - to do this twice!- The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.11 and Asterisk 1.8, 10, and 11. The available security releases - are released as versions 1.8.11-cert10, 1.8.19.1, 10.11.1, 10.11.1-digiumphones, - and 11.1.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of these versions resolve the following two issues: - - * Stack overflows that occur in some portions of Asterisk that manage a TCP - connection. In SIP, this is exploitable via a remote unauthenticated session; - in XMPP and HTTP connections, this is exploitable via remote authenticated - sessions. - - * A denial of service vulnerability through exploitation of the device state - cache. Anonymous calls had the capability to create devices in Asterisk that - would never be disposed of. - - These issues and their resolutions are described in the security advisories. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2012-014 and AST-2012-015, which were released at the - same time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.11-cert10 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.19.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.11.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.11.1-digiumphones - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.1.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2012-014.pdf - * http://downloads.asterisk.org/pub/security/AST-2012-015.pdf- The Asterisk Development Team has announced the release of Asterisk 11.1.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.1.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release: - - * --- Fix execution of 'i' extension due to uninitialized variable. - (Closes issue ASTERISK-20455. Reported by Richard Miller) - - * --- Prevent resetting of NATted realtime peer address on reload. - (Closes issue ASTERISK-18203. Reported by daren ferreira) - - * --- Fix ConfBridge crash if no timing module loaded. - (Closes issue ASTERISK-19448. Reported by feyfre) - - * --- Fix the Park 'r' option when a channel parks itself. - (Closes issue ASTERISK-19382. Reported by James Stocks) - - * --- Fix an issue where outgoing calls would fail to establish audio - due to ICE negotiation failures. - (Closes issue ASTERISK-20554. Reported by mmichelson) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.1.0- The Asterisk Development Team has announced the release of Asterisk 11.0.2. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.0.2 resolves an issue reported by the - community and would have not been possible without your participation. - Thank you! - - The following is the issue resolved in this release: - - * --- chan_local: Fix local_pvt ref leak in local_devicestate(). - (Closes issue ASTERISK-20769. Reported by rmudgett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.0.2- simplify LDFLAGS setting- clean up things to allow building on arm arches- The Asterisk Development Team has announced the release of Asterisk 11.0.1. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.0.1 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - * --- chan_sip: Fix a bug causing SIP reloads to remove all entries - from the registry - (Closes issue ASTERISK-20611. Reported by Alisher) - - * --- confbridge: Fix a bug which made conferences not record with - AMI/CLI commands - (Closes issue ASTERISK-20601. Reported by Vilius) - - * --- Fix an issue with res_http_websocket where the chan_sip - WebSocket handler could not be registered. - (Closes issue ASTERISK-20631. Reported by danjenkins) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.0.1- The Asterisk Development Team is pleased to announce the release of - Asterisk 11.0.0. This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - Asterisk 11 is the next major release series of Asterisk. It is a Long Term - Support (LTS) release, similar to Asterisk 1.8. For more information about - support time lines for Asterisk releases, see the Asterisk versions page: - https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions - - For important information regarding upgrading to Asterisk 11, please see the - Asterisk wiki: - - https://wiki.asterisk.org/wiki/display/AST/Upgrading+to+Asterisk+11 - - A short list of new features includes: - - * A new channel driver named chan_motif has been added which provides support - for Google Talk and Jingle in a single channel driver. This new channel - driver includes support for both audio and video, RFC2833 DTMF, all codecs - supported by Asterisk, hold, unhold, and ringing notification. It is also - compliant with the current Jingle specification, current Google Jingle - specification, and the original Google Talk protocol. - - * Support for the WebSocket transport for chan_sip. - - * SIP peers can now be configured to support negotiation of ICE candidates. - - * The app_page application now no longer depends on DAHDI or app_meetme. It - has been re-architected to use app_confbridge internally. - - * Hangup handlers can be attached to channels using the CHANNEL() function. - Hangup handlers will run when the channel is hung up similar to the h - extension; however, unlike an h extension, a hangup handler is associated with - the actual channel and will execute anytime that channel is hung up, - regardless of where it is in the dialplan. - - * Added pre-dial handlers for the Dial and Follow-Me applications. Pre-dial - allows you to execute a dialplan subroutine on a channel before a call is - placed but after the application performing a dial action is invoked. This - means that the handlers are executed after the creation of the callee - channels, but before any actions have been taken to actually dial the callee - channels. - - * Log messages can now be easily associated with a certain call by looking at - a new unique identifier, "Call Id". Call ids are attached to log messages for - just about any case where it can be determined that the message is related - to a particular call. - - * Introduced Named ACLs as a new way to define Access Control Lists (ACLs) in - Asterisk. Unlike traditional ACLs defined in specific module configuration - files, Named ACLs can be shared across multiple modules. - - * The Hangup Cause family of functions and dialplan applications allow for - inspection of the hangup cause codes for each channel involved in a call. - This allows a dialplan writer to determine, for each channel, who hung up and - for what reason(s). - - * Two new functions have been added: FEATURE() and FEATUREMAP(). FEATURE() - lets you set some of the configuration options from the general section - of features.conf on a per-channel basis. FEATUREMAP() lets you customize - the key sequence used to activate built-in features, such as blindxfer, - and automon. - - * Support for DTLS-SRTP in chan_sip. - - * Support for named pickupgroups/callgroups, allowing any number of pickupgroups - and callgroups to be defined for several channel drivers. - - * IPv6 Support for AMI, AGI, ExternalIVR, and the SIP Security Event Framework. - - More information about the new features can be found on the Asterisk wiki: - - https://wiki.asterisk.org/wiki/display/AST/Asterisk+11+Documentation - - A full list of all new features can also be found in the CHANGES file. - - http://svnview.digium.com/svn/asterisk/branches/11/CHANGES - - For a full list of changes in the current release, please see the ChangeLog. - - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.0.0- The Asterisk Development Team has announced the second release candidate of - Asterisk 11.0.0. This release candidate is available for immediate - download at http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 11.0.0-rc2 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release candidate: - - * --- Fix an issue where outgoing calls would fail to establish audio - due to ICE negotiation failures. - (Closes issue ASTERISK-20554. Reported by mmichelson) - - * --- Ensure Asterisk fails TCP/TLS SIP calls when certificate - checking fails - (Closes issue ASTERISK-20559. Reported by kmoore) - - * --- Don't make chan_sip export global symbols. - (Closes issue ASTERISK-20545. Reported by kmoore) - - For a full list of changes in this release candidate, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.0.0-rc2- The Asterisk Development Team is pleased to announce the first release candidate - of Asterisk 11.0.0. This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - All interested users of Asterisk are encouraged to participate in the - Asterisk 11 testing process. Please report any issues found to the issue - tracker, https://issues.asterisk.org/jira. It is also very useful to see - successful test reports. Please post those to the asterisk-dev mailing list. - All Asterisk users are invited to participate in the #asterisk-testing channel - on IRC to work together in testing the many parts of Asterisk. - - Asterisk 11 is the next major release series of Asterisk. It will be a Long - Term Support (LTS) release, similar to Asterisk 1.8. For more information about - support time lines for Asterisk releases, see the Asterisk versions page: - https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions - - For important information regarding upgrading to Asterisk 11, please see the - Asterisk wiki: - - https://wiki.asterisk.org/wiki/display/AST/Upgrading+to+Asterisk+11 - - A short list of new features includes: - - * A new channel driver named chan_motif has been added which provides support - for Google Talk and Jingle in a single channel driver. This new channel - driver includes support for both audio and video, RFC2833 DTMF, all codecs - supported by Asterisk, hold, unhold, and ringing notification. It is also - compliant with the current Jingle specification, current Google Jingle - specification, and the original Google Talk protocol. - - * Support for the WebSocket transport for chan_sip. - - * SIP peers can now be configured to support negotiation of ICE candidates. - - * The app_page application now no longer depends on DAHDI or app_meetme. It - has been re-architected to use app_confbridge internally. - - * Hangup handlers can be attached to channels using the CHANNEL() function. - Hangup handlers will run when the channel is hung up similar to the h - extension; however, unlike an h extension, a hangup handler is associated with - the actual channel and will execute anytime that channel is hung up, - regardless of where it is in the dialplan. - - * Added pre-dial handlers for the Dial and Follow-Me applications. Pre-dial - allows you to execute a dialplan subroutine on a channel before a call is - placed but after the application performing a dial action is invoked. This - means that the handlers are executed after the creation of the callee - channels, but before any actions have been taken to actually dial the callee - channels. - - * Log messages can now be easily associated with a certain call by looking at - a new unique identifier, "Call Id". Call ids are attached to log messages for - just about any case where it can be determined that the message is related - to a particular call. - - * Introduced Named ACLs as a new way to define Access Control Lists (ACLs) in - Asterisk. Unlike traditional ACLs defined in specific module configuration - files, Named ACLs can be shared across multiple modules. - - * The Hangup Cause family of functions and dialplan applications allow for - inspection of the hangup cause codes for each channel involved in a call. - This allows a dialplan writer to determine, for each channel, who hung up and - for what reason(s). - - * Two new functions have been added: FEATURE() and FEATUREMAP(). FEATURE() - lets you set some of the configuration options from the general section - of features.conf on a per-channel basis. FEATUREMAP() lets you customize - the key sequence used to activate built-in features, such as blindxfer, - and automon. - - * Support for DTLS-SRTP in chan_sip. - - * Support for named pickupgroups/callgroups, allowing any number of pickupgroups - and callgroups to be defined for several channel drivers. - - * IPv6 Support for AMI, AGI, ExternalIVR, and the SIP Security Event Framework. - - More information about the new features can be found on the Asterisk wiki: - - https://wiki.asterisk.org/wiki/display/AST/Asterisk+11+Documentation - - A full list of all new features can also be found in the CHANGES file. - - http://svnview.digium.com/svn/asterisk/branches/11/CHANGES - - For a full list of changes in the current release, please see the ChangeLog. - - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.0.0-rc1- Don't forget format_ilbc module- The Asterisk Development Team is pleased to announce the second beta release of - Asterisk 11.0.0. This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - All interested users of Asterisk are encouraged to participate in the - Asterisk 11 testing process. Please report any issues found to the issue - tracker, https://issues.asterisk.org/jira. It is also very useful to see - successful test reports. Please post those to the asterisk-dev mailing list. - All Asterisk users are invited to participate in the #asterisk-testing channel - on IRC to work together in testing the many parts of Asterisk. - - Asterisk 11 is the next major release series of Asterisk. It will be a Long - Term Support (LTS) release, similar to Asterisk 1.8. For more information about - support time lines for Asterisk releases, see the Asterisk versions page: - https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions - - For important information regarding upgrading to Asterisk 11, please see the - Asterisk wiki: - - https://wiki.asterisk.org/wiki/display/AST/Upgrading+to+Asterisk+11 - - A short list of new features includes: - - * A new channel driver named chan_motif has been added which provides support - for Google Talk and Jingle in a single channel driver. This new channel - driver includes support for both audio and video, RFC2833 DTMF, all codecs - supported by Asterisk, hold, unhold, and ringing notification. It is also - compliant with the current Jingle specification, current Google Jingle - specification, and the original Google Talk protocol. - - * Support for the WebSocket transport for chan_sip. - - * SIP peers can now be configured to support negotiation of ICE candidates. - - * The app_page application now no longer depends on DAHDI or app_meetme. It - has been re-architected to use app_confbridge internally. - - * Hangup handlers can be attached to channels using the CHANNEL() function. - Hangup handlers will run when the channel is hung up similar to the h - extension; however, unlike an h extension, a hangup handler is associated with - the actual channel and will execute anytime that channel is hung up, - regardless of where it is in the dialplan. - - * Added pre-dial handlers for the Dial and Follow-Me applications. Pre-dial - allows you to execute a dialplan subroutine on a channel before a call is - placed but after the application performing a dial action is invoked. This - means that the handlers are executed after the creation of the callee - channels, but before any actions have been taken to actually dial the callee - channels. - - * Log messages can now be easily associated with a certain call by looking at - a new unique identifier, "Call Id". Call ids are attached to log messages for - just about any case where it can be determined that the message is related - to a particular call. - - * Introduced Named ACLs as a new way to define Access Control Lists (ACLs) in - Asterisk. Unlike traditional ACLs defined in specific module configuration - files, Named ACLs can be shared across multiple modules. - - * The Hangup Cause family of functions and dialplan applications allow for - inspection of the hangup cause codes for each channel involved in a call. - This allows a dialplan writer to determine, for each channel, who hung up and - for what reason(s). - - * Two new functions have been added: FEATURE() and FEATUREMAP(). FEATURE() - lets you set some of the configuration options from the general section - of features.conf on a per-channel basis. FEATUREMAP() lets you customize - the key sequence used to activate built-in features, such as blindxfer, - and automon. - - * Support for DTLS-SRTP in chan_sip. - - * Support for named pickupgroups/callgroups, allowing any number of pickupgroups - and callgroups to be defined for several channel drivers. - - * IPv6 Support for AMI, AGI, ExternalIVR, and the SIP Security Event Framework. - - More information about the new features can be found on the Asterisk wiki: - - https://wiki.asterisk.org/wiki/display/AST/Asterisk+11+Documentation - - A full list of all new features can also be found in the CHANGES file. - - http://svnview.digium.com/svn/asterisk/branches/11/CHANGES - - For a full list of changes in the current release, please see the ChangeLog. - - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.0.0-beta2- The Asterisk Development Team has announced the release of Asterisk 10.8.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 10.8.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release: - - * --- AST-2012-012: Resolve AMI User Unauthorized Shell Access through - ExternalIVR - (Closes issue ASTERISK-20132. Reported by Zubair Ashraf of IBM X-Force Research) - - * --- AST-2012-013: Resolve ACL rules being ignored during calls by - some IAX2 peers - (Closes issue ASTERISK-20186. Reported by Alan Frisch) - - * --- Handle extremely out of order RFC 2833 DTMF - (Closes issue ASTERISK-18404. Reported by Stephane Chazelas) - - * --- Resolve severe memory leak in CEL logging modules. - (Closes issue AST-916. Reported by Thomas Arimont) - - * --- Only re-create an SRTP session when needed - (Issue ASTERISK-20194. Reported by Nicolo Mazzon) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.8.0- fix build on s390- fix build on s390- The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.11 and Asterisk 1.8 and 10. The available security releases are - released as versions 1.8.11-cert7, 1.8.15.1, 10.7.1, and 10.7.1-digiumphones. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of Asterisk 1.8.11-cert7, 1.8.15.1, 10.7.1, and 10.7.1-digiumphones - resolve the following two issues: - - * A permission escalation vulnerability in Asterisk Manager Interface. This - would potentially allow remote authenticated users the ability to execute - commands on the system shell with the privileges of the user running the - Asterisk application. Please note that the README-SERIOUSLY.bestpractices.txt - file delivered with Asterisk has been updated due to this and other related - vulnerabilities fixed in previous versions of Asterisk. - - * When an IAX2 call is made using the credentials of a peer defined in a - dynamic Asterisk Realtime Architecture (ARA) backend, the ACL rules for that - peer are not applied to the call attempt. This allows for a remote attacker - who is aware of a peer's credentials to bypass the ACL rules set for that - peer. - - These issues and their resolutions are described in the security advisories. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2012-012 and AST-2012-013, which were released at the - same time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.11-cert7 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.7.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.7.1-digiumphones - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2012-012.pdf - * http://downloads.asterisk.org/pub/security/AST-2012-013.pdf- The Asterisk Development Team has announced the release of Asterisk 10.7.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 10.7.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release: - - * --- Fix deadlock potential with ast_set_hangupsource() calls. - (Closes issue ASTERISK-19801. Reported by Alec Davis) - - * --- Fix request routing issue when outboundproxy is used. - (Closes issue ASTERISK-20008. Reported by Marcus Hunger) - - * --- Set the Caller ID "tag" on peers even if remote party - information is present. - (Closes issue ASTERISK-19859. Reported by Thomas Arimont) - - * --- Fix NULL pointer segfault in ast_sockaddr_parse() - (Closes issue ASTERISK-20006. Reported by Michael L. Young) - - * --- Do not perform install on existing directories - (Closes issue ASTERISK-19492. Reported by Karl Fife) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.7.0- The Asterisk Development Team has announced the release of Asterisk 10.6.1. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 10.6.1 resolves an issue reported by the - community and would have not been possible without your participation. - Thank you! - - The following is the issue resolved in this release: - - * --- Remove a superfluous and dangerous freeing of an SSL_CTX. - (Closes issue ASTERISK-20074. Reported by Trevor Helmsley) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.6.1- The Asterisk Development Team has announced the release of Asterisk 10.6.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 10.6.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release: - - * --- format_mp3: Fix a possible crash in mp3_read(). - (Closes issue ASTERISK-19761. Reported by Chris Maciejewsk) - - * --- Fix local channel chains optimizing themselves out of a call. - (Closes issue ASTERISK-16711. Reported by Alec Davis) - - * --- Re-add LastMsgsSent value for SIP peers - (Closes issue ASTERISK-17866. Reported by Steve Davies) - - * --- Prevent sip_pvt refleak when an ast_channel outlasts its - corresponding sip_pvt. - (Closes issue ASTERISK-19425. Reported by David Cunningham) - - * --- Send more accurate identification information in dialog-info SIP - NOTIFYs. - (Closes issue ASTERISK-16735. Reported by Maciej Krajewski) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.6.0- The Asterisk Development Team is pleased to announce the first beta release of - Asterisk 11.0.0. This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - All interested users of Asterisk are encouraged to participate in the - Asterisk 11 testing process. Please report any issues found to the issue - tracker, https://issues.asterisk.org/jira. It is also very useful to see - successful test reports. Please post those to the asterisk-dev mailing list. - All Asterisk users are invited to participate in the #asterisk-testing channel - on IRC to work together in testing the many parts of Asterisk. - - Asterisk 11 is the next major release series of Asterisk. It will be a Long - Term Support (LTS) release, similar to Asterisk 1.8. For more information about - support time lines for Asterisk releases, see the Asterisk versions page: - https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions - - For important information regarding upgrading to Asterisk 11, please see the - Asterisk wiki: - - https://wiki.asterisk.org/wiki/display/AST/Upgrading+to+Asterisk+11 - - A short list of new features includes: - - * A new channel driver named chan_motif has been added which provides support - for Google Talk and Jingle in a single channel driver. This new channel - driver includes support for both audio and video, RFC2833 DTMF, all codecs - supported by Asterisk, hold, unhold, and ringing notification. It is also - compliant with the current Jingle specification, current Google Jingle - specification, and the original Google Talk protocol. - - * Support for the WebSocket transport for chan_sip. - - * SIP peers can now be configured to support negotiation of ICE candidates. - - * The app_page application now no longer depends on DAHDI or app_meetme. It - has been re-architected to use app_confbridge internally. - - * Hangup handlers can be attached to channels using the CHANNEL() function. - Hangup handlers will run when the channel is hung up similar to the h - extension; however, unlike an h extension, a hangup handler is associated with - the actual channel and will execute anytime that channel is hung up, - regardless of where it is in the dialplan. - - * Added pre-dial handlers for the Dial and Follow-Me applications. Pre-dial - allows you to execute a dialplan subroutine on a channel before a call is - placed but after the application performing a dial action is invoked. This - means that the handlers are executed after the creation of the caller/callee - channels, but before any actions have been taken to actually dial the callee - channels. - - * Log messages can now be easily associated with a certain call by looking at - a new unique identifier, "Call Id". Call ids are attached to log messages for - just about any case where it can be determined that the message is related - to a particular call. - - * Introduced Named ACLs as a new way to define Access Control Lists (ACLs) in - Asterisk. Unlike traditional ACLs defined in specific module configuration - files, Named ACLs can be shared across multiple modules. - - * The Hangup Cause family of functions and dialplan applications allow for - inspection of the hangup cause codes for each channel involved in a call. - This allows a dialplan writer to determine, for each channel, who hung up and - for what reason(s). - - * Two new functions have been added: FEATURE() and FEATUREMAP(). FEATURE() - lets you set some of the configuration options from the general section - of features.conf on a per-channel basis. FEATUREMAP() lets you customize - the key sequence used to activate built-in features, such as blindxfer, - and automon. - - * Support for named pickupgroups/callgroups, allowing any number of pickupgroups - and callgroups to be defined for several channel drivers. - - * IPv6 Support for AMI, AGI, ExternalIVR, and the SIP Security Event Framework. - - More information about the new features can be found on the Asterisk wiki: - - https://wiki.asterisk.org/wiki/display/AST/Asterisk+11+Documentation - - A full list of all new features can also be found in the CHANGES file. - - http://svnview.digium.com/svn/asterisk/branches/11/CHANGES - - For a full list of changes in the current release, please see the ChangeLog. - - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.0.0-beta1- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Perl 5.16 rebuild- The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.11 and Asterisk 1.8 and 10. The available security releases are - released as versions 1.8.11-cert4, 1.8.13.1, 10.5.2, and 10.5.2-digiumphones. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of Asterisk 1.8.11-cert4, 1.8.13.1, 10.5.2, and 10.5.2-digiumphones - resolve the following two issues: - - * If Asterisk sends a re-invite and an endpoint responds to the re-invite with - a provisional response but never sends a final response, then the SIP dialog - structure is never freed and the RTP ports for the call are never released. If - an attacker has the ability to place a call, they could create a denial of - service by using all available RTP ports. - - * If a single voicemail account is manipulated by two parties simultaneously, - a condition can occur where memory is freed twice causing a crash. - - These issues and their resolution are described in the security advisories. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2012-010 and AST-2012-011, which were released at the - same time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.11-cert4 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.13.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.5.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.5.2-digiumphones - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2012-010.pdf - * http://downloads.asterisk.org/pub/security/AST-2012-011.pdf- Perl 5.16 rebuild- The Asterisk Development Team has announced a security release for Asterisk 10. - This security release is released as version 10.5.1. - - The release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of Asterisk 10.5.1 resolves the following issue: - - * A remotely exploitable crash vulnerability was found in the Skinny (SCCP) - Channel driver. When an SCCP client sends an Off Hook message, followed by - a Key Pad Button Message, a structure that was previously set to NULL is - dereferenced. This allows remote authenticated connections the ability to - cause a crash in the server, denying services to legitimate users. - - This issue and its resolution is described in the security advisory. - - For more information about the details of this vulnerability, please read - security advisory AST-2012-009, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.5.1 - - The security advisory is available at: - - * http://downloads.asterisk.org/pub/security/AST-2012-009.pdf- The Asterisk Development Team has announced the release of Asterisk 10.5.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 10.5.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release: - - * --- Turn off warning message when bind address is set to any. - (Closes issue ASTERISK-19456. Reported by Michael L. Young) - - * --- Prevent overflow in calculation in ast_tvdiff_ms on 32-bit - machines - (Closes issue ASTERISK-19727. Reported by Ben Klang) - - * --- Make DAHDISendCallreroutingFacility wait 5 seconds for a reply - before disconnecting the call. - (Closes issue ASTERISK-19708. Reported by mehdi Shirazi) - - * --- Fix recalled party B feature flags for a failed DTMF atxfer. - (Closes issue ASTERISK-19383. Reported by lgfsantos) - - * --- Fix DTMF atxfer running h exten after the wrong bridge ends. - (Closes issue ASTERISK-19717. Reported by Mario) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.5.0- Perl 5.16 rebuild- The Asterisk Development Team has announced the release of Asterisk 10.4.2. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 10.4.2 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - * --- Resolve crash in subscribing for MWI notifications - (Closes issue ASTERISK-19827. Reported by B. R) - - * --- Fix crash in ConfBridge when user announcement is played for - more than 2 users - (Closes issue ASTERISK-19899. Reported by Florian Gilcher) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.4.2- The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.11 and Asterisk 1.8 and 10. The available security releases are - released as versions 1.8.11-cert2, 1.8.12.1, and 10.4.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of Asterisk 1.8.11-cert2, 1.8.12.1, and 10.4.1 resolve the following - two issues: - - * A remotely exploitable crash vulnerability exists in the IAX2 channel - driver if an established call is placed on hold without a suggested music - class. Asterisk will attempt to use an invalid pointer to the music - on hold class name, potentially causing a crash. - - * A remotely exploitable crash vulnerability was found in the Skinny (SCCP) - Channel driver. When an SCCP client closes its connection to the server, - a pointer in a structure is set to NULL. If the client was not in the - on-hook state at the time the connection was closed, this pointer is later - dereferenced. This allows remote authenticated connections the ability to - cause a crash in the server, denying services to legitimate users. - - These issues and their resolution are described in the security advisories. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2012-007 and AST-2012-008, which were released at the - same time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.11-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.12.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.4.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2012-007.pdf - * http://downloads.asterisk.org/pub/security/AST-2012-008.pdf- The Asterisk Development Team has announced the release of Asterisk 10.4.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 10.4.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - * --- Prevent chanspy from binding to zombie channels - (Closes issue ASTERISK-19493. Reported by lvl) - - * --- Fix Dial m and r options and forked calls generating warnings - for voice frames. - (Closes issue ASTERISK-16901. Reported by Chris Gentle) - - * --- Remove ISDN hold restriction for non-bridged calls. - (Closes issue ASTERISK-19388. Reported by Birger Harzenetter) - - * --- Fix copying of CDR(accountcode) to local channels. - (Closes issue ASTERISK-19384. Reported by jamicque) - - * --- Ensure Asterisk acknowledges ACKs to 4xx on Replaces errors - (Closes issue ASTERISK-19303. Reported by Jon Tsiros) - - * --- Eliminate double close of file descriptor in manager.c - (Closes issue ASTERISK-18453. Reported by Jaco Kroon) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.4.0- The Asterisk Development Team has announced security releases for Asterisk 1.6.2, - 1.8, and 10. The available security releases are released as versions 1.6.2.24, - 1.8.11.1, and 10.3.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of Asterisk 1.6.2.24, 1.8.11.1, and 10.3.1 resolve the following two - issues: - - * A permission escalation vulnerability in Asterisk Manager Interface. This - would potentially allow remote authenticated users the ability to execute - commands on the system shell with the privileges of the user running the - Asterisk application. - - * A heap overflow vulnerability in the Skinny Channel driver. The keypad - button message event failed to check the length of a fixed length buffer - before appending a received digit to the end of that buffer. A remote - authenticated user could send sufficient keypad button message events that the - buffer would be overrun. - - In addition, the release of Asterisk 1.8.11.1 and 10.3.1 resolve the following - issue: - - * A remote crash vulnerability in the SIP channel driver when processing UPDATE - requests. If a SIP UPDATE request was received indicating a connected line - update after a channel was terminated but before the final destruction of the - associated SIP dialog, Asterisk would attempt a connected line update on a - non-existing channel, causing a crash. - - These issues and their resolution are described in the security advisories. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2012-004, AST-2012-005, and AST-2012-006, which were - released at the same time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.24 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.11.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.3.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2012-004.pdf - * http://downloads.asterisk.org/pub/security/AST-2012-005.pdf - * http://downloads.asterisk.org/pub/security/AST-2012-006.pdf- Update to 10.3.0- Update to 10.2.1 from upstream. - Fix remote stack overflow in app_milliwatt. - Fix remote stack overflow, including possible code injection, in HTTP digest authentication handling. - Disable asterisk-corosync package, as it doesn't build right now. - Resolves: rhbz#804045, rhbz#804038, rhbz#804042- * Add patch extracted from upstream to build with Corosync since - OpenAIS is no longer available. - * Add PrivateTmp=true to systemd service file (#782478) - * Add some macros to make it easier to build with fewer dependencies - (with corresponding less functionality) (#787389) - * Add isa macros in a few places plus a few other changes to make it - easier to cross-compile. (#787779)- The Asterisk Development Team has announced the release of Asterisk 10.1.2. This - release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/ - - The release of Asterisk 10.1.2 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - * --- Fix SIP INFO DTMF handling for non-numeric codes --- - (Closes issue ASTERISK-19290. Reported by: Ira Emus) - - * --- Fix crash in ParkAndAnnounce --- - (Closes issue ASTERISK-19311. Reported-by: tootai) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.1.2- The Asterisk Development Team has announced the release of Asterisk 10.1.1. This - release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/ - - The release of Asterisk 10.1.1 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release: - - * --- Fixes deadlocks occuring in chan_agent --- - (Closes issue ASTERISK-19285. Reported by: Alex Villacis Lasso) - - * --- Ensure entering T.38 passthrough does not cause an infinite loop --- - (Closes issue ASTERISK-18951. Reported-by: Kristijan Vrban) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.1.1- The Asterisk Development Team is pleased to announce the release of - Asterisk 10.1.0. This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/ - - The release of Asterisk 10.1.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release: - - * AST-2012-001: prevent crash when an SDP offer - is received with an encrypted video stream when support for video - is disabled and res_srtp is loaded. (closes issue ASTERISK-19202) - Reported by: Catalin Sanda - - * Allow playback of formats that don't support seeking. ast_streamfile - previously did unconditional seeking on files that broke playback of - formats that don't support that functionality. This patch avoids the - seek that was causing the problem. - (closes issue ASTERISK-18994) Patched by: Timo Teras - - * Add pjmedia probation concepts to res_rtp_asterisk's learning mode. In - order to better handle RTP sources with strictrtp enabled (which is the - default setting in 10) using the learning mode to figure out new sources - when they change is handled by checking for a number of consecutive (by - sequence number) packets received to an rtp struct based on a new - configurable value called 'probation'. Also, during learning mode instead - of liberally accepting all packets received, we now reject packets until a - clear source has been determined. - - * Handle AST_CONTROL_UPDATE_RTP_PEER frames in local bridge loop. Failing - to handle AST_CONTROL_UPDATE_RTP_PEER frames in the local bridge loop - causes the loop to exit prematurely. This causes a variety of negative side - effects, depending on when the loop exits. This patch handles the frame by - essentially swallowing the frame in the local loop, as the current channel - drivers expect the RTP bridge to handle the frame, and, in the case of the - local bridge loop, no additional action is necessary. - (closes issue ASTERISK-19095) Reported by: Stefan Schmidt Tested - by: Matt Jordan - - * Fix timing source dependency issues with MOH. Prior to this patch, - res_musiconhold existed at the same module priority level as the timing - sources that it depends on. This would cause a problem when music on - hold was reloaded, as the timing source could be changed after - res_musiconhold was processed. This patch adds a new module priority - level, AST_MODPRI_TIMING, that the various timing modules are now loaded - at. This now occurs before loading other resource modules, such - that the timing source is guaranteed to be set prior to resolving - the timing source dependencies. - (closes issue ASTERISK-17474) Reporter: Luke H Tested by: Luke H, - Vladimir Mikhelson, zzsurf, Wes Van Tlghem, elguero, Thomas Arimont - Patched by elguero - - * Fix RTP reference leak. If a blind transfer were initiated using a - REFER without a prior reINVITE to place the call on hold, AND if Asterisk - were sending RTCP reports, then there was a reference leak for the - RTP instance of the transferrer. - (closes issue ASTERISK-19192) Reported by: Tyuta Vitali - - * Fix blind transfers from failing if an 'h' extension - is present. This prevents the 'h' extension from being run on the - transferee channel when it is transferred via a native transfer - mechanism such as SIP REFER. (closes issue ASTERISK-19173) Reported - by: Ross Beer Tested by: Kristjan Vrban Patches: ASTERISK-19173 by - Mark Michelson (license 5049) - - * Restore call progress code for analog ports. Extracting sig_analog - from chan_dahdi lost call progress detection functionality. Fix - analog ports from considering a call answered immediately after - dialing has completed if the callprogress option is enabled. - (closes issue ASTERISK-18841) - Reported by: Richard Miller Patched by Richard Miller - - * Fix regression that 'rtp/rtcp set debup ip' only works when a port - was also specified. - (closes issue ASTERISK-18693) Reported by: Davide Dal Reviewed by: - Walter Doekes - - For a full list of changes in this release candidate, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.1.0- Remove asterisk-ais. OpenAIS was removed from Fedora.- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Don't build API docs as the build never finishes- The Asterisk Development Team is proud to announce the release of - Asterisk 10.0.0. This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/ - - Asterisk 10 is the next major release series of Asterisk. It will be a - Standard support release, similar to Asterisk 1.6.2. For more information about - support time lines for Asterisk releases, see the Asterisk versions page: - - https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions - - With the release of the Asterisk 10 branch, the preceding '1.' has been removed - from the version number per the blog post available at - - - http://blogs.digium.com/2011/07/21/the-evolution-of-asterisk-or-how-we-arrived-at-asterisk-10/ - - The release of Asterisk 10 would not have been possible without the support and - contributions of the community. - - You can find an overview of the work involved with the 10.0.0 release in the - summary: - - http://svn.asterisk.org/svn/asterisk/tags/10.0.0/asterisk-10.0.0-summary.txt - - A short list of available features includes: - - * T.38 gateway functionality has been added to res_fax. - * Protocol independent out-of-call messaging support. Text messages not - associated with an active call can now be routed through the Asterisk - dialplan. SIP and XMPP are supported so far. - * New highly optimized and customizable ConfBridge application capable of mixing - audio at sample rates ranging from 8kHz-192kHz - * Addition of video_mode option in confbridge.conf to provide basic video - conferencing in the ConfBridge() dialplan application. - * Support for defining hints has been added to pbx_lua. - * Replacement of Berkeley DB with SQLite for the Asterisk Database (AstDB). - * Much, much more! - - A full list of new features can be found in the CHANGES file. - - http://svn.asterisk.org/svn/asterisk/branches/10/CHANGES - - Also, when upgrading a system between major versions, it is imperative that you - read and understand the contents of the UPGRADE.txt file, which is located at: - - http://svn.asterisk.org/svn/asterisk/branches/10/UPGRADE.txt- The Asterisk Development Team has announced the third release candidate of - Asterisk 10.0.0. This release candidate is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/ - - The release of Asterisk 10.0.0-rc3 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release candidate: - - * Add ASTSBINDIR to the list of configurable paths - - This patch also makes astdb2sqlite3 and astcanary use the configured - directory instead of relying on $PATH. - - * Don't crash on INFO automon request with no channel - - AST-2011-014. When automon was enabled in features.conf, it was possible - to crash Asterisk by sending an INFO request if no channel had been - created yet. - - * Fixed crash from orphaned MWI subscriptions in chan_sip - - This patch resolves the issue where MWI subscriptions are orphaned - by subsequent SIP SUBSCRIBE messages. - - * Fix a change in behavior in 'database show' from 1.8. - - In 1.8 and previous versions, one could use any fullword portion of - the key name, including the full key, to obtain the record. Until this - patch, this did not work for the full key. - - * Default to nat=yes; warn when nat in general and peer differ - - AST-2011-013. It is possible to enumerate SIP usernames when the general and - user/peer nat settings differ in whether to respond to the port a request is - sent from or the port listed for responses in the Via header. In 1.4 and - 1.6.2, this would mean if one setting was nat=yes or nat=route and the other - was either nat=no or nat=never. In 1.8 and 10, this would mean when one - was nat=force_rport and the other was nat=no. - - In order to address this problem, it was decided to switch the default - behavior to nat=yes/force_rport as it is the most commonly used option - and to strongly discourage setting nat per-peer/user when at all - possible. - - * Fixed SendMessage stripping extension from To: header in SIP MESSAGE - - When using the MessageSend application to send a SIP MESSAGE to a - non-peer, chan_sip stripped off the extension and failed to add it back - to the sip_pvt structure before transmitting. This patch adds the full - URI passed in from the message core to the sip_pvt structure. - - For a full list of changes in this release candidate, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.0.0-rc3- The Asterisk Development Team has announced the second release candidate of - Asterisk 10.0.0. This release candidate is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/ - - The release of Asterisk 10.0.0-rc2 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release candidate: - - * Ensure that a null vmexten does not cause a segfault - - * Fix issue with ConfBridge participants hanging up during DTMF feature - menu usage getting stuck in conference forever - (closes issue ASTERISK-18829) - Reported by: zvision - - * Fix app_macro.c MODULEINFO section termination - (closes issue ASTERISK-18848) - Reported by: Tony Mountifield - - For a full list of changes in this release candidate, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.0.0-rc2- The Asterisk Development Team is pleased to announce the first release candidate - of Asterisk 10.0.0. This release candidate is available for immediate download - at http://downloads.asterisk.org/pub/telephony/asterisk/ - - All Asterisk users are encouraged to participate in the Asterisk 10 testing - process. Please report any issues found to the issue tracker, - https://issues.asterisk.org/jira. It is also very useful to see successful test - reports. Please post those to the asterisk-dev mailing list. - - All Asterisk users are invited to participate in the #asterisk-testing - channel on IRC to work together in testing the many parts of Asterisk. - - Asterisk 10 is the next major release series of Asterisk. It will be a - Standard support release, similar to Asterisk 1.6.2. For more - information about support time lines for Asterisk releases, see the Asterisk - versions page: https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions - - A short list of features includes: - - * T.38 gateway functionality has been added to res_fax. - * Protocol independent out-of-call messaging support. Text messages not - associated with an active call can now be routed through the Asterisk - dialplan. SIP and XMPP are supported so far. - * New highly optimized and customizable ConfBridge application capable of mixing - audio at sample rates ranging from 8kHz-192kHz - (More information available at - https://wiki.asterisk.org/wiki/display/AST/ConfBridge+10 ) - * Addition of video_mode option in confbridge.conf to provide basic video - conferencing in the ConfBridge() dialplan application. - * Support for defining hints has been added to pbx_lua. - * Replacement of Berkeley DB with SQLite for the Asterisk Database (AstDB). - * Much, much more! - - A full list of new features can be found in the CHANGES file. - - http://svnview.digium.com/svn/asterisk/branches/10/CHANGES - - For a full list of changes in the current release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.0.0-rc1- Add patch from upstream SVN to fix AST-2011-012- Patch cleanup day- The Asterisk Development Team is pleased to announce the second beta release of - Asterisk 10.0.0. This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/ - - With the release of the Asterisk 10 branch, the preceding '1.' has been removed - from the version number per the blog post available at - http://blogs.digium.com/2011/07/21/the-evolution-of-asterisk-or-how-we-arrived-at-asterisk-10/ - - All interested users of Asterisk are encouraged to participate in the - Asterisk 10 testing process. Please report any issues found to the issue - tracker, https://issues.asterisk.org/jira. It is also very useful to see - successful test reports. Please post those to the asterisk-dev mailing list. - - All Asterisk users are invited to participate in the #asterisk-testing - channel on IRC to work together in testing the many parts of Asterisk. - - Asterisk 10 is the next major release series of Asterisk. It will be a - Standard support release, similar to Asterisk 1.6.2. For more - information about support time lines for Asterisk releases, see the Asterisk - versions page: https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions - - A short list of features includes: - - * T.38 gateway functionality has been added to res_fax. - - * Protocol independent out-of-call messaging support. Text messages not - associated with an active call can now be routed through the Asterisk - dialplan. SIP and XMPP are supported so far. - - * New highly optimized and customizable ConfBridge application capable of mixing - audio at sample rates ranging from 8kHz-192kHz - - * Addition of video_mode option in confbridge.conf to provide basic video - conferencing in the ConfBridge() dialplan application. - - * Support for defining hints has been added to pbx_lua. - - * Replacement of Berkeley DB with SQLite for the Asterisk Database (AstDB). - - * Much, much more! - - A full list of new features can be found in the CHANGES file. - - http://svnview.digium.com/svn/asterisk/branches/10/CHANGES - - For a full list of changes in the current release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.0.0-beta2- - The Asterisk Development Team is pleased to announce the first beta release of - Asterisk 10.0.0-beta1. This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/ - - With the release of the Asterisk 10 branch, the preceding '1.' has been removed - from the version number per the blog post available at - http://blogs.digium.com/2011/07/21/the-evolution-of-asterisk-or-how-we-arrived-at-asterisk-10/ - - All interested users of Asterisk are encouraged to participate in the - Asterisk 10 testing process. Please report any issues found to the issue - tracker, https://issues.asterisk.org/jira. It is also very useful to see - successful test reports. Please post those to the asterisk-dev mailing list. - - All Asterisk users are invited to participate in the #asterisk-testing - channel on IRC to work together in testing the many parts of Asterisk. - Additionally users can make use of the RPM and DEB packages now being built for - all Asterisk releases. More information available at - https://wiki.asterisk.org/wiki/display/AST/Asterisk+Packages - - Asterisk 10 is the next major release series of Asterisk. It will be a - Standard support release, similar to Asterisk 1.6.2. For more - information about support time lines for Asterisk releases, see the Asterisk - versions page: https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions - - A short list of included features includes: - - * T.38 gateway functionality has been added to res_fax. - * Protocol independent out-of-call messaging support. Text messages not - associated with an active call can now be routed through the Asterisk - dialplan. SIP and XMPP are supported so far. - * New highly optimized and customizable ConfBridge application capable of mixing - audio at sample rates ranging from 8kHz-192kHz - * Addition of video_mode option in confbridge.conf to provide basic video - conferencing in the ConfBridge() dialplan application. - * Support for defining hints has been added to pbx_lua. - * Replacement of Berkeley DB with SQLite for the Asterisk Database (AstDB). - * Much, much more! - - A full list of new features can be found in the CHANGES file. - - http://svn.digium.com/view/asterisk/branches/10/CHANGES?view=checkout - - For a full list of changes in the current release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.0.0-beta1- Perl mass rebuild- Perl mass rebuild- The Asterisk Development Team announces the release of Asterisk 1.8.5.0. This - release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/ - - The release of Asterisk 1.8.5.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release: - - * Fix Deadlock with attended transfer of SIP call - (Closes issue #18837. Reported, patched by alecdavis. Tested by Irontec, ZX81, - cmaj) - - * Fixes thread blocking issue in the sip TCP/TLS implementation. - (Closes issue #18497. Reported by vois. Patched by dvossel. Tested by vois, - rossbeer, kowalma, Freddi_Fonet) - - * Be more tolerant of what URI we accept for call completion PUBLISH requests. - (Closes issue #18946. Reported by GeorgeKonopacki. Patched by mmichelson) - - * Fix a nasty chanspy bug which was causing a channel leak every time a spied on - channel made a call. - (Closes issue #18742. Reported by jkister. Tested by jcovert, jrose) - - * This patch fixes a bug with MeetMe behavior where the 'P' option for always - prompting for a pin is ignored for the first caller. - (Closes issue #18070. Reported by mav3rick. Patched by bbryant) - - * Fix issue where Asterisk does not hangup a channel after endpoint hangs up. If - the call that the dialplan started an AGI script for is hungup while the AGI - script is in the middle of a command then the AGI script is not notified of - the hangup. - (Closes issue #17954, #18492. Reported by mn3250, devmod. Patched by rmudgett) - - * Resolve issue where leaving a voicemail, the MWI message is never sent. The - same thing happens when checking a voicemail and marking it as read. - (Closes issue ASTERISK-18002. Reported by Leif Madsen. Resolved by Richard - Mudgett) - - * Resolve issue where wait for leader with Music On Hold allows crosstalk - between participants. Parenthesis in the wrong position. Regression from issue - #14365 when expanding conference flags to use 64 bits. - (Closes issue #18418. Reported by MrHanMan. Patched by rmudgett) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.5.0- Rebuild for net-snmp 5.7- Fix systemd dependencies in EL6 and F15- The Asterisk Development Team has announced the first release candidate of - Asterisk 1.8.5. This release candidate is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/ - - The release of Asterisk 1.8.5-rc1 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release candidate: - - * Fix Deadlock with attended transfer of SIP call - (Closes issue #18837. Reported, patched by alecdavis. Tested by Irontec, ZX81, - cmaj) - - * Fixes thread blocking issue in the sip TCP/TLS implementation. - (Closes issue #18497. Reported by vois. Patched by dvossel. Tested by vois, - rossbeer, kowalma, Freddi_Fonet) - - * Be more tolerant of what URI we accept for call completion PUBLISH requests. - (Closes issue #18946. Reported by GeorgeKonopacki. Patched by mmichelson) - - * Fix a nasty chanspy bug which was causing a channel leak every time a spied on - channel made a call. - (Closes issue #18742. Reported by jkister. Tested by jcovert, jrose) - - * This patch fixes a bug with MeetMe behavior where the 'P' option for always - prompting for a pin is ignored for the first caller. - (Closes issue #18070. Reported by mav3rick. Patched by bbryant) - - * Fix issue where Asterisk does not hangup a channel after endpoint hangs up. If - the call that the dialplan started an AGI script for is hungup while the AGI - script is in the middle of a command then the AGI script is not notified of - the hangup. - (Closes issue #17954, #18492. Reported by mn3250, devmod. Patched by rmudgett) - - * Resolve issue where leaving a voicemail, the MWI message is never sent. The - same thing happens when checking a voicemail and marking it as read. - (Closes issue ASTERISK-18002. Reported by Leif Madsen. Resolved by Richard - Mudgett) - - * Resolve issue where wait for leader with Music On Hold allows crosstalk - between participants. Parenthesis in the wrong position. Regression from issue - #14365 when expanding conference flags to use 64 bits. - (Closes issue #18418. Reported by MrHanMan. Patched by rmudgett) - - * Fix timerfd locking issue. - (Closes ASTERISK-17867, ASTERISK-17415. Patched by kobaz) - - For a full list of changes in this release candidate, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.5-rc1- Fedora Directory Server -> 389 Directory Server- The Asterisk Development Team has announced the release of Asterisk - versions 1.4.41.2, 1.6.2.18.2, and 1.8.4.4, which are security - releases. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of Asterisk 1.4.41.2, 1.6.2.18.2, and 1.8.4.4 resolves the - following issue: - - AST-2011-011: Asterisk may respond differently to SIP requests from an - invalid SIP user than it does to a user configured on the system, even - when the alwaysauthreject option is set in the configuration. This can - leak information about what SIP users are valid on the Asterisk - system. - - For more information about the details of this vulnerability, please - read the security advisory AST-2011-011, which was released at the - same time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.41.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.18.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.4.4 - - Security advisory AST-2011-011 is available at: - - http://downloads.asterisk.org/pub/security/AST-2011-011.pdf- Don't forget stereorize- Move /var/run/asterisk to /run/asterisk - Add comments to systemd service file on how to mimic safe_asterisk functionality - Build more of the optional binaries - Install the tmpfiles.d configuration on Fedora 15- The Asterisk Development Team has announced the release of Asterisk versions - 1.4.41.1, 1.6.2.18.1, and 1.8.4.3, which are security releases. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of Asterisk 1.4.41.1, 1.6.2.18, and 1.8.4.3 resolves several issues - as outlined below: - - * AST-2011-008: If a remote user sends a SIP packet containing a null, - Asterisk assumes available data extends past the null to the - end of the packet when the buffer is actually truncated when - copied. This causes SIP header parsing to modify data past - the end of the buffer altering unrelated memory structures. - This vulnerability does not affect TCP/TLS connections. - -- Resolved in 1.6.2.18.1 and 1.8.4.3 - - * AST-2011-009: A remote user sending a SIP packet containing a Contact header - with a missing left angle bracket (<) causes Asterisk to - access a null pointer. - -- Resolved in 1.8.4.3 - - * AST-2011-010: A memory address was inadvertently transmitted over the - network via IAX2 via an option control frame and the remote party would try - to access it. - -- Resolved in 1.4.41.1, 1.6.2.18.1, and 1.8.4.3 - - The issues and resolutions are described in the AST-2011-008, AST-2011-009, and - AST-2011-010 security advisories. - - For more information about the details of these vulnerabilities, please read - the security advisories AST-2011-008, AST-2011-009, and AST-2011-010, which were - released at the same time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.41.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.18.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.4.3 - - Security advisories AST-2011-008, AST-2011-009, and AST-2011-010 are available - at: - - http://downloads.asterisk.org/pub/security/AST-2011-008.pdf - http://downloads.asterisk.org/pub/security/AST-2011-009.pdf - http://downloads.asterisk.org/pub/security/AST-2011-010.pdf- Convert to systemd- Perl mass rebuild- Perl 5.14 mass rebuild- - The Asterisk Development Team has announced the release of Asterisk - version 1.8.4.2, which is a security release for Asterisk 1.8. - - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of Asterisk 1.8.4.2 resolves an issue with SIP URI - parsing which can lead to a remotely exploitable crash: - - Remote Crash Vulnerability in SIP channel driver (AST-2011-007) - - The issue and resolution is described in the AST-2011-007 security - advisory. - - For more information about the details of this vulnerability, please - read the security advisory AST-2011-007, which was released at the - same time as this announcement. - - For a full list of changes in the current release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.4.2 - - Security advisory AST-2011-007 is available at: - - http://downloads.asterisk.org/pub/security/AST-2011-007.pdf - - The Asterisk Development Team has announced the release of Asterisk 1.8.4.1. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/ - - The release of Asterisk 1.8.4.1 resolves several issues reported by the - community. Without your help this release would not have been possible. - Thank you! - - Below is a list of issues resolved in this release: - - * Fix our compliance with RFC 3261 section 18.2.2. (aka Cisco phone fix) - (Closes issue #18951. Reported by jmls. Patched by wdoekes) - - * Resolve a change in IPv6 header parsing due to the Cisco phone fix issue. - This issue was found and reported by the Asterisk test suite. - (Closes issue #18951. Patched by mnicholson) - - * Resolve potential crash when using SIP TLS support. - (Closes issue #19192. Reported by stknob. Patched by Chainsaw. Tested by - vois, Chainsaw) - - * Improve reliability when using SIP TLS. - (Closes issue #19182. Reported by st. Patched by mnicholson) - - - For a full list of changes in this release candidate, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.4.1 - The Asterisk Development Team has announced the release of Asterisk 1.8.4. This - release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/ - - The release of Asterisk 1.8.4 resolves several issues reported by the community. - Without your help this release would not have been possible. Thank you! - - Below is a sample of the issues resolved in this release: - - * Use SSLv23_client_method instead of old SSLv2 only. - (Closes issue #19095, #19138. Reported, patched by tzafrir. Tested by russell - and chazzam. - - * Resolve crash in ast_mutex_init() - (Patched by twilson) - - * Resolution of several DTMF based attended transfer issues. - (Closes issue #17999, #17096, #18395, #17273. Reported by iskatel, gelo, - shihchuan, grecco. Patched by rmudgett) - - NOTE: Be sure to read the ChangeLog for more information about these changes. - - * Resolve deadlocks related to device states in chan_sip - (Closes issue #18310. Reported, patched by one47. Patched by jpeeler) - - * Resolve an issue with the Asterisk manager interface leaking memory when - disabled. - (Reported internally by kmorgan. Patched by russellb) - - * Support greetingsfolder as documented in voicemail.conf.sample. - (Closes issue #17870. Reported by edhorton. Patched by seanbright) - - * Fix channel redirect out of MeetMe() and other issues with channel softhangup - (Closes issue #18585. Reported by oej. Tested by oej, wedhorn, russellb. - Patched by russellb) - - * Fix voicemail sequencing for file based storage. - (Closes issue #18498, #18486. Reported by JJCinAZ, bluefox. Patched by - jpeeler) - - * Set hangup cause in local_hangup so the proper return code of 486 instead of - 503 when using Local channels when the far sides returns a busy. Also affects - CCSS in Asterisk 1.8+. - (Patched by twilson) - - * Fix issues with verbose messages not being output to the console. - (Closes issue #18580. Reported by pabelanger. Patched by qwell) - - * Fix Deadlock with attended transfer of SIP call - (Closes issue #18837. Reported, patched by alecdavis. Tested by - alecdavid, Irontec, ZX81, cmaj) - - Includes changes per AST-2011-005 and AST-2011-006 - For a full list of changes in this release candidate, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.4 - - Information about the security releases are available at: - - http://downloads.asterisk.org/pub/security/AST-2011-005.pdf - http://downloads.asterisk.org/pub/security/AST-2011-006.pdf- The Asterisk Development Team has announced security releases for Asterisk - branches 1.4, 1.6.1, 1.6.2, and 1.8. The available security releases are - released as versions 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The releases of Asterisk 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3 resolve two - issues: - - * File Descriptor Resource Exhaustion (AST-2011-005) - * Asterisk Manager User Shell Access (AST-2011-006) - - The issues and resolutions are described in the AST-2011-005 and AST-2011-006 - security advisories. - - For more information about the details of these vulnerabilities, please read the - security advisories AST-2011-005 and AST-2011-006, which were released at the - same time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.40.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.1.25 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.3 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.3.3 - - Security advisory AST-2011-005 and AST-2011-006 are available at: - - http://downloads.asterisk.org/pub/security/AST-2011-005.pdf - http://downloads.asterisk.org/pub/security/AST-2011-006.pdf- Bump release and rebuild for mysql 5.5.10 soname change.- The Asterisk Development Team has announced security releases for Asterisk - branches 1.6.1, 1.6.2, and 1.8. The available security releases are - released as versions 1.6.1.24, 1.6.2.17.2, and 1.8.3.2. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - ** This is a re-release of Asterisk 1.6.1.23, 1.6.2.17.1 and 1.8.3.1 which - contained a bug which caused duplicate manager entries (issue #18987). - - The releases of Asterisk 1.6.1.24, 1.6.2.17.2, and 1.8.3.2 resolve two issues: - - * Resource exhaustion in Asterisk Manager Interface (AST-2011-003) - * Remote crash vulnerability in TCP/TLS server (AST-2011-004) - - The issues and resolutions are described in the AST-2011-003 and AST-2011-004 - security advisories. - - For more information about the details of these vulnerabilities, please read the - security advisories AST-2011-003 and AST-2011-004, which were released at the - same time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.1.24 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.3.2 - - Security advisory AST-2011-003 and AST-2011-004 are available at: - - http://downloads.asterisk.org/pub/security/AST-2011-003.pdf - http://downloads.asterisk.org/pub/security/AST-2011-004.pdf- The Asterisk Development Team has announced security releases for Asterisk - branches 1.6.1, 1.6.2, and 1.8. The available security releases are - released as versions 1.6.1.23, 1.6.2.17.1, and 1.8.3.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The releases of Asterisk 1.6.1.23, 1.6.2.17.1, and 1.8.3.1 resolve two issues: - - * Resource exhaustion in Asterisk Manager Interface (AST-2011-003) - * Remote crash vulnerability in TCP/TLS server (AST-2011-004) - - The issues and resolutions are described in the AST-2011-003 and AST-2011-004 - security advisories. - - For more information about the details of these vulnerabilities, please read the - security advisories AST-2011-003 and AST-2011-004, which were released at the - same time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.1.23 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.3.1 - - Security advisory AST-2011-003 and AST-2011-004 are available at: - - http://downloads.asterisk.org/pub/security/AST-2011-003.pdf - http://downloads.asterisk.org/pub/security/AST-2011-004.pdf- The Asterisk Development Team has announced the release of Asterisk 1.8.3. This - release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/ - - The release of Asterisk 1.8.3 resolves several issues reported by the community - and would have not been possible without your participation. Thank you! - - The following is a sample of the issues resolved in this release: - - * Resolve duplicated data in the AstDB when using DIALGROUP() - (Closes issue #18091. Reported by bunny. Patched by tilghman) - - * Ensure the ipaddr field in realtime is large enough to handle IPv6 addresses. - (Closes issue #18464. Reported, patched by IgorG) - - * Reworking parsing of mwi => lines to resolve a segfault. Also add a set of - unit tests for the function that does the parsing. - (Closes issue #18350. Reported by gbour. Patched by Marquis) - - * When using cdr_pgsql the billsec field was not populated correctly on - unanswered calls. - (Closes issue #18406. Reported by joscas. Patched by tilghman) - - * Resolve memory leak in iCalendar and Exchange calendaring modules. - (Closes issue #18521. Reported, patched by pitel. Tested by cervajs) - - * This version of Asterisk includes the new Compiler Flags option - BETTER_BACKTRACES which uses libbfd to search for better symbol information - within both the Asterisk binary, as well as loaded modules, to assist when - using inline backtraces to track down problems. - (Patched by tilghman) - - * Resolve issue where no Music On Hold may be triggered when using - res_timing_dahdi. - (Closes issues #18262. Reported by francesco_r. Patched by cjacobson. Tested - by francesco_r, rfrantik, one47) - - * Resolve a memory leak when the Asterisk Manager Interface is disabled. - (Reported internally by kmorgan. Patched by russellb) - - * Reimplemented fax session reservation to reverse the ABI breakage introduced - in r297486. - (Reported internally. Patched by mnicholson) - - * Fix regression that changed behavior of queues when ringing a queue member. - (Closes issue #18747, #18733. Reported by vrban. Patched by qwell.) - - * Resolve deadlock involving REFER. - (Closes issue #18403. Reported, tested by jthurman. Patched by jpeeler.) - - Additionally, this release has the changes related to security bulletin - AST-2011-002 which can be found at - http://downloads.asterisk.org/pub/security/AST-2011-002.pdf - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.3- - The Asterisk Development Team has announced the third release candidate of - Asterisk 1.8.3. This release candidate is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/ - - The release of Asterisk 1.8.3-rc3 resolves the following issues in addition to - those included in 1.8.3-rc1 and 1.8.3-rc2: - - * Fix regression that changed behavior of queues when ringing a queue member. - (Closes issue #18747, #18733. Reported by vrban. Patched by qwell.) - - * Resolve deadlock involving REFER. - (Closes issue #18403. Reported, tested by jthurman. Patched by jpeeler.) - - For a full list of changes in this release candidate, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.3-rc3- Bump release to build for F15- Remove isa macros- Make library dependencies architecture specific- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_RebuildThe Asterisk Development Team has announced the second release candidate of Asterisk 1.8.3. This release candidate is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/ The release of Asterisk 1.8.3-rc2 resolves the following issues in addition to those included in 1.8.3-rc1: * Resolve issue where no Music On Hold may be triggered when using res_timing_dahdi. (Closes issues #18262. Reported by francesco_r. Patched by cjacobson. Tested by francesco_r, rfrantik, one47) * Resolve a memory leak when the Asterisk Manager Interface is disabled. (Reported internally by kmorgan. Patched by russellb) * Reimplemented fax session reservation to reverse the ABI breakage introduced in r297486. (Reported internally. Patched by mnicholson) For a full list of changes in this release candidate, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.3-rc2- - The Asterisk Development Team has announced the first release candidate of - Asterisk 1.8.3. This release candidate is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/ - - The release of Asterisk 1.8.3-rc1 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release candidate: - - * Resolve duplicated data in the AstDB when using DIALGROUP() - (Closes issue #18091. Reported by bunny. Patched by tilghman) - - * Ensure the ipaddr field in realtime is large enough to handle IPv6 addresses. - (Closes issue #18464. Reported, patched by IgorG) - - * Reworking parsing of mwi => lines to resolve a segfault. Also add a set of - unit tests for the function that does the parsing. - (Closes issue #18350. Reported by gbour. Patched by Marquis) - - * When using cdr_pgsql the billsec field was not populated correctly on - unanswered calls. - (Closes issue #18406. Reported by joscas. Patched by tilghman) - - * Resolve memory leak in iCalendar and Exchange calendaring modules. - (Closes issue #18521. Reported, patched by pitel. Tested by cervajs) - - * This version of Asterisk includes the new Compiler Flags option - BETTER_BACKTRACES which uses libbfd to search for better symbol information - within both the Asterisk binary, as well as loaded modules, to assist when - using inline backtraces to track down problems. - (Patched by tilghman)- - The Asterisk Development Team has announced the release of Asterisk 1.8.2.3. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/ - - The release of Asterisk 1.8.2.3 resolves the following issue: - - * Reimplemented fax session reservation to reverse the ABI breakage introduced - in r297486. - (Reported by Jeremy Kister on the asterisk-users mailing list. Patched by - mnicholson) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.2.3- Build with SRTP support- - The Asterisk Development Team has announced a release for the security issue - described in AST-2011-001. - - Due to a failed merge, Asterisk 1.8.2.1 which should have included the security - fix did not. Asterisk 1.8.2.2 contains the the changes which should have been - included in Asterisk 1.8.2.1. - - This releases is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The releases of Asterisk 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.2, - 1.8.1.2, and 1.8.2.2 resolve an issue when forming an outgoing SIP request while - in pedantic mode, which can cause a stack buffer to be made to overflow if - supplied with carefully crafted caller ID information. The issue and resolution - are described in the AST-2011-001 security advisory. - - For more information about the details of this vulnerability, please read the - security advisory AST-2011-001, which was released at the same time as this - announcement. - - For a full list of changes in the current release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.2.2 - - Security advisory AST-2011-001 is available at: - - http://downloads.asterisk.org/pub/security/AST-2011-001.pdf- - The Asterisk Development Team has announced security releases for the following - versions of Asterisk: - - * 1.4.38.1 - * 1.4.39.1 - * 1.6.1.21 - * 1.6.2.15.1 - * 1.6.2.16.1 - * 1.8.1.2 - * 1.8.2.1 - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The releases of Asterisk 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.2, - 1.8.1.2, and 1.8.2.1 resolve an issue when forming an outgoing SIP request while - in pedantic mode, which can cause a stack buffer to be made to overflow if - supplied with carefully crafted caller ID information. The issue and resolution - are described in the AST-2011-001 security advisory. - - For more information about the details of this vulnerability, please read the - security advisory AST-2011-001, which was released at the same time as this - announcement. - - For a full list of changes in the current releases, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.38.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.39.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.1.21 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.15.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.16.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.1.2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.2.1 - - Security advisory AST-2011-001 is available at: - - http://downloads.asterisk.org/pub/security/AST-2011-001.pdf- - The Asterisk Development Team has announced the release of Asterisk 1.8.2. This - release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/ - - The release of Asterisk 1.8.2 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release: - - * 'sip notify clear-mwi' needs terminating CRLF. - (Closes issue #18275. Reported, patched by klaus3000) - - * Patch for deadlock from ordering issue between channel/queue locks in - app_queue (set_queue_variables). - (Closes issue #18031. Reported by rain. Patched by bbryant) - - * Fix cache of device state changes for multiple servers. - (Closes issue #18284, #18280. Reported, tested by klaus3000. Patched, tested - by russellb) - - * Resolve issue where channel redirect function (CLI or AMI) hangs up the call - instead of redirecting the call. - (Closes issue #18171. Reported by: SantaFox) - (Closes issue #18185. Reported by: kwemheuer) - (Closes issue #18211. Reported by: zahir_koradia) - (Closes issue #18230. Reported by: vmarrone) - (Closes issue #18299. Reported by: mbrevda) - (Closes issue #18322. Reported by: nerbos) - - * Fix reloading of peer when a user is requested. Prevent peer reloading from - causing multiple MWI subscriptions to be created when using realtime. - (Closes issue #18342. Reported, patched by nivek.) - - * Fix XMPP PubSub-based distributed device state. Initialize pubsubflags to 0 - so res_jabber doesn't think there is already an XMPP connection sending - device state. Also clean up CLI commands a bit. - (Closes issue #18272. Reported by klaus3000. Patched by Marquis42) - - * Don't crash after Set(CDR(userfield)=...) in ast_bridge_call. Instead of - setting peer->cdr = NULL, set it to not post. - (Closes issue #18415. Reported by macbrody. Patched, tested by jsolares) - - * Fixes issue with outbound google voice calls not working. Thanks to az1234 - and nevermind_quack for their input in helping debug the issue. - (Closes issue #18412. Reported by nevermind_quack. Patched by dvossel) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.2- - The Asterisk Development Team has announced the release of Asterisk 1.8.1.1. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/ - - The release of Asterisk 1.8.1.1 resolves two issues reported by the community - since the release of Asterisk 1.8.1. - - * Don't crash after Set(CDR(userfield)=...) in ast_bridge_call. Instead of - setting peer->cdr = NULL, set it to not post. - (Closes issue #18415. Reported by macbrody. Patched, tested by jsolares) - - * Fixes issue with outbound google voice calls not working. Thanks to az1234 - and nevermind_quack for their input in helping debug the issue. - (Closes issue #18412. Reported by nevermind_quack. Patched by dvossel) - - For a full list of changes in this release candidate, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.1.1- - The Asterisk Development Team has announced the release of Asterisk 1.8.1. This - release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/ - - The release of Asterisk 1.8.1 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release: - - * Fix issue when using directmedia. Asterisk needs to limit the codecs offered - to just the ones that both sides recognize, otherwise they may end up sending - audio that the other side doesn't understand. - (Closes issue #17403. Reported, patched by one47. Tested by one47, falves11) - - * Resolve issue where Party A in an analog 3-way call would continue to hear - ringback after party C answers. - (Patched by rmudgett) - - * Fix playback failure when using IAX with the timerfd module. - (Closes issue #18110. Reported, tested by tpanton. Patched by jpeeler) - - * Fix problem with qualify option packets for realtime peers never stopping. - The option packets not only never stopped, but if a realtime peer was not in - the peer list multiple options dialogs could accumulate over time. - (Closes issue #16382. Reported by lftsy. Tested by zerohalo. Patched by - jpeeler) - - * Fix issue where it is possible to crash Asterisk by feeding the curl engine - invalid data. - (Closes issue #18161. Reported by wdoekes. Patched by tilghman) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.1- dont package up the ices bits on el the client doesnt exist for us- dont build the 389 directory server package its not available on rhel6- dont always build AIS modules we dont have the BuildRequires on epel- Rebuild for new net-snmp.- Always build AIS modules- The Asterisk Development Team is proud to announce the release of Asterisk - 1.8.0. This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/ - - Asterisk 1.8 is the next major release series of Asterisk. It will be a Long - Term Support (LTS) release, similar to Asterisk 1.4. For more information about - support time lines for Asterisk releases, see the Asterisk versions page. - - http://www.asterisk.org/asterisk-versions - - The release of Asterisk 1.8.0 would not have been possible without the support - and contributions of the community. Since Asterisk 1.6.2, we've had over 500 - reporters, more than 300 testers and greater than 200 developers contributed to - this release. - - You can find a summary of the work involved with the 1.8.0 release in the - sumary: - - http://svn.asterisk.org/svn/asterisk/tags/1.8.0/asterisk-1.8.0-summary.txt - - A short list of available features includes: - - * Secure RTP - * IPv6 Support in the SIP channel driver - * Connected Party Identification Support - * Calendaring Integration - * A new call logging system, Channel Event Logging (CEL) - * Distributed Device State using Jabber/XMPP PubSub - * Call Completion Supplementary Services support - * Advice of Charge support - * Much, much more! - - A full list of new features can be found in the CHANGES file. - - http://svn.digium.com/view/asterisk/branches/1.8/CHANGES?view=markup - - For a full list of changes in the current release candidate, please see the - ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.0 - - Thank you for your continued support of Asterisk!- - The release of Asterisk 1.8.0-rc5 was triggered by some last minute platform - compatibility IPv6 changes. In addition, the availability of the English sound - prompts with Australian accents has been added. - - A full list of new features can be found in the CHANGES file. - - http://svn.digium.com/view/asterisk/branches/1.8/CHANGES?view=markup - - For a full list of changes in the current release candidate, please see the - ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.0-rc5 - - This release candidate contains fixes since the last release candidate as - reported by the community. A sampling of the changes in this release candidate - include: - - * Additional fixups in chan_gtalk that allow outbound calls to both Google - Talk and Google Voice recipients. Adds new chan_gtalk enhancements externip - and stunaddr. - (Closes issue #13971. Patched by dvossel) - - * Resolve manager crash issue. - (Closes issue #17994. Reported by vrban. Patchd by dvossel) - - * Documentation updates for sample configuration files. - (Closes issues #18107, #18101. Reported, patched by lathama, lmadsen) - - * Resolve issue where faxdetect would only detect the first fax call in - chan_dahdi. - (Closes issue #18116. Reported by seandarcy. Patched by rmudgett) - - * Resolve issue where a channel that is setup and torn down *very* quickly may - not have the right call disposition or ${DIALSTATUS}. - (Closes issue #16946. Reported by davidw. Review - https://reviewboard.asterisk.org/r/740/) - - * Set TCLASS field of IPv6 header when SIP QoS options are set. - (Closes issue #18099. Reported by jamesnet. Patched by dvossel) - - * Resolve issue where Asterisk could crash on shutdown when using SRTP. - (Closes issue #18085. Reported by st. Patched by twilson) - - * Fix issue where peers host port would be lost on a SIP reload. - (Closes issue #18135. Reported, tested by lmadsen. Patched by dvossel) - - A short list of available features includes: - - * Secure RTP - * IPv6 Support in the SIP channel driver - * Connected Party Identification Support - * Calendaring Integration - * A new call logging system, Channel Event Logging (CEL) - * Distributed Device State using Jabber/XMPP PubSub - * Call Completion Supplementary Services support - * Advice of Charge support - * Much, much more! - - A full list of new features can be found in the CHANGES file. - - http://svn.digium.com/view/asterisk/branches/1.8/CHANGES?view=markup - - For a full list of changes in the current release candidate, please see the - ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.0-rc4- This release candidate contains fixes since the release candidate as reported by - the community. A sampling of the changes in this release candidate include: - - * Still build chan_sip even if res_crypto cannot be built (use, but not depend) - (Reported by a user on the mailing list. Patched by tilghman) - - * Get notifications for call files only when a file is closed, not when created - (Closes issue #17924. Reported by mkeuter. Patched by abeldeck) - - * Fixes to chan_gtalk to allow outbound DTMF support to work correctly. Gtalk - expects the DTMF to arrive on the RTP stream and not via jingle DTMF - signalling. - (Patched by dvossel. Tested by malcolmd) - - * Fixes to allow chan_gtalk to communicate with the Gmail web client. - (Patched by phsultan and dvossel) - - * Fix to GET DATA to allow audio to be streamed via an AGI. - (Closes issue #18001. Reported by jamicque. Patched by tilghman) - - * Resolve dnsmgr memory corruption in chan_iax2. - (Closes issue #17902. Reported by afried. Patched by russell, dvossel) - - A short list of available features includes: - - * Secure RTP - * IPv6 Support in the SIP channel driver - * Connected Party Identification Support - * Calendaring Integration - * A new call logging system, Channel Event Logging (CEL) - * Distributed Device State using Jabber/XMPP PubSub - * Call Completion Supplementary Services support - * Advice of Charge support - * Much, much more! - - A full list of new features can be found in the CHANGES file. - - http://svn.digium.com/view/asterisk/branches/1.8/CHANGES?view=checkout - - For a full list of changes in the current release candidate, please see the - ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.0-rc3- This release candidate contains fixes since the last beta release as reported by - the community. A sampling of the changes in this release candidate include: - - * Add slin16 support for format_wav (new wav16 file extension) - (Closes issue #15029. Reported, patched by andrew. Tested by Qwell) - - * Fixes a bug in manager.c where the default configuration values weren't reset - when the manager configuration was reloaded. - (Closes issue #17917. Reported by lmadsen. Patched by bbryant) - - * Various fixes for the calendar modules. - (Patched by Jan Kalab. - Reviewboard: https://reviewboard.asterisk.org/r/880/ - Closes issue #17877. Review: https://reviewboard.asterisk.org/r/916/ - Closes issue #17776. Review: https://reviewboard.asterisk.org/r/921/) - - * Add CHANNEL(checkhangup) to check whether a channel is in the process of - being hung up. - (Closes issue #17652. Reported, patched by kobaz) - - * Fix a bug with MeetMe where after announcing the amount of time left in a - conference, if music on hold was playing, it doesn't restart. - (Closes issue #17408, Reported, patched by sysreq) - - * Fix interoperability problems with session timer behavior in Asterisk. - (Closes issue #17005. Reported by alexcarey. Patched by dvossel) - - * Rate limit calls to fsync() to 1 per second after astdb updates. Astdb was - determined to be one of the most significant bottlenecks in SIP registration - processing. This patch improved the speed of an astdb load test by 50000% - (yes, Fifty-Thousand Percent). On this particular load test setup, this - doubled the number of SIP registrations the server could handle. - (Review: https://reviewboard.asterisk.org/r/825/) - - * Don't clear the username from a realtime database when a registration - expires. Non-realtime chan_sip does not clear the username from memory when a - registration expiries so realtime probably shouldn't either. - (Closes issue #17551. Reported, patched by: ricardolandim. Patched by - mnicholson) - - * Don't hang up a call on an SRTP unprotect failure. Also make it more obvious - when there is an issue en/decrypting. - (Closes issue #17563. Reported by Alexcr. Patched by sfritsch. Tested by - twilson) - - * Many more issues. This is a significant upgrade over Asterisk 1.8.0 beta 5! - - A short list of available features includes: - - * Secure RTP - * IPv6 Support in the SIP channel driver - * Connected Party Identification Support - * Calendaring Integration - * A new call logging system, Channel Event Logging (CEL) - * Distributed Device State using Jabber/XMPP PubSub - * Call Completion Supplementary Services support - * Advice of Charge support - * Much, much more! - - A full list of new features can be found in the CHANGES file. - - http://svn.digium.com/view/asterisk/branches/1.8/CHANGES?view=checkout - - For a full list of changes in the current release candidate, please see the - ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.0-rc2- This release contains fixes since the last beta release as reported by the - community. A sampling of the changes in this release include: - - * Fix issue where TOS is no longer set on RTP packets. - (Closes issue #17890. Reported, patched by elguero) - - * Change pedantic default value in chan_sip from 'no' to 'yes' - - * Asterisk now dynamically builds the "Supported" header depending on what is - enabled/disabled in sip.conf. Session timers used to always be advertised as - being supported even when they were disabled in the configuration. - (Related to issue #17005. Patched by dvossel) - - * Convert MOH to use generic timers. - (Closes issue #17726. Reported by lmadsen. Patched by tilghman) - - * Fix SRTP for changing SSRC and multiple a=crypto SDP lines. Adding code to - Asterisk that changed the SSRC during bridges and masquerades broke SRTP - functionality. Also broken was handling the situation where an incoming - INVITE had more than one crypto offer. - (Closes issue #17563. Reported by Alexcr. Patched by twilson) - - Asterisk 1.8 contains many new features over previous releases of Asterisk. - A short list of included features includes: - - * Secure RTP - * IPv6 Support in the SIP Channel - * Connected Party Identification Support - * Calendaring Integration - * A new call logging system, Channel Event Logging (CEL) - * Distributed Device State using Jabber/XMPP PubSub - * Call Completion Supplementary Services support - * Advice of Charge support - * Much, much more! - - A full list of new features can be found in the CHANGES file. - - http://svn.digium.com/view/asterisk/branches/1.8/CHANGES?view=checkout - - For a full list of changes in the current release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.0-beta5- This release contains fixes since the last beta release as reported by the - community. A sampling of the changes in this release include: - - * Fix parsing of IPv6 address literals in outboundproxy - (Closes issue #17757. Reported by oej. Patched by sperreault) - - * Change the default value for alwaysauthreject in sip.conf to "yes". - (Closes issue #17756. Reported by oej) - - * Remove current STUN support from chan_sip.c. This change removes the current - broken/useless STUN support from chan_sip. - (Closes issue #17622. Reported by philipp2. - Review: https://reviewboard.asterisk.org/r/855/) - - * PRI CCSS may use a stale dial string for the recall dial string. If an - outgoing call negotiates a different B channel than initially requested, the - saved original dial string was not transferred to the new B channel. CCSS - uses that dial string to generate the recall dial string. - (Patched by rmudgett) - - * Split _all_ arguments before parsing them. This fixes multicast RTP paging - using linksys mode. - (Patched by russellb) - - * Expand cel_custom.conf.sample. Include the usage of CSV_QUOTE() to ensure - data has valid CSV formatting. Also list the special CEL variables that are - available for use in the mapping. There are also several other CEL fixes in - this release. - (Patched by russellb) - - Asterisk 1.8 contains many new features over previous releases of Asterisk. - A short list of included features includes: - - * Secure RTP - * IPv6 Support in the SIP Channel - * Connected Party Identification Support - * Calendaring Integration - * A new call logging system, Channel Event Logging (CEL) - * Distributed Device State using Jabber/XMPP PubSub - * Call Completion Supplementary Services support - * Advice of Charge support - * Much, much more! - - A full list of new features can be found in the CHANGES file. - - http://svn.digium.com/view/asterisk/branches/1.8/CHANGES?view=checkout - - For a full list of changes in the current release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.0-beta4- - This release contains fixes since the last beta release as reported by the - community. A sampling of the changes in this release include: - - * Fix a regression where HTTP would always be enabled regardless of setting. - (Closes issue #17708. Reported, patched by pabelanger) - - * ACL errors displayed on screen when using dynamic_exclude_static in sip.conf - (Closes issue #17717. Reported by Dennis DeDonatis. Patched by mmichelson) - - * Support "channels" in addition to "channel" in chan_dahdi.conf. - (https://reviewboard.asterisk.org/r/804) - - * Fix parsing error in sip_sipredirect(). The code was written in a way that - did a bad job of parsing the port out of a URI. Specifically, it would do - badly when dealing with an IPv6 address. - (Closes issue #17661. Reported by oej. Patched by mmichelson) - - * Fix inband DTMF detection on outgoing ISDN calls. - (Patched by russellb and rmudgett) - - * Fixes issue with translator frame not getting freed. This issue prevented - g729 licenses from being freed up. - (Closes issue #17630. Reported by manvirr. Patched by dvossel) - - * Fixed IPv6-related SIP parsing bugs and updated documention. - (Reported by oej. Patched by sperreault) - - * Add new, self-contained feature FIELDNUM(). Returns a 1-based index into a - list of a specified item. Matches up with FIELDQTY() and CUT(). - (Closes #17713. Reported, patched by gareth. Tested by tilghman) - - Asterisk 1.8 contains many new features over previous releases of Asterisk. - A short list of included features includes: - - * Secure RTP - * IPv6 Support - * Connected Party Identification Support - * Calendaring Integration - * A new call logging system, Channel Event Logging (CEL) - * Distributed Device State using Jabber/XMPP PubSub - * Call Completion Supplementary Services support - * Advice of Charge support - * Much, much more! - - A full list of new features can be found in the CHANGES file. - - http://svn.digium.com/view/asterisk/branches/1.8/CHANGES?view=checkout - - For a full list of changes in the current release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.0-beta3- Rebuild against libpri 1.4.12- Update to 1.8.0-beta2 - Disable building chan_misdn until compilation errors are figured out (https://issues.asterisk.org/view.php?id=14333) - Start stripping tarballs again because Digium added MP3 code :(- - The following are a few of the issues resolved by community developers: - - * Allow users to specify a port for DUNDI peers. - (Closes issue #17056. Reported, patched by klaus3000) - - * Decrease the module ref count in sip_hangup when SIP_DEFER_BYE_ON_TRANSFER is - set. - (Closes issue #16815. Reported, patched by rain) - - * If there is realtime configuration, it does not get re-read on reload unless - the config file also changes. - (Closes issue #16982. Reported, patched by dmitri) - - * Send AgentComplete manager event for attended transfers. - (Closes issue #16819. Reported, patched by elbriga) - - * Correct manager variable 'EventList' case. - (Closes issue #17520. Reported, patched by kobaz) - - In addition, changes to res_timing_pthread that should make it more stable have - also been implemented. - - For a full list of changes in the current release, please see the - ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.10- Add patch to remove requirement on latex2html- Mass rebuild with perl-5.12.0- * Fix building CDR and CEL SQLite3 modules. - (Closes issue #17017. Reported by alephlg. Patched by seanbright) - - * Resolve crash in SLAtrunk when the specified trunk doesn't exist. - (Reported in #asterisk-dev by philipp64. Patched by seanbright) - - * Include an extra newline after "Aliased CLI command" to get back the prompt. - (Issue #16978. Reported by jw-asterisk. Tested, patched by seanbright) - - * Prevent segfault if bad magic number is encountered. - (Issue #17037. Reported, patched by alecdavis) - - * Update code to reflect that handle_speechset has 4 arguments. - (Closes issue #17093. Reported, patched by gpatri. Tested by pabelanger, - mmichelson) - - * Resolve a deadlock in chan_local. - (Closes issue #16840. Reported, patched by bzing2, russell. Tested by bzing2)- Update to 1.6.2.7-rc3- Update to 1.6.2.7-rc2- Update to final 1.6.2.6 - - The following are a few of the issues resolved by community developers: - - * Make sure to clear red alarm after polarity reversal. - (Closes issue #14163. Reported, patched by jedi98. Tested by mattbrown, - Chainsaw, mikeeccleston) - - * Fix problem with duplicate TXREQ packets in chan_iax2 - (Closes issue #16904. Reported, patched by rain. Tested by rain, dvossel) - - * Fix crash in app_voicemail related to message counting. - (Closes issue #16921. Reported, tested by whardier. Patched by seanbright) - - * Overlap receiving: Automatically send CALL PROCEEDING when dialplan starts - (Reported, Patched, and Tested by alecdavis) - - * For T.38 reINVITEs treat a 606 the same as a 488. - (Closes issue #16792. Reported, patched by vrban) - - * Fix ConfBridge crash when no timing module is loaded. - (Closes issue #16471. Reported, tested by kjotte. Patched, tested by junky) - - For a full list of changes in this releases, please see the ChangeLog: - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.6- Update to 1.6.2.6-rc2- Add a patch that fixes CLI history when linking against external libedit.- Update to 1.6.2.5 - - * AST-2010-002: Invalid parsing of ACL rules can compromise security- Update to 1.6.2.4 - - * AST-2010-002: This security release is intended to raise awareness - of how it is possible to insert malicious strings into dialplans, - and to advise developers to read the best practices documents so - that they may easily avoid these dangers.- Update to 1.6.2.2 - - * AST-2010-001: An attacker attempting to negotiate T.38 over SIP can - remotely crash Asterisk by modifying the FaxMaxDatagram field of - the SDP to contain either a negative or exceptionally large value. - The same crash occurs when the FaxMaxDatagram field is omitted from - the SDP as well.- Update to 1.6.2.1 final: - - * CLI 'queue show' formatting fix. - (Closes issue #16078. Reported by RoadKill. Tested by dvossel. Patched by - ppyy.) - - * Fix misreverting from 177158. - (Closes issue #15725. Reported, Tested by shanermn. Patched by dimas.) - - * Fixes subscriptions being lost after 'module reload'. - (Closes issue #16093. Reported by jlaroff. Patched by dvossel.) - - * app_queue segfaults if realtime field uniqueid is NULL - (Closes issue #16385. Reported, Tested, Patched by haakon.) - - * Fix to Monitor which previously assumed the file to write to did not contain - pathing. - (Closes issue #16377, #16376. Reported by bcnit. Patched by dant.- Update to 1.6.2.1-rc1- Released version of 1.6.2.0- Update to 1.6.2.0-rc8- Update to 1.6.2.0-rc7- Change the logrotate and the init scripts so that Asterisk doesn't try and write to / or /root- Make dependency on uw-imap conditional and some other changes to make building on RHEL5 easier.- Update to 1.6.2.0-rc6- Update to 1.6.2.0-rc5- Update to 1.6.2.0-rc4- Add patch from upstream to fix how res_http_post forms paths.- Add an AST_EXTRA_ARGS option to the init script - have the init script to cd to /var/spool/asterisk to prevent annoying message- Compile against gmime 2.2 instead of gmime 2.4 because the patch to convert the API calls from 2.2 to 2.4 caused crashes.- Require latex2html used in static-http documents- Change ownership and permissions on config files to protect them.- Update to 1.6.2.0-rc3- Merge firmware subpackage back into the main package.- Package internal help. - Fix up some more paths in the configs so that everything ends up where we want them.- Update to 1.6.2.0-rc2 - We no longer need to strip the tarball as it no longer includes non-free items.- Enable building of API docs. - Depend on version 1.2 or newer of speex- Update to 1.6.1.6 - Drop patches that are too troublesome to maintain anymore or have been integrated upstream.- Add a patch from Quentin Armitage and rebuld.- rebuilt with new openssl- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- Rebuild to pick up new AIS and ODBC deps. - Update script that strips out bad content from tarball to do the download and to check the GPG signature.- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- Update to 1.6.1-rc1 - Add backport of conference bridging that is slated for 1.6.2 - Add patches to conference bridging that implement CLI apps- rebuild with new openssl- Fedora Directory Server compatibility patch/subpackage.- Fix up paths. BZ#477238- Update patches- Update to 1.6.1-beta4- Update to 1.6.1-beta3- Rebuild for new gmime- Add patch to fix missing variable on PPC.- Update PPC systems don't have sys/io.h patch.- PPC systems don't have sys/io.h- Update to 1.6.1 beta 2- Fix issue with init script giving wrong path to config file.- Explicitly require dahdi-tools-libs to see if we can get this to build.- Update to final release.- Rebuild- Replace app_rxfax/app_txfax with app_fax taken from upstream SVN.- Bump release and rebuild with new libpri and zaptel.- Add patch pulled from upstream SVN that fixes AST-2008-010 and AST-2008-011.- Add patch for LDAP extracted from upstream SVN (#442011)- Add patch that unbreaks cdr_tds with FreeTDS 0.82. - Properly obsolete conference subpackage.- Disable building cdr_tds since new FreeTDS in rawhide no longer provides needed library.- Bump release and rebuild to fix libtds breakage.- Update to 1.6.0-beta9. - Update patches so that they apply cleanly. - Temporarily disable app_conference patch as it doesn't compile - config/scripts/postgres_cdr.sql has been merged into realtime_pgsql.sql - Re-add the asterisk-strip.sh script as a source file.- Update to 1.6.0-beta8 - Contains fixes for AST-2008-006 / CVE-2008-1897- Return to stripped tarballs since there's more non-free content in the Asterisk tarballs than I thought.- Update to 1.6.0-beta7.1 - Update patches - Back out some changes that were made because beta7 was tagged from the wrong branch.- Update to 1.6.0-beta7 - The Asterisk tarball no longer contains the iLBC code, so we can directly use the upstream tarball without having to modify it. - Get rid of the asterisk-strip.sh script since it's no longer needed. - Diable build of codec_ilbc and format_ilbc (these do not contain any legally suspect code so they can be included in the tarball but it's pointless building them). - Update chan_mobile patch to fix API breakages. - Add a patch to chan_usbradio to fix API breakages.- Add Postgresql schemas from contrib as documentation to the Postgresql subpackage.- Update patches. - Add patch to compile against external libedit rather than using the in-tree version. - Add -Werror-implicit-function-declaration to optflags. - Get rid of hashtest and hashtest2 binaries that link to unfortified versions of *printf functions. They are compiled with -O0 which somehow pulls in the wrong versions. These programs aren't necessary to the operation of the package anyway.- Update to 1.6.0-beta6 to fix some security issues. - - AST-2008-002 details two buffer overflows that were discovered in - RTP codec payload type handling. - * http://downloads.digium.com/pub/security/AST-2008-002.pdf - * All users of SIP in Asterisk 1.4 and 1.6 are affected. - - AST-2008-003 details a vulnerability which allows an attacker to - bypass SIP authentication and to make a call into the context - specified in the general section of sip.conf. - * http://downloads.digium.com/pub/security/AST-2008-003.pdf - * All users of SIP in Asterisk 1.0, 1.2, 1.4, or 1.6 are affected. - - AST-2008-004 Logging messages displayed using the ast_verbose - logging API call are not displayed as a character string, they are - displayed as a format string. - * http://downloads.digium.com/pub/security/AST-2008-004.pdf - - AST-2008-005 details a problem in the way manager IDs are caculated. - * http://downloads.digium.com/pub/security/AST-2008-005.pdf- add Requires for versioned perl (libperl.so)- Update to 1.6.0-beta5 - Remove upstreamed patches.- Package the directory used to store monitor recordings.- Add patch from David Woodhouse that fixes building on PPC64.- Update to 1.6.0 beta 4- Update to 1.4.18. - Use -march=i486 on i386 builds for atomic operations (GCC 4.3 compatibility). - Use "logger reload" instead of "logger rotate" in logrotate file (#432197). - Don't explicitly specify a group in in the init script to prevent Zaptel breakage (#426629). - Split app_ices out to a separate package so that the ices package can be required. - pbx_kdeconsole has been dropped, don't specifically exclude it from the build anymore. - Update app_conference patch. - Drop upstreamed libcap patch.- Update to 1.4.17 to fix AST-2008-001.- Update to 1.4.16.2- Bump release and rebuild to fix broken dep on uw-imap.- Update to the real 1.4.16.1.- Add patch to bring source up to version 1.4.16.1 which will be released shortly to fix some crasher bugs introduced by 1.4.16.- Update to 1.4.16 to fix security bug.- Really, really fix the build problems on devel.- Tweaks to get to build on x86_64- Exclude PPC64- Don't build apidocs by default since there's a problem building on x86_64.- Really get rid of zero length map files.- Get rid of zero length map files. - Shorten descriptions of voicemail subpackages- Update to 1.4.15- Fix license and other rpmlint warnings.- Update to 1.4.14- Add chan_mobile- Don't build cdr_sqlite because sqlite2 has been orphaned. - Rebase local patches to latest upstream SVN - Update app_conference patch to latest from upstream SVN - Apply post-1.4.13 patches from upstream SVN- Update to 1.4.13- Update to 1.4.12.1- Update to 1.4.11- Update to 1.4.10.1.- Update to 1.4.10 (security update).- Add a patch that allows alternate extensions to be defined in users.conf- Update app_conference patch. Enter/leave sounds are now possible.- Update patches so we don't need to run auto* tools, because autoconf 2.60 is required and FC-6 and RHEL5 only have autoconf 2.59.- Don't build app_mp3- Add app_conference- Use plain useradd/groupadd rather than the fedora-usermgmt - Clean up requirements - Clean up build requirements by moving them to package sections- Update to 1.4.9- Update to 1.4.8 - Drop ixjuser patch.- Update to 1.4.7.1- Update to 1.4.7 - RxFAX/TxFAX applications- It's "sbin", not "bin" silly.- Add patch that lets us change TOS bits even when running non-root- voicemail needs to require /usr/bin/sox and /usr/bin/sendmail- Update to 1.4.6 - Remove upstreamed patch.- Build the IMAP and ODBC storage options of voicemail and split voicemail out into subpackages. - Apply patch so that the system UW IMAP libray can be linked against. - Patch modules.conf.sample so that alternal voicemail modules don't get loaded simultaneously. - Link against system GSM library rather than internal copy. - Patch the Makefile so that it doesn't add redundant/wrong compiler options. - Force building with the standard RPM optimization flags. - Install the Asterisk MIB in a location that net-snmp can find it. - Only package docs in the main package that are relevant and that haven't been packaged by a subpackage. - Other minor cleanups.- Move sounds- Update some more ownership/permissions- Fix some permissions.- Update init script patch - Move pid file to subdir of /var/run- Update init script patch to run as non-root- Build modules that depend on FreeTDS. - Don't build voicemail with ODBC storage.- Have the build output the commands executing, rather than covering them up.- Update to 1.4.5 - Remove upstreamed patch.- Add a patch to fix CVE-2007-2488/ASA-2007-013- Update to 1.4.4- Update to 1.4.2- Package the IAXy firmware - Minor clean-ups in files- Update to 1.4.1 - Don't build/package codec_zap (zaptel 1.4.0 doesn't support it)- Update to 1.4.0-beta4 - Various cleanups.- Don't package IAXy firmware because of license - Don't build app_rpt - Don't BR lm_sensors on PPC - Better way to prevent download/installation of sound archives - Redo tarball to eliminate non-free items- Remove explicit dependency on glibc-kernheaders. - Build jabber modules on PPC- *Really* update to beta3 - chan_jingle has been taken out of 1.4 - Move misplaced binaries to where they should be- Remove requirement on asterisk-sounds-core until licensing can be figured out.- Update to 1.4.0-beta3- Update to 1.4.0-beta2- Update to 1.2.10.- Update to 1.2.9.1- Update to 1.2.8 - Add misdn.conf to list of configs. - Drop chan_bluetooth patch for now...- Zaptel subpackage shouldn't obsolete the sqlite subpackage. - Remove mISDN until build issues can be figured out.- Build mISDN channel drivers, modelled after spec file from David Woodhouse- Update chan_bluetooth patch with some additional information as to it's source and comment out more in the configuration file.- Add chan_bluetooth- Split off more stuff into subpackages.- Update to 1.2.7- Fix detection of libpri on 64 bit arches (taken from Matthias Saou's rpmforge package) - Change sqlite subpackage name to sqlite2 (there are sqlite3 modules in development).- Don't build GTK 1.X console since GTK 1.X is being moved out of core...- Update to 1.2.6- Update to 1.2.5. - Removed upstreamed MOH patch. - Add full urls to the app_(r|t)xfax.c sources. - Update spandsp patch.- Actually apply the patch.- Add patch to keep Asterisk from crashing when using MOH inside a MeetMe conference.- BR sqlite2-devel- Update to 1.2.4.- Took some tricks from Asterisk packages by Roy-Magne Mo. - Enable gtk console module. - BR gtk+-devel. - Add logrotate script. - BR sqlite2-devel and new sqlite subpackage. - BR doxygen and graphviz for building duxygen documentation. (But don't build it yet.)- Completely eliminate the "asterisk" user from the spec file. - Move more config files to subpackages. - Consolidate two patches that patch the init script. - BR curl-devel - BR alsa-lib-devel - alsa, curl, oss subpackages- Do not run as user "asterisk" as that prevents setting of IP TOS (which is bad for quality of service). - Add patch for setting TOS separately for SIP and RTP packets.- First version for Fedora Extras.18.12.1-1.el8.118.12.1-1.el8.118.12.1-1.el8.1iax.confiaxprov.conf.build-id0c9b762ad2bf62370c991be563f8d3921e1eafchan_iax2.sofirmwareiax/etc/asterisk//usr/lib//usr/lib/.build-id/73//usr/lib64/asterisk/modules//usr/share/asterisk//usr/share/asterisk/firmware/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -Werror-implicit-function-declaration -DLUA_COMPAT_MODULE -fPICcpioxz2x86_64-redhat-linux-gnuASCII textdirectoryELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=730c9b762ad2bf62370c991be563f8d3921e1eaf, stripped RR R RRRRRR RRhttps://bugz.fedoraproject.org/asteriskutf-88c6c5b2f07ad3a3e579d17151b46e0e986019862b48f5faa062342a66f9c1cc5?07zXZ !#,] b2u Y9Nҕy}cfTm8{D}"\tcN_4<`"" 3g8qvca5" -LZaǽ_ 1 vi7S:M4C0χ8h΢ͤbU0ef̲۠9!S Y\s,vm&bu7-~5O}%#nf%-FEk}4@C$ \9Kr lf* &s`VO&ܡ;K7٠W3mg'οscI5n qz<`H?/ _[Zdau!'t;ڭ[9s4 5.Nu 2 J,n8Gjp0s1iUaH}:M`vaw6RʰR;18:X;O;ة ,xlXX4;e)6EM?k;R2ϛ 0Oz=Zju ' .Cr/MO9`s[qP0v}&PʩHd!ʯFÈ+VZlGFM*#o1]kԾUrJt_"GZjuPlFϯ/Ss֜J -*PD_.nU+{l~L+G[JU> *vYS/fʓJYa2-OBX| а؛#,"F9kо;/{KrѤ)nY:8,zO ӺH~41l-J6T"pT: q3jP㰙:Ę冐/e;o<VSOu$n/m~cayb)Tٶ2J6L~ YTH{64uo޾RzK N@³TR YA._TzCKIZ|L4xPg%FR>,GA( 9Sbq,1gIMbZ䱕Ħ+!Wody踵a7|IV^F0*ABhzlA+~Kb>'[ml;Be ܴ*H2,`^?Cz}}YXXI;~@GIT7bbcM4֐7U߿Dbf牃fO$oNSe$m(ɳhBSEs: '6]!jx"Tzar*>x504HVǟu,=͕3`=` P!;#2oQ vp^BwI8{Dh}_fsy~E<(*j2˿5o;B8h—l~-Epnј~-^Јمh┰Se4TE-00ݬng5Lm[ OV)/"zs:OlgCyC:ڟ'xߚW0aOH YDLEwӸ<"C<3U0=E]sIV jeD5'c%Vjcssʑ{?fu7^c!y2](6Y$l|DijM=Y""#;o )zX%O$c/?ZYr ѿXe|>QrW ݎ76A ~{ DDW NSX m˅مJ,ls4Yyk8"zJW y! i`''G1&3p]_Qz߾AYM&Ni Y 584ѝÑPF+4m `n7JDU8\\_;`:vްtS} ptVj|?[[: 9탌Vk@<@?ɵ:/KR40"܏1D]vH}wbB;60"$Y0]}zl0r" ,'eC^~E$Kb]17I66nD<-etSeNQz~0S틼? `}2_NܭT: Ǻf5WOpW]1}lFFAFͭkù@O=DkA횦gdػܽ&QeJ0 !p%j>NeFfdq-Ɲ}V-Ro{PMl UK)вibuk|'D;REoLB#}ur(d]i fIʥ:a.iSr2L\yt5]}`F3L'$0ڔ@d(VN[ij$:n<׆N+E[:U6Ӱ"h1(]xmƣb"Jݶ 55|qvL))XgZ܇:w܇tWݎxY_ >e掭8Ce14F.Kds޽֞ԗҹ?F~'kc tV,dݕO/R >hgvhм/|QT2 V90n@puޓJ`qWud?!Иl+;7ne$p)pBV]z'h)P^;AǷ׃>IaM|l.o)QxuC8!lA@=d;*䬬7IMArbQ7=.sN2)}5#0;B,V)DBWk(ep-JP½6ɾs_SΏs GXm1k 9f6Tr*FɆHuf},m5c_r ` wv5$DD Y?e*Z(m>Ҝpf4X?UouOH#r N9 Ǣt+I{7!̼<éCy(MO5㩛b[& z.|#T/ɟc7w /2*\"sL8PDk졒QSM‘;z1L`< [ֵf<J<2vI+2g sno "SV军@敭USN ȏ Z]LH㕪~b(—>|0"T"JX؀Oc}y` :|>b#f3Jǁz5r/hbHIfxCh#$h^^ Bk?{:G!3Oc gKLFm77_ '&B `T;Ѱ1IGPRKzc'INW;anX,ڔ vRp ,ToqcJ)G#ޢ$.=} 5)6|6TY+@hyMсߢ[,"fZ&N\0ޙ/KF)g^YF!eڈ8R4sgM$4͸)m4e+K~`Sq$49m7Ya<)ʼY@g#El%YO$0u*Jz|Ҏ6V-.)eM*9~|w'I)>\ZL~="ATP;hj.&ϭUY_3AtSZiJ5@ۊSt 6mx6VQgޱ"zHDglNʶwY8 wgsSw`6gZH}qͦz"uZudS&73wq 0Ǭ{0Ѣ[G[|mRȮ=DL!dqvԊs~vO /(%^wR+QqJ_g2qf;/4%'0g_؋ N%Gɘcr9տӾda\Fc׌Mpw@`aW@ؤSHQL}D?WQ/%\sy&.~m~kWKAbS , -Hy2[ym4^b@ZV3Jdxmidk f_&`#PwL,gO4plưd,bSOMCtF6|$WU2XѼ _7xsL zF>R@ʷy1C\v$Lo(/e w8u WNpƖY.bn3ivAȱE43Y0-麲.2b:쇺lBYa/WT vO(k[;:AG9cdJuvh3 &SKM%?&boWٍuťYo A3< Zbll x[sfewF6#JmQ9109JoKxE/5ہW$^7u.s/3Q屖XdI.ZXJ.B)x&kfT_06njqSSf}tW_ Pʯ6M!c BXZ@4e5`G_v-Bj?Q֎ցNjV 1ඒ&y~vhu~~x\"/aJQa&ejDLiݕܲ_؉ԗXE9j"rgi5q?˃+<-(E׉JKD`巔s95$e1jfSRQ=( C{3NYW V_:R|sX-QP,l@Pt~1zjtgy/iMt"eNnhtmN شVi2`aVRI݀8:A/5KIĺοH2̹8Nz~ISj8%5^NՊmԺ%IQΙvV kjj?PFs{2$cV) aatx SQþw|8((/̆4GPzWD&_7woB^+Ldjq2f~Ii/ܴᇁ06;.["py5c+Oǯ1KA'=s׈/OJFVkP"*:F5kO zY_ >! 巨R.E8M\U\ ) 9*R@gلg F&x} mHWri?Q>Z ;qqm!tYjəqf66ڟ eIAhsE.QSnF*뮞&Hz8ò9;h>}MT~UJ/sՒiTV8gn #kbAx`|U#TieƕVƳGH %dB& Чɪ_ 9r6 EsYQPB#Xהobk}mnUeΡ_ Fy ^30Hj)]i_dh5jn*ߍ9xRVq_tDF$c4Nu.-Ot.Z9ruMSI> x-Ce9Da`ZrM&1Ͱ#{l[Fk/H cS\~/([>;M;HY^nOX06cnY0o8+ 3ut|DJ&AEZcԻeAׂVݟqzQlQj&|,U9 JBZZ̤^u@=`,(13kG_42̅#('vAфs\ٓ\u <ݍhS>!l{R :RABwf9޷EJiL=~(즲2'[a`H~{sG_|ctƋ; EcGgNwI ( NT7hv: ]U(*$bmI;{Y|h:[\0y\Y:w+!,ZF7%+4Le|yDp>Ւ*F'og ξa8WEec [4oW\\ۄv37{)0P=l$X_gȊMx 1|m'NC RZ:ٍ! :q7`:b9^4}x 7ڱR]!gTu`pxiyԮ.a{Xb{95^xա6%ҤE#VmIE23.Gm$)l~35]q|}D[ZO)7(YV2c">։ 76,FFP*H2אNj=o= F8q`̎'~KN$a#$ ;\Gi9_A<")O>ԷXO:jvm!{DO2-j#VRr;nš8|کPJX)-@K[ǯNb.vDYS?G$l\˥Fw(XxXyێGiB9MZYN"|q%]k2ay@..CO98o;ff^d:s6%Yۃ8+ g◪&KG ua.Yc@KI}YQ`G3ꚻt]:A7AոQM D_~lؕ?hb;Ս-y qj/#oȁK }RӔZ_P!"*ù7Fr[UgqNzoz~ Ǭ,9ͰhN%ţ Ɵ8QPBQjh:L_?5$aPzW:2'uA )qL4.N[z;gNu_V<:p"10.mfb%ʸAl3T0,Ss9D0}"p>USCU_ blf_jgPR՘M8Ip)Y* bUD+/fC[*ORؒ DN &%wVwYA Xݳ'+FKtK&4^}M6HKEV:3R0 'eyQz@:`Lk# SrVQ>{wP}cխ}6bn[v&$-yw'NƼT|fqj1Hk&2H䵅`7.zO}19w=i9 q,s.C?O9>~uq`"YY 0. R=V2WYc!$SkIDF,5+wPPWT"=rRol").CH(w{Bv/^7]żK\8vZ1s=LBeIRNEekG]:3D\e"#TB!;i4x>.Ĥ2%>xg)@P͖q1~%"3EP<~ڑO\ L *[0Qv8O: ίNzt]I#hZ{HKTpՒT&TNK<$A׸-CuEEqsVx`WZr,fYO $ x9x_sM|Zrkwa^-sƇ :ƑOo(q_*|K,)SZlѱ47SxɴQ\: jڿj~ԪK4  OKLm3/W Cg&J#4q2쬔m /[M'=ʘ&|dr,]Io=[0= H@(fsO h?>Jz-zIԉP`sfMR aA,D! ]2>a-j(,ke O>GВ?o0lIV ƹDf*ʉ1vbycd;Nc`ƥz9x޵c}}J\/)>wJ4JXKNr{аlR6'c(o G"%C RVB츆~ Ek 0 mr5C~!?Tv7[QtNDIӘRw q\W(=3NEpFw< 3da@\4\٭!e̚%NRu}ymC4SHjпƩOWuDh&BE6=Ǹ ̓ӚtE="֕p01Tݱ^ /6ЃWŰ;"jJBR6l~wY𐻊+ 0 MXp+Ioό2" PN?x7E@jvvHӑe;o2M ]U vo1~W7"Q3&ozm3R?*!y5gBqٕ`Q$u@+VJ<8蕖GuGǬeECHoʊx\DÃCϓ#xDvϘ-!^{ `yJb%Sb tdh K@Hm &[ղܦ|Koһ5ALs9Z(]߉Eλu_2'ժI[*Gv A?NJP>̤Udîe.Eߓp`:[ {#Qq'aӤ&ٹA, ,ʾ,.3[R3=+!52l9F.i(T~0|tC>`c&Rzx(I!Ͽ̜m ؽ. @ FR2`8"ڽϵ頻m3Y ":Ea;Iԥ5Q*n(o9^9!}sK3eõDR<}<f iJjzJ @&` zl&Qs5tsMR]{ez{m^THis >۝5FPq>Ji$dʔH`f.]s ms6a$YA\BڧCt `H-ZNYd<9,Sȧ;X~HA~g|BNx{cQrhPJ uW7ĚIJH$UH]Y !$rzh ZVg&j iD(&Fual_Ea*rbl(/ɑ -+S,"C^!$"!P}<>dҪCo3W=\O-{q<8eNG1)auaL)A!,4fͰS"==NySP*ԋ̻Pċ$^X(G7-IG Se -@ Ud$ d+~Wbul]*WHz.Lg^R3`;'DQ_ `]52bq$-@;?G4c_r"BMܣ`Ëb쓎=or@`Z"#aNP? 5"'3+`jv]}LirvVQy/g$QZr}TGRxjCv_ux<跑OI̧WE pq8͝dph&iQ~E/* SJxpH's WӞ/I2}`q'rV1<4&UJ/: H+&m`1F$uI;ׂ(S u(y yw3DO:ZWsX5ڼ?Pg"/_ tO@(`Rlp;=-18e?j/x}!Jv.=_zM9r_: jyj3A><-y x)t#liZ1 ׊_M}:}I5 ;AZ i A?@J _в-B_v(ir ѥ'.-? -um?7p_Ohԁ~^= w-U[91sY2[Rd_ |=P(jG{# 4D夡7Gh$̔C?%jsfh>vT=3mŬ ~mQ L%Z~a{&Mo5Zcy7e0o ZR)<:MBvCqxsU,*1%h|po-"N9u5eg5k/,As wa֠=72BqxflÄʳ"`.Va#~Wz[ lj6)"`i_|ʷ60Uj%!TF Gybz58m F=^u'ʮ]]É'1eނ"dE7C4"2T[0/;uP4:6 _6 >W$'L bԁ'enw忓M\|X9P|9~C7<^򏰮=}q 2218=pO#iχk x?m9ދbmnهiZH|<ސ**S.Bdksus2Tw}?? h;m/HDÁ J ^t8Rvs#odUEs5]XSĬ¬Y3\귩 r7Z.Ǥa$K֢sj^턼SwpAD8x.M/T#QLok9Epb Jpwmb7ܣ7剡1X Q}4Ֆڔ1V3O_}}wz%lCZ0yg)&ql5E}Ì4?GƎߛiԹDqli_;kUX g:N+}d(p +Z E#QwV;~ņҌwE!OOcO~nxdIqǞ`p;u1~7%0KRL\'=9|oϡeBJ 6*^6er7PKtmlsC-[+rcӀ*~aNz9M!D =/lc(.mgN4gJGG*Z DVR4^-pZx 9m#PސToalh}f{oS,(B"auFZO2|@*PWVygYt痊aHpDIŌg>sfw4u㙐"'1᭙GG2>0B9=$W\ (bl6],'Mp/0#*Bq~ nf)ջs2:ur"H8tջ"zBS,>͕}ݝ7}D},$b:s2 @2S>dqY L}gvڥMt^ +o>,oAD4|Ijm5j.yJۿRIcII a͟ #HvMsCHdp4\^o4jAP7Nnt)I>{IBUϺ.L$(G, ӘDusM ~~) ϢQLw,΂g5l@21e'EbWKTF}YSC bȂoߙUxf=q1,BWCK[]}/q:la/5%d(@+#άAQC^~?T rI5SttꞪCh'GvU)Fm@ @}s(f8#Ԩ?/O/G(>Hmy:?+!85$5^+QQBL;aIy_招"yRճwk/LZ#0&@nIw?P5}j8,c:O<*9Jf(Gqu}ahsp`4b%M0I}?hQν:eSBvgVUP\^5mUL'@eF_cvaڷ{dȳ!|eF|Xui>F$]`~fRSp⺙3 >xAm9y:NZAZfVԦ +Istt/o=%O 8 7h Ibi᧣/c(̕Clƪ*{;wĺ$zjf+.f3;Eru6`ѵ`WƳdU̶'σ`5n)OtR7"ݍbkxvj$8{V0#u@Wt(R{P⣛{]fj( ##!!Eܺ6s) Fm}lYH), \!Ͳm;C96Et6 n̊-k-VxlR81eiJ0fM0}D4``v>SYȫj&͆s$Hm#Æ4ZLFlwW~dEr%pL JihN ^ :Øg.Egi!x1c4r4l 14»!1^JF!Hp)7Am_,USY9Jm8ZIs- 9 xr1_оT|-,6/ jp72:L<,uOp$g(x>{/5iB+f8:}mPX}O9DN)9~*6T#Cʨ%H۬*bLfY~/*dve*U(kPS%4|+ۜK}#zN8i|' -V_Nɰ|SJHbЂՔ`=ryg\;&8#G+j4 \~mr&գ8l/؊AZJ}K)MŮ%y^UvŠuw>NmU r|J ѫ:ƒ~n `bA]nz\3Clghu+wQARqb{ق<_,oT/:ZT`) Z_r](-b^(;HS|!0WEupd;#\RTC[0;YJ UZM/uEe-wK*a#p0+A.>cxՀaB $\׿ܽߐ,zڧnUUә +BaR mab&ƣ`w cQ -Sn2CZTu٭Do1]Ҍbuҗzթ-YڿA{8~'cַ>ZH me*a|\eM%B8tg)?H@=nspdet+u{!'mFM X|ƢK^z?(.zVC 8@yѨe ر;W%t= ͗G {jZ^7Sl@1 *F`:USHt8#hwKmҔ ?"BOѼreQ~quxQRL)pѩ/DwP&oܐG'sƟ RJ@X^|YЦ<)3HO6=kۋ8t^LɊ&D"utlpBULf"Vs-a) S԰1aR}|)״ݬ-9gD;1Y-iyooZ nJ7^9iE*{-~ˑ'j>B bS~o4T\_cKFu8! V `|i!YS>_7}6kp&JNCp Myy]^jm~d7a^6q#(OsjCNs߁0lz1BH7%G,,a Ϳ2{C]f4t»nn5E}8c TZL."PLvUrɄtoeLWkCGw"fxNoShjd~߇Yv t0W w~؟˳*'*ihԖ$`XJԳwzìאv vcl|3:StD<|5%4."M}b0~g/ÇQa"aĐM43􉘷BԅJR 0*@C]уg$W2G^Vke` #C9kνyxdzT#vq|j,/S ?Jda֢} =`L}7'c7u |㚡݌E"X #Z544 ie rqy{A϶E/]aH {spܙZh_YI" !{mq>/)] 3."U0bۄUQ<҆s= @c_ raK(f3+- =q{;*)3#͏@*5?#va+oHv7AsF8D/RF|pEy,!eq8:7v҉EW/hnA6Pw.:]ud?4,֧IXj;::ϛ`ҭZ7Ա$ 3!v~J bmr̙թ"6<9$m$bZ>3(,MY?mPM;V7#v<녡,PR^1.UWTAn"qHU[B ̈́9?δ#;Y|a*l')K -\yO׭MWx6Lx}nV$vU{ege=}LGrϔ-\&Mx6ص :-Vjϛ蕣U^. I嚮rҿ n֗3)9t~09'QG| 6To>s4: F+Q|Al"xӚЀ"^'gi8zc- 86^ n1x!G1|U.%]:ތTw&MG5RߛPs'áּH&ҽ' ZV :Z<FTk܀Y_F'L>8R-_,A.H /TH^Yv9ۑȃ}/8gI3(QpaN_h~DzVf_b_{y _ '朇z݉B1l`0 55<K1bvz[>EXpubz=w"y6; 5(W_MěvqE&Ig G :?r|# u d{PK)92y}) ރ]Q,NZ%vlY7Y;3C&dv溿 i@&40;Z&!Gg]B4OרC  (ē"׬Z9}pD/NɹsV =5~p^1ިEaHl~LgZ" zH,(R>"S[1pޞh,>W\mgjDƗdLaԽ$5M@}GN *=? 06"> %Pҍ/'gY3!fAցs ~̳Id^Ǧ.EEoWW82m u&?]|<3?pZB5^ɨ/MQ?bw:XxYu|k}3Qens'^C:OG2$Fvyfx2"ľ-_= Ov}tBFf^fw3 ,V'7/2@w9.pVy]=i-F"B BL>KP9U_O[ PHcTu+=]:TXR(鿦42p:oA]>xs !G@7ל|g+<~/l̎BpCHv¤L鱀zuHx"Y[&BFF[G2dr3tDUT*ym@: ]N],m1yzRu_ n,y^*tTqL|RMJ K!Ώ?y!66ϥ~S&0ĝrvj%\,ʶ[<;?QыUݫ 9$bނ4CfI:0dۨ Ki[s\:}[5:;.?=72Ϥq%vЫqqt"7,U 5nm`YXnh-$wwFG^6˃ GӱQ]i8M(G੦ C ?'=P@'TGOlȉ빒jR0:m60Tljz0{$QhlX*7c5>oJJtjWBk3J6: b#OW=aNVp:S<#bqRsO?#{z^$-^32ȧE-Cl]ޕwkN;ًRʫ+Up*5  t?5Ě0'fRcL @a z8qj,Ne<7QdcA4&IB)YmAa48rẲ槙nywh} zʧZnlì_3x-cE4k|v6qh7;Ͱ&wwʳ !2B$_|kbKrʖϣo0dqb/W܀̰b!O& P"XB ď) 8.ecpڪsi!j(DGE/(/GHTmo E8q& MV[StC/ƣ|z"ctkw۝s|lO"/`5#&wΏWm#&^"gqES+85LoDu#:Y5i$xuU2bL jB΃cL=9ш~kZ0VbxVkNJfnܟg&AHXjIP{QǞpvl9k-%~F"-$aI\Jr%K2R}ٯsH?@BzY#6{ 1S#s}D] wy8EJ#U!ux"TYj1ܻ@C[`W{Z5!Z25R&U(Gf_PM?U &lKD8p=GT5YDTGJg~O:A/ N|y} 7ĀSGIaN50Hckxs9vL\mbkϭCC ',:NJ=˲{ 4~~D_sA YB[cteg*Fh~ H!yzl]QN/eh8O͓lNBY{)hbLIJ}')"^ll$Q|kj.+gy$[=ݰJBG[ց}Gp*ش7_x|y`=I Oy3VAThϐMPUcJؿ?u,#-K+'B=$%,s}\viy UYjAS.t-V/[l#1V:ied`s5<,hyNg~ܰK,fm=~a|VQx6$0+T;Ԝ9('n6eܒT1P)$DB5w?,u^Y2;OUqNH=jjȜoo˓?dlL?j\$yw Gx<>h_V:#';,{\}g`Qc(lo9 .n^#(v0қB;_Y>8^}[^ߕ~=1`=:_|zin$≞)q,^zΜ#Vf@6ZHiyB5RwDžXkSC\7>%}ǛN@+{زf\U\0-śZ9p@Wga!"Aή@ ݍTGywL&H$xRuN/HDgSz\/?yufJ;bK&=K 5מz'$eq ?sX` "K6b;2x|Ms. (&f-)\gʏ7a^7Àu I'dk ͗aZ39#o8Ěö؎T@,AUGZW3)XQq4Q\ۘ&#Ð.#g:Gv):.- +0l(00~w4(tX{6vdA Sx>Džy?L[x 1gui*!i2QȰk&+B#rp0/mê.F-*6S(dCx"1]]97f;PAp"u>E}lז;] ҌUL"Yr<1xH\ܣ,P~IKH~,CcяrQWD ^}>З&D,tV+Bh͓0'TCղXO(WsAy1iho V~'MB[4Z~߯ [G؍g)O xГ~s ER8NZagv$$4?enn Y>j{>f 1/ܤuK\e~~.1 )0#Py=6geI1ОNٗ(/HSYl>>j`Wf 1$Іt9jԸguߣ 2Mb)Rʫ&emW(XMO7^Ti⴯N_Ϋ6Ѧ|Z?91>̏ z=0Ï+2ƗݻЫL[0t5c\ȉ@apͧ\r@Ev{h-3 >uD`A@ސ\ײAj34=N=(%g^Ug a"yd DpfuPH}|;F+5%Dgl%Bv6hA YDڗeqJK>tTיoqvόxL8VY=ϸ骏 WAL '@;qQGG"E!wb"xZn8Z;d^R6Qi^쓗[紖)LU&8; {3oQDV_ԑȢ/n&-ҠKϹT:YNqBB\F+ZFIY8.i1H8$_ |IpUGv;P"pt;[I3~lbƫJK۹ٵ=FP_'}䖡td[]5"$Es|hY]aJHMCfғ Fmjd ptA8bHipj\ udY<UfΟʕUN'M0[s)foI$P|JSNS7N6e" @7n"#_e۞+FrjSc=qu?$"DXh"3_9B%ϜumsQq?I[@qR wd(1=)8c V 5-9=<5e;zqVH|v $iHQSDp;-*d qt-P"? Vd#NޞT=R/:ƀ](ǧV:Z+PHRW}ޣWm^H㗰 A=㟽&>&9p*CpclgP*$HY,Ϥv(;ǀ v(ШβH}D%1u:i*=P`7rLZ#0uyAoJrfq~f,ؔWB>nLç'DKaCXF.5oҨ2Eゥ}myJ(&!`7(B@?ΙK Iۗ&e*ïVw8d0\NeJ\ 䑞,wuz XG:^"9JHl՚89-#K+: P9ȥOZpGa.vdsEף8o`.Q/qDIC\0C{W_F=|}d#WVIe՚? v/8h Յ 6_zlDZ& P%ݏFJ$,:'j֖֥<*CFÝ7~T# U*ϚV"ZjVA<[ z: jCm-w lA*&ѭeρƲN`rCpoOW||jsS[(JViN<}.8IK5NlHg!DS j:׎xnJX"xcfgix4837R;3vpub#-V%cW*LE;_։! %z-6n{?~UBTP]:PaatYʜ8Ր~8Awy4ںJxHŁ(~à'TuB& wvx1/YF6 x@ѹmeW" y$/vSP%"5;; ͆lGzFOD+~GSP u jv,,=,͵^}O`C LwA~M Ii;dFSAdsg[]<h9CHaj8vԴrHCj03C9-eyg<8ڬ6rh|ޒ51 f_q"BNCN]]c4cv'aᚍ_-i֝ q+M<FGk.[S*Rݭb{1rcVRr Λs@HF);!KͷbZfKJ\[G%I-ױBSU-|x* ﻍGmN: l̾Ti.Jeѣ7;GrMVZU}^#c_UqPRƟ @.# c"a"<šm iB!+H(Xu;c04H+-A lM IX"&) jag<~Rz^t7ǽ #.gq?D-v8g`WEtc EY|gG}z  o;NCQRr_N;?o0P2l'&L,,qWhTcjo3 eI~*$Lge+sK[fg]&MMWzsx|CNz/$b_{NQ ]'{2zP}_`GJwNB@{rU&j[$jX +Kf^˺R| XGW2 k|UO*"ׅ߼NCmڿ+z{ .o:ҽ݇P_+9ZR-E.)LBKAzΒyoG Y_Tb] )mmas`U/k TMxp/yFHꜯ5L J=l[icKb"a}-sRm:g"%6Tu=nԽ={d*rUX!3%uM \Fn. 1ӏVq\WViݔJ .%*pOO;LWvmZ\C_$ww .Cb{w Hy`,t*3~CuO<^5,_x= .ek%^yTti2Oݪta:P\ݘvUͺ$pZ7@ x4fZ 7{r,&-UMd{nEܱ|&ba:9EYѥ>Q&W O iXw ޠutNi'UJgSYYo;+i!cY7B("׋}2+;hoͷ0líliF9o zRI+7z5g 1Pu!7%hϙLP\ro\cg#eήal+wLhH7=b\/Hjq~j/wECK^A8< ,o[4U|+Pd-D0YKhl.^OP+;'QeӼe;1L*3wSnz#tYVeЎ+ʨ1CfYU19j\yX4ɼ=<2+XG0ygɛ&@0>|x l푖A!/ҞN 4F?ߓ^ؾϗ9 >w+r aB~I9߃}e3q7g䔴bB{s G~蘕qAEDƢs w`*(#;v`*Az>E!GGl2j @Ĉ"&k!3`u~dnSݛUo+W:iDžsW Z.~ Sg1 z:U`}~2L1@hiT3k5ķY 1-8圯fzP 'fS7>Ԅ#f􀗺XM]ge"$/U%w;1!A7ve(D& Ecb +wor쏏 SOK7-e*d?Xt=߃FU.@y\RqZVtפJd88CE:Č"$Cv/K+Q׌a,Bʑ>#| hї3 Qu;,)Fvձ>(by bɱ<[ u@+VQ%bi /l?eBHV-]msY}'"\ O>w Sk$9wێPʯ?0(ǷJ#\8yFwHΊ!DZb\fND0>ϻpHq<}TLEf.PneMӊqhAĒ9'T|Tq7=ScV=E/ :-z)1|).1_}3jӅspq෠r}Zd Т.gta&|l#hW * m]H'&wVS Dbm-Fw 9j ~]Ճ / #=0mkék17*63DYs-gp `ΐ-hWF `w/ϷmKwe`#OS4{h6r-Ae$-[zVv2joAZg*Zf%~vG>lz\-Х44tP[F<58 Sh8h'jn^͞jJ% fV.e+ j-_LƥuY2A匨pa+|F$j D\4-859 >ao ?ir mZwu B+ƾfY0nᣦAtƂ|%2ՊNB+nq{\AhFگO-־ek@!s=YNA~)oHIO`V}lU C\=~딱шZ>0VMt !~AaJ ^_YF۠I as =?^!No<_swoS zq5HبpnQ,|ſGy9jmvrɗ|Eh=y3t̖URGI+04'ܒ5+SZWH`xPWN# +>Zr_I2VWRRv}1U:_BH|&*+P=]3%T(:_x%QS@wkZDg& ek٘Zm x5BGjT._kiW dy1m19ϓN$mW)U5hF8iGcG-u56i9i/[I?r6ۯtRPgvЋ)o\9# b+^dٙNlfDqTnflNSA-\pleQ#נ;m͉aY#Q"-bTMǷͻ4G00sؔL5 Z`a;2]%6鲪ʳ{L"X293ebKjCBMY[Or9ޥF h/׺^=8Qfת;Iba,䅴F!t]GaWs':ֆ7:>]P1FA_4 7.C! . m o;qO{W| ';x{ɅES!T]UJV~"23X!ۓ$2Mt BA2{̜m)4T/%{/>>QO[IhX>7ٳ;Zzv5yފjqwnx^!Lԕ= hdʷw(ekFG/5RwWg1pj>v_2+TY2ոc%TD82~:ȡtMٷ5mu@ m&Oy;i|͸A#i2`JY&7(JARڪm{ {lwD;>t\(dOolgD*H6gUH8Aُʃ1!n{tͅl[fbHQ^PF6+y !YdGy!qK Mk۞'K vZ WiHzt}Ln@m<Þz^I?#єCÉ-hI-TQV,H 2Cy7b6Ǒx,!_穈 FFj${rr?!{:.a/mAH dO$8F=ޚ*mn̾'Վ"f%)ai֪`PyC0/<|VE@CkͭX@$?SYg쵯 6ӤM–TL0œc*㠀) h}d#b*Rr*BPy:ۮj}>k/09ރ<7z 2~֠ӡxvߧDYY[&_YxT& |b8vVa I͎%0Y{ÔoL/$'"ۉRT^iD.lhNwC1Ÿg"9Tmӟ׺H@B0O\}^nDL{Wxgi}7p#m:U"/Ʊb?ƝSȻψ]OIXjX!Mpms%A#d>M`u^h\O Iڇ僃! -׭0fKטhx:{Xfy]Cf\qP2rÓqWaڦmc880(rjP="I U.!*v˳xp^ŗY!4(Ē!K'#Y v:ޤqWٻƅ`TNDlޚL_0+_fćjuBgPE0I#@˪ps6Õc>Foωs8:r\Jy.Fz)Is MYjՐ( ΄+/,IE𤒢R;Jbk `H(HNE:&ÙJPמfdTD/lHi4 #\bkK+5fb'hZAm*!%S=q!NGj8WC#}|bppc̝r'#~E\:-Q/yjVMCɸh LADz2mDfymgʫ&d4;cHZN(l~ѥ0%4e)j` h'fC7.:ؓ\lYr><Υ6#!S~uCs#_gݗ_ƭY?T>',)-?W|~T끧չg Nm>KɌt |wq ,ƛ9nPOR F Ye1?0d&N*ΘEm Ԣ%jx VOuPl7] &4N _F+a'ǿOӶ-4޵rS].˓gpworBA#+*N t!R5zMBJmDh(bG>߇85Mi_: O/N.5ڏFll1#VhsNcI~p&Üub8!A};2 5zW|֑D]9|zrVNݎ xTҵnsp#rT%asCQNn.R8xPKy%d[_oZ&ٙjYjVB uk: 1nm}:gS9kQ;DSyK`6[4)qJyd?<WU@pL`qÞs5)Xj rF9w:Ed.\ǔr6p8$~Y}v)|ndI*P +;AM |5z!Q%4}Gj;i@p\ [WX|4ͽlAkAtPCO;a $g"LN м].6p%6@sj۸a~1mc>!L2?CV`rK5)uFlQLY- 녥?(m iBPBLى vJ&>H*Mt5m]ɍ56€2H ]PJGQ.*s-v}ﱜ}]#,*@AJ-V{P &tFTq$ 8:vZV"e֐MR,Rzw Vi_3C+µqnv-Q5-37af Mz+_+βN׋E|n=)w"7N2uaw~7HO I@ jd2`o\H{Y@ck QјS Tvηn)IuS~ BN^n{zNB[faŏߑ ̀%ޯVZ_\*\vc=x?Jݥ/-'9媽,d;cȔeT,1Ot 7OiH{$EEp35$'$BcÕX?]v 4еO 9#s7B} >@]L&|] )OZ?%c:NG'Ԍm N%e\Aч!M/ f9_ݵmm|lz,8\xc]#J/)Gx/ѵVuG˛g2)UП u=ByF"rtC/?zUwo_~>Kqw\;`.ӳ@z&(<3UqJ_8quxʀә+ [^KZOE]ʜ!umٶ{[NC{[>4_#˂Wk;OL܌WbvؙBCa`zxS4˼U|@qUa(r[ZӮPξ܇j@Rb:|7~xhD6]񈄎7І"Tv5}%Q}9t>erx5?^렞mOCぃM[Gؖ0X%12srz[6I lԐ8v*Ƶg&6~e_F4<Z(=O7lQOV?$BR @*'źB e졷+p8#R祙 F v@u4 a-$"Ag%/ Gy܇{|$ggIEol}p3pݑMMaֆ yF y p ̯>a)zl]ЈbY O.kYr~4;~)d&T笶3Z[~PLf9#9@ $3ے]P?.i7'%W5-&<.pnփNҁόO"8f|l1 7 /==lBd?:edX Ǽ8&E#]`-c~cfA+T9mqmd ϙLL`$J X5"vJ6QmɅ6??$iR3h@-z NJDT";A $=M_؇ELfDr\++Q$GΦ8_UL}?ء 1^Lu~V=f%̡:)=0'rzALgL4&k)HgT切'$oG @ד0?Otү\/툃sȌb4tt0)!- BO+9%|ya#iT0;R"hՉnsOHqU%r-v:ӜKڂ_0~/ޚ1A |WӒ1/2})ܩmVo$%wmJ}3*˹%λ|n*~Ү$:#B3rc=ow9FT1چ)Cdv!xL.ih ٪v6 )@뽚E惶` 3HbҸ~7LsD?HI 1C#d)ūvu9%L:xg5PMET9=]5ːyktjǵTyhʅEilWc0(k W8ߟ5%%)7L``CcbP'&bTw s#W]Uc~CTs m:l'Z_ Wz;pw^љ+_8a}$H᧋6CGE[b+k`HeMM*ZJI`lɳA(Df?-j#8W6؃"fEJrfKhӂvD #HwnCAm1 YYu'8XN )WX70jbk0 Gpՙښ7]>vTx]؈ YX}~eyܫ}bA3vTItJ`U4_fV=mm@ ('JSH&֌ >,DXd+o1_Phsy-ݭi:a&&ҥ651_SwPZ5;ygJ=n H{EgA FESV[a\Gw>*6. tjY1A$>ўnvFcfNǾjS0]؏Ι#_\Yphwí.12@@$|d`'))+b>jIL22r>]6 b;[|#5 *1Op?evJE[gQc̈n8*`PGғ{=a ~20r1̇Fk^&>\_n};:5UcVF6)FBҮ ЉTY~Iato9ll&F@jpka5ڻ=2GH@=}U7(9D{rEoG$ rJHkfvBoMޑKO7<o {'LF<~;jI#D?o] V% !gn'!Txn?MH '\Q ,Cho#l'WNڤEn#'luο;X()Fnhqo6Xبvֈ^VڒuRJ)-[TPK(­K/Ok7++1WVCnpsH_cb,[aGPE%vjc'MgKGwgq-S9:j>iS; Kى7zh"<d2RQbk<(nJYCg x(A$hA >2ju}L~&xSYhr| wIp.كl 922L+fD0 ls;ŀ"Fpl_Ds~B@\ 2@x"sxժỈƍ(ʈkiС(/_6C} t-O2 e8HBq+ơ; ͅiIby*BR&jNXxLq5p%+ @ENќР:X+jh]oe,E \#BrCNTe3nsW"oNjıp~֝ O5SeG{MI60DFr,?KH5u+z4<"؄\{4%Naq)OPʣ2|NA[SZ>^OKi!vOq)M'1ZAluz @4"ƔɃᤱ۫%%Yn҆7B+eH^}L`"/eHQÂ5Rُv#NY/8r=yQbܦ1۩%(!|7DfdFO(qr* #7O&AX _+zOj5*0&dAnJdY]\6ѽѓZq,Q#`Iw0s:O}耨eSy"Y3O!LDE*VZܾnk`B݁vTUَZmG`(X"@Ί# ԇG!3Nz [K/eŐ88Ig[yw-|!~"uu`LMs#̕pхõ7J%4މ\@(<1`W:sۿ(@Oɶj CU:IG˧pt >a2|FT]u]zC tB.&ѡK[Li]/?z`0TQo.~<[6v)^ZeVq4M/@6=pޏղszpAD=dvu!M A$r37PŬp֜{'P= T?ӭ*|׾1z}v{Xkܕ,i5e(,Xq 9r4<cm" qŲAĭ̄A2@ 'ڂ] 3!F0jMDAsyQH2\{Y}Wf +pLL<#=VP V;)pI_ۗ~ }mL#("Xo z$YvzM=Is70X&厴NF1{_SJ#nBZ#uw հnL)Ks?`+]2#i/\d8W&iS]x_o=6Ijo`Mrc1 dR'(V%#pݚG}M:P۟ 0BUaGux+Y$+Eb'H|´c.;kXӈȭK,9TTǎ} `\YTVf3}JsjʲUhLsQh{ a`M#<^PvhN=R>,F4x !ߨ)6==C ! !^3.3 ԡENPn;,8)R_,ZI㣬Mzno0_8}:` Lj__6-}ZYM-f>=pE 5䌢&\7eF⩑GG0%֙Dwϛo1C+0G4~Z/UV%ϐX=,HnX ]}v~ 4 JlV;c =G2=#[!N)>"MWz$~$%/Y2?EVܑM;GjʊY\u0Ѓ]`CaeGj@?jN+-9fp`s؍Yk gSQĚczi- )+;`C@Upl(P8[eH~Ӵ0+QCmxU;Z-NoPQӯ>/ fqy[+";^,zY>ݤNA1Hmۅ k(4&L_H5mFTf :s' KlHV>&Gz_vIaٵa4 +:EC B<7㿒EtoUq|N?ud<'`Ҁ%MHnv 5ITS_9LHhWgLȘ r65c.quɱpyM?_RnBi=XNYxMS5v0<^iեeA!CTҚRSAzbMHf40py{U">?<=:\U4쌰AyuODҁ=R^:(|)/ѹ jS $ܠ- X3nS#܄hCq!ÜtBKL2U۱O>oO& eBe4 uɛVx3dzw VmN2qYϽȪ3yd`u~5sJ$A]6dyOqx/C!P?˲Bz `\fCF5*Is,xND'իRvξyKRK.ћl+s&x7o|o'8Yu'eѾU8Wz5 TEPyKުB,8\-o!$ "Q'IxP t--OH9o!) ؾ)>߭]6"0!1w.yh1( 򲒽xl޸9$h.Zs5'Hd$_?)s/[/IgRڀ5XI}TG5jV() R޷yTY$8tQh 7 x>B~Kg. J.ŴEjD[rl$Z]y\=Bk]Bz-tJF5LQa''Rf%;QDE& L!,[ܪMc_`q#qEU̯Ot7>yU܊$uH} '(2K耯P$$B.:fw.G5=A.IK~@҃,mAdcg[|B0~|u'gS@>T85sI ܋T``'Y 8lT-^RJ(/1CMe¢>$~΀BĺJ^Ҷ| f5$]Ę2gnbGXɅ1U6D(tܹ1MLͣ=:h=۪]^FiM@(~(D+lh\yqVՊs|X * 4%evi T rI2ؓ; gx͜f*r_8 4$XA{Jxt,΋>Yu=>ԧa-몱 \YxA3<"(v%rZGW'RnNV9|=XI].h?eO&yENN07˽L507H e F2v#h:Z\:Q%  6c(Y#Ŋ-H#HF`SDrE?)7îm/Tz,Z}:TBay]R{Y)Y2 @IP6g%qbl12iq"uSx@)v܁ BvFaN=&~)!5 Ԫgэ0IKd|55,ˉU=s AKf}M@{)$ߙdr-ԥDf}\=~]~(';Im9cpl:յH _il5bQ%Ѩw{℥/tDP@\ݢm޿&#nH`6.qƱԸ,1X4tH R6H&9ε"tw/su=2u+^#'YjQxTj|oG&u'yFjuFfiu>[ I:oc[~!UD#ċJum,K}"T> AǸbESڹ x3K:yPdWsw6ͮ)4`>2mu%I\!bi?dmADHUØW6NM=٫1NR.M-B Xjy`// 1-'jKa8 i#{=nNY5ͪ S[koen wA:Zc{yB^xfZB6t C}bC_mx!iV2ϔ+uR hP=hJ-BĂfUJ4IkDcvE\DŽ=OiLҘK*bsQ{ƹNZ󩀲'2N L5_pإ݄\^!8M^+sHG"kmSSpΉ=CV` 3ð l!B*=gj8Cۖsoj$sPҘ'ľ23-I\[K_^Dy~-Ò9v}DZ 3Cܧ-e &c=KgXO@35ƮE>X<9Q(~+TtQ'HO[& t0eJ&m>bLU1gnaс`t"h(u3mz P4y{U\N~T;68c5zv)h繥iq%fiAdW4?8<Hzm8c.ہ" |wre\5Q,j9s3ͿnÝTR5],NIz4"'8#,F2E2t9EE8,tđ'sp`TU Wgok[+qFϺ!~ r'js)^G=wj> l2f5yQ|𮬛9d@#v/:AX^۽^JPְtkb0%ؐFsMl]忞K̼m1}_+ 2FL[@1aتr(dp2u[Vb~ן"w?&3]l)%tzdKgU`uDgDJ͛5b7M8ő Nl?O~\45( Wd#rE{p|Mp0˚B"թoUH{Pu6=+e*4vbKKz7xXI,GWHG2e?ѿR^l=hMxP ns1|hkХL΄*4mX+xVϬZT8x5MYwTrIa5Fh7GDgߣ@Y I}lTn-Zg;Z8dJ5({ 6'eeꋚ ^ܝ3'J;3#KMqvXǎ \%osFeYa0:IZk؈F-<?9e*C0i3ZWP wcftwA\O~2'?=$ѧUIe0Ht-&8 [zP nٯ(C}B.OHO(S hzxW * 0sEFpR`c M0- ,./AZ֫RNsbPx vjQ@z;i~N; 40T}nĔ“yČF%z]ݒsQx?ڝ@]Ś?lf=K9.Pn..">pcʒ5pMأ?[8brWap%Tr51 jv*:_Q I8;4X9 Vj"-*#ZAI9V, cAl[ gJ. .K|cׁ L^sk7a{$%UFTD0́;s|9:+s r,G{C:]r;ue%YzqX3IV0" 'VXm \BVGo_lO$S[O3EAc?M#6=TL8;ݣfh3ؖ`2VBDKJ2 ?pn~_/8]{'j(5q?cft`=X-ߐH=NqVrZt`D[|'mui $ʹ"!Z0P#.NcǠUjbsˎWGSD)6b`y Q42_拭& &G ǡ<;Q%V qtaJu8Pxk(Zh 2ryM9h% akوЈ-)g 3/q~fNN,"|1H֕5K΋څѰ*@jvRzAM_A#쩎+Tvw0\VGcoc^ЪgLw|Sۆ nԗnXE&_,FClW L&r 5͏!,ބ,^/nApvoҜ?*,4N-Gbhq3N!ښ/ x <ίCrd7^8Ɠ+^&"g,t /xq?+"< d&si-/I GA׻L>閇6XD -^A?35?{QvpDt  D#y9o\Eb:Z2-Do+>H` [pVl)y g(-.^|e4IF7=c솗;)/$XJ٫fie ҢGx{l0BӺ8[}wØFo8٥<߹_'7S;I]R9iO i |ש<.;8jK!cp5SlA*Y4sSJCG-=,ߑ՗vs`O#fUqvYB+1RʔrN< E[m/g+aTz~|0yDFwdĝ@="!ߚ>WnBޞ΀F0?)3)H\T Nk9n%8oN/6#pP(BfK3ᐪ7T|݁&Ho"{̆ohЄ3$)a͵Jl6(<.X4Ïrj=ܴ-`x_DUiԭZ1VZܫ߆a$ZbBE1;b0+gOtrUqʭxQ]eN݄޽τ+!MS7AF.%xSaSw<~j0zH)EQPXչ1zX}.OPuG=f`Plg yCꙫE?6^*\ZvԐs z~J.+Hw5=k+55s"{¾We*.1$թp,V֌Bmf%:[l `'գSx@ s(L^/xhd#I//gV:ɔҹѭ;%go-؋uL۠f"F=ՒF%J^o'Y}I>M,X[e[fPu,Oaz x2&i~@Vυm4.#Z/MEJt?)E'Z ]2F r!$Dd~+<̺(:z yGl/Ϛ|Z ƑM敳MjX9ycZ &O_6Q3b6_17}aINW:& 3:*Q]rrwR;?G|=` {A~+# GX(#c<1IV-*[yLym,v0?δ 1-4 8ǐ@_XEy;+\UR{,8˥z>cÛLzr<,|K<7}UE鐳t̑_-j\ iii8p Sb.0 m!yI:#VEKY5I\iMkYom` K t*jƐz/g$ +=s|;j? Vϙ@iY=QS~W+I)cgY߶JOۂcKQfU<.fL_câg7̲RA[\b-HM@) !SHv!1LTo a rݩ0H|צkͳla9?J5)'ƻۥ vKztݠx댭U0nL#=02TKUx5ᡌ8Ȏyʔ튐H'ٟZ= }n5$֌ڽdӯ%ZӪ.FrPPex)> bSy+)'޲3{a:B_eI ub[ O@R=G_"XQɕkbj*MEtq9ϥs]b&f r̠L]h OxK]Nn_=5bf.ծjy|mہO3?[ejp|y!dw`!𽏂O3Pc-K759:03L v_18ŵqDHх ]pCO,˚My᛽@?)_l|c3 W z2䁖^7~]ا(D'rJ-AD`x2p2rJ@ҩ.dr(GKOZ^NhA]|yzʯ滢߯KƢQbQc3̉ T9293$PS8Z!|+Q53)68rL$T@{aӯYqG5$ !KOT SS7UkC,0Fv`w "o;CҶ1hAچjH)/y=H1o4ETr؃OODX7j>yƢB%C.ΰNNvH !Ino$P 4B<Ȟc-_6Z{`\h}v$TP<{.P(D?Nc1hgͼgA\{R fsSor8`k PS(vZJ.AGG |ShO B#vh, I'cvCy|(°uUJ+&)Bٜtxɓ~; &+(+Uj>%o흭'ɜJ]ɞ\6fz}% 74: wvPwM p>rҕ3*چj MD@,|IhD lx`_~UpJ1NUU[JN&ӦqCP ~Ԍ8ȷO/}qȕ%mbSDy@lC?,2aga)X2AEm]`ʵٿ7s1wEóް=Kn5N3r-jHUNFU9%YgM3`\tS\moxO',VCʗsxQ_Y ˸=݈fjO)mNs(XJ0mY@& UfvIeX=\k|D){w];% eƒ?7o,Þ@o @39:[L)R蛱`oƎ=0~u0Ǜi:ٍth q NiETЕeIVSm`]{{joޯ|wл IEV=m %( -S;YbxU'^G4|; x{w[v1FW+yTZۿFOhd$L6^Q"X?/jcäx48`%v,O*IOfA~8|BkSx1W5:8 nng1a'4=} jg&Q[ ,f>.VhG݌"-71+=6&nvVo 5uI?lW#pnrKJj0ǂ]LD e^D>dv^1ToƂS!O?o<"qޔ_qrqsXC|\$Q7Kh* d1;xX*q&s7cƸ_&R8|(7wqsϽ rSżk4(Aɾgwc%$R%\ &"A+̀E9?mSI-b8ɧsq=ODFꗮև5OLI) g9j0F??ZD.ObB#3Yj(| 0"DWoc\yQX8W7 b}ϛZ\`Ft?ZPcC,_vKns/!]}K񦑙 ݆UNRJPE1?hIR %gߌuB|a{ Z<9j]/y>rL` 4*bxjʭ?k?pcB( e+HBA }ZSy6׉2 g\sx6bv=}\rm(Q=_רitS:${ҫX< zW-bh"9de8TmAba+֮v^;}8@Ŝ]YܾL!7!r/~#ܿ[<\WHaY@kzmH:.r:&3ՋT *e[е&!p=MeENɎ-[9"2^q,?3L df|sdfDĻP)f+/Ȁ6c[[va2R?d4ק~jwK&eؖ(OUv/1 6jgH2~>B$6[ZԾTN?Iu8؍lv .j.j?i%;1s?G^#qBz戚b) Wj<1ݶ-dC5Ds˖ǫ.pv|ʘs@NiRqD[˨+>"@Zai.{W!)$u^|̾z]ʬ gsO"\u"Vvn*nmʕ`Rvֽ9-( JE޴ZIjlό$Wۣ*D弾bdoӾ+"3XPmX#SHqbpr(Y^#ϐ& {hqSkߴǐ{6 Q<$Fp`IFpZ"z]7 e Z-r&wr8c #b|rU|́^*c;N8Mg 3TBݨ2Ǜݵ8\6ÞA? payV@[i{T)#lYTC?(^| 6_Us:#§yMJ ƽfFU7W6^g/jqO9;2V F)&SYU ^PqӦ%E;9l׍w;ׁ:MP;/628O%Ih*'q8K-odz:ǓHI ̈́#1PGq]C/2#[lF &D_v~s37Z4쮪S&_$ny y.݊ 0:anFx rǍu .QL-/;qFZ8Dim2ኟe,z OI~\!&p'EA\?;<seFvyx߱} +}9*!&s>P1.em# FzK^(Wh!_ 5->4M7m h&#DmG?QKà,H=:PY*[#'sgtp׷~hӬ 2uGܿ?PZOvMB?t~hr{_*)UEZ-ʲqs5P0ٸ1UgFP"o))M2njuus=IID{.ewSU$ab; %֩*Q,-;UZs)̔ nݪ Ju/f#^w9@H78M662J߷XtC-0rWr4*2 o7#1.^C9<8ŀ] Gcq4B]3J m1A\+*7flxK{*h7$c2g*31tipS(R1h)$(p Ť|U| /dV3yzY.LMJۘ !b` <v@È3]Y {؉q쉫s1,GOóR3i7vөPgJdGT,C(kTl>o?A=G"C6 ;ʵ-a9!Uw#4 Yg-n-oYuȾ\a&ecUn&F>&^pqd-n((K8y^JM+vZqOzç_3(mf3!<^ђ+ ̸- k۲U>E3b,_ea|FEmr(Z K6yn9.c$;yD 3hc ,v!8(5;l@`m MQE+>p ǭD8 M([&yƵ=Gziz5O] nr*"U(H sΎE&TmVkZXff/DuNO`ə{/> >dn]O 4bBkҳ[Z"D$ҤѦ+f`GMv. `jdT1gنsS~PuK-ѓIN("x)莰BnjٚЛ1x+PmD Ϡߞq.a%0, >IQcL$%ԩ ˄)!'Hx}.6ǡ "E! dW( ͆߄(v r8|ρߜeS5ALM#N Gةb2%-Ra%kk<9h3 9O@Pg*R??%YU[ePE~~ %y35!y4AA3MjQڝc}wUuW* -UmUo$ +DP#ѩׄp芀 X;Ka}ET]r=4>ƚ9s]= 2fn5*F< + keE[=*[6s ;D<3 tZ\. eۜ Mxұt ^n 9#^2l~3P$m޲gQzA$%`IU/|K㥜 J#)U4$bļǭ i.qw1ɉ+ԿCE ĿJ(edAʄ0h$u;)|ŁC4ő5KabHSSO>J>/Ca (1o1WB)"LxCHC]!*RgP(sNr#pwAЗ?F`HN_γ4eQ1K%y7!TS^ٟvČ}zܞ(I,<]=KM 1Ոpnd;O)hcRi+E)xĴct Y%?F)|^?=%毉"ܡ{rFe4uc"Gi\QLAϣs*ri]H\D'YX2!D5 %)RnRKd}=h"ʎ`Yj47ޮ& @ʼYH.-iQ<[;F ,^.`{Γ"<]JveXBIa [=\ډˎEA6komij|G &oM``CiKFGI-&v2J|?bJhkΪ_0J܈@x 3c a9u&vJ-|pn,urjg:b1,G(19sihߋ.$ !3r"˜mY964uI8Lw2mqR'޶BM>+s]б N.y x8sw d09rK%z4ĸH.*5+t Ft (=T< \<p@<ޱqSU&B(L"릪e3#wLбj ӣAߣ7aK52COD[B[IJ| &NRǵ\kϐh3'lÚܒe,P^ZpVLKA-m1D>x $(6oo)x^jK0=mc' `]J=FŰ|Mu.yuUe*Ja,H[Qd{ML$6\" :b^ 4UTnY&uux%ukq`@4;77{i\OKF3ۖ*|k;pO PbHXwYE-USak3h%PSWYPx1`RZϸ +㣵EXO /1az@7w`pD;Zڧk.Ϡ}l3-K8 9;J?ηEI ;JCөBKd q)9dus<&aNDC`Id隐*Oz~=n,'d-iV8p^~@Ro. g/l&M#S"[nh):>r e@OOy5+Q7]Qmqez^Iˮ͜>_~R21[t"Xekp ^;v/toGC1.JOYbٓpNh0ۘ5 X).|x?Qy`dԜufME!aHR#ۗHL"xN]ڀ?6? uZۃ~Dg|vuzFpx_|"@)$x]g{P{+Fj]nœÖs_գyo &z @,-/PfxOc j[cE oYa퐦#u縦2S 'i47%u~M.t kʭ)0ep$<֫ESiئq3'W)6e0NJ)'8eF`ōr;J:s|\'mۥF!H!9jG>$BvZ}c 6_ |+ ze%x>_zob87,l"\FJ+ZnQZ/ w%#RV3 Mc:^y-d )iB\(-kC=8q}Tٺ<05MqQ8>O@A}S!H;;[Oijv4y22&1_d7gqoϒ7}nDY{[lS$ &'j9i)͘^ 4 [;V>r%֖JÀϩfTy,kd%lǐ}; >0E?+Hw5v޵ߩIΥ4h,! ּl )T0fެhc>ʠx!P1SI\VZ'Y$' J*?+'-se1[hތeVMc|*'[R~{Y7*!Buґ Y@yA.hGR+V}ҿnLs pXVr|ŽJ7ɂ2 "Jsɾ--fOq2)YfqO*q5ٿE%C ?&%q1K4P'LɓCMLG4#V)-/^ ß_ӷҔ މӪ]^$_XMV!^.$M 3-̟w,9P¢\2M(z7,a[OOE jZ^K.8+y9Dy8d):RP]`[ [j5i~7 Eҕ7HW Qn35W/T̋iZ,[,qZW-7:=TFmա?O% {lLC,2pJN~~bSq16LK|]AdcÎQ( cgZ^,D>r)YBU?xrJ?)b -H3jTl8`aأ*D\G<>`_fYl;q4[G̃^,LaJ;|ˬBeAgB{p\H[0$ɥ(zX:DnfҤ 3µT!@;JHו:6kE(5d0!+ED#)ڔ} Q#2ph_MOKt(BnsxFlClGT*Zs~١w9={Ly}'zjޔW,ENͯa<?ۅp֧eüG:l-Ok3v,79փߛqF2譳{Lp`pҏ=>vT,a@^aji*[U=,yY`h̀p?5 PR;ӎCܯ'SU8hب٢e8{1pbW~HU9H ^nگj XfFf fs>_%v oe(847%4\c8o^T`y+m8:#t ,>K9`qLDJQ9Y=x9 `DjղztNh˃_hP= :á"ɷ^eWHlN2%`qRHYnj>W{/p3EM?_3I1i20}s^V!*/sWLÚ~ux26/'.7ݭz(*-ch^O\VV7o1" 1B~T 0 ?gJ>"MOdW#vNo*䜾ւD͈}1!Q,^o7Kz|'KXbp@">eM: |"ey4VgH++T|;K{R?o l!U-6c΅R~6ܔSH>:n ǒ)@+@nMi_x0D ϲw.M,1\ ,$ Tî!{CYKmNsdS /wB.fMkw[, sHe!J'#r70,n/{U>+*S0kM~s5Ec"ZIax na Knyw;9}$EX-we ҡŬXG?1qq$ѺuJ[>i< c0>$Zsy@=xE$ Ka;^zhcX8NLQ6MTm+>`$j.g4:؊m4jde)LqׇzPB;>g$U@ ?^ΰ# HkF hs [=)FT[m נ*nӷHHVE @\^!2 χLOp`951YMR+JiItējwn3_9ΔΌ"b8Z=> Lyv:ː`])[JC[/)]m2*7\#^a%bF'X_mēVtTϝzqp7#JuzI-1YB;;Wֺ9*?2Jxŋ@2=EN=$\S (iSq46D5Hy72;>R0jRO5DDzZaK2jj '"yk|uڛ20:qJބ|yS>VCǂ<|COc&A)JὉ63ڡuHi>ĎJC}a/%>kF&7J($'mN@[}Z]b=GR2Sˮ0bTmIC/Cc5qrdLȍ ) aW/N*nlNQE&q!22c$tŜʨPn!lZ:3^kdj )]Nj,&ÞD<`ʨMX}SffI;0Q-4cnCYY13@CΩN4+P]!>jsYkRzlcܳ ~M##8{kh"LF+B9Q^65W#H`a,m殳"5z9)u2! =_K@T=7i|hDb[Mצ ٝœ;n5qa"aTG  0 1@$Ŝ*;Nr i:e㮗 s#k)#q40YX% @W@B7gGw[${>on6װ(údⰨ+<ο ۇ?O,kVIvW,h8b)Rd>G A[RĬ1W鳔YEf/u@V.oy(hm8>FZ<TG,LwmA˙3 g_za93iJ0,'Mtk.^~ze_kj/S{̧beʭ:mZ=^ekȳ!!*!n!<$6>K6ors2/`eP;F|ͩ(F!A&hTVSκ*2E In(5BӪՕuw|W> G09&s_KBJ٨'?jRaÒR#ɯ X;[db`$n[.A;do_c_JXԏwLe[,&.jYd5Q|@O-Y^/9E:1CI<`5|q} s1O\>~zuuxFT䚜 =;ї 74W}˖kiVʅuM-d@4*_ɀt*3믒]ƆHPYryzL.lHDM&>F1b%x6 hq`07fnj%6w/8aYK$c^ y2#8IKf5CNCWl袉9SCY=_S8WBz*q E><&4bIRu{@G#xF7֦ݔ(Kz%T#oO薁a 3^D>Ve@:GeV>v4U`9\K$\Gž!4M' _ndZ[^B/4MfkNYamՊ\kDpS!@1/>j:a?BY%%e_du:&OaGLbn3b>]*z~[r}%<J/E pa0D K!vuVK]Fm ѧJZ{S{Fk2j}eW2 @Q{_/}౷|Re.s! 7&YBܜh:vZP F5M&hjd2G&^Mt[=ǀQ$\j!hړ(6A_xW>CelAy(^\%aHV6=DW:5NpFpܰirzȸmX$؋JNx)OCb HR@· Ës8aOA@'[CL+%Hro;QuGE`-x2fҐPr( ΝCP?ԏComxA<߄: Ojf)aN*سn k(ĸ̸vҮ hF& u:ƐO--b|W&~ 3=c̲t=ֈpa혛yn tRJ;59<k*IXl &bsZ,ǽ{;>B(8y;j)hVTqSy)rY >Io.w.XĢ[I DyIj”JT(g# ;dosg)[ЅORɑ)=$045#Ol [j#E#<]ŁR8 Z z%!v0$9{w-x^cjǝ\tOYBv=:|rCv>+IwAnnyل]ۯL[x>E00$ NkwM5:T\+ OCsP1OPt!cC\cO-"h|lnIϳi(kJ+pSUeڴݓߍq.g5A<¯s`cr-{vNnx)[ƩڛM/ dI04cj<_ǎ/q[ɷTfP?E@`]~y:Upt0>-RCmʹչGBfaEEGb.nM ^~XNIH#&T|6xS4$u㮣tt(-z{.|w DKb`jH3㊋.c⠻su{ ̭QWx 'wufVXD3rvlفqs:"1{$*Zk#hb.\w̔<9'=ZfH8rZ"(݁:e j` Jxl9CeQ'5{FlgSJ2T9NݖΒ'|(; :ϗvIY@HHԿ}btlv|b##@%br)lckPe = >"iF_A.o+<7(̇U8lCSSs?*V [CzRYX+ҷ:?V&E5ӹW`5~SDLna(~ HIɡ4%QЉJv"Oe&-W!2E޽x"KcR`q」R{-A^k4q 4 (J,S;zf3rxz,NP&9 Z)0v ~qfৢ_0x{Y!z% ]y7^R̡̘N{F-(' SHz8T*"]d?(:e,u/ 0ۥ<txU&oK)d۸u(K"9>`rN-j=I-Nm@P&7<31RɋϿ.׮;P$lNekQnpY)ޑD%~WŠaNoX6CYK,*?naF<DHg'_t cqUkPQ麣iDE"}u(Ӆl& 1= #e}45Zq]^Bu ա-?ᥪ'.hꗦOmw=$9i1IÌOMI=$3ܭpH]41pjCtjsmi5V#Vc}e.'W$kmZuU\3Bq9$֔7xq&31!ѡ06MX _.~ck *ՖT >̙GJ0v /U..^u @ZtMq@q<"H#?ms_zN'2IA*?m V):eBԷ`uBFq sӋrOH]`){U\AM Gjў<8Wm>|?#Jx87Q~QȏOU7h/F?R(f($-SKct4pUzJm5-h;M_E/0ZmsH)`6a`Fl-p& x[kQ~4ُbs7%6|vVQiXN!ϛ@ry|E[pius%y5Z5UU X<ުLxXe7;PR[{f/:0SzlpƜH@TIFt!s7!t|vRuC@`Qbls n1nDR?bKHHP/Hj]^*ۇƈd j.TW5ĽR mL|#0R|Div'y3uNP'$W/˦֯X )ԅkPMij< JDWjcPakxWS٫Z (;7ڌux0O+X6aɂܦE}C+0@XWnL-O,sCP!j#߆*sE Exxd$fOJ>N~y֝o@]tT5W\Q'^Vs?ϯyTS2y|uHo㬣@Aa獼mjQŬQT>Ḕvpy|A%mvyP0Ysۚ-".&?܏10E )k# '-:jX\qXp7} 3; -O~/`iu7f5aI,)-;n;Nj* c-,--& a:j ݭ6P4YkE\3OVT+qο]%Uu}q3P܄ĥq0TwD-ӔXr;\aٓn<9]F]k<4gJn?$}̜+cM'-J2E`!!8ѹfn~?ؽsM|pS:K|Ad4/rLXUd] YJhwT-/'M*(ʈًa-wP-Yº#APl'Hf )n5NF|1wEB.oQ <}'=Y=.*U1s |T rQ{ajZ9Z `6~jwF {@0Nڲ@ @-LM;ߐZh6TbBDʏF%39.Zy \.Yݹ_RSmɐFM5:R0Q"8&aԞ7tN]vyy =IBH wSeZ?J7P"L9>qj]z1+HTVl6tObp:B*P<׹Ar)2sr 5GPW؉??Bra=o H#\O*nm ͵Xb?$UM 2ɯtZc+[;{*Ԃٺ7j{7NJZߧ0e QiQ &\r_uUx|Ѣj8Sw=>y4O՘Xv1)|yaV!s@-;{*n-m!ᶅewϮ驘;Omw^<~^ut;dM$L xw#&"ZO D!s)TwR_}){'=y7=u6lX`h ˺"~7J6T_&g+XqF^z&оI2gdBW0XhԀy(%XM</F̟:AF׉]%:Ow/f?@UIvY(6+5K!_:s KƖ6䵻/o=\%㙿eJCi2bY:&V0hu Rx9F֧pX+zjG~'CɮxFL[\bqX\yuPpÇ9w;NnH|<μP_y;!V ~$:ٳd7&T~6@Z*J퓪oc1t/5~{'쑪<l)"vD+l*.릎}ܞ \Mfߌ eB  ތF7 'M.0x yjʣ03)^2n4fӐVv "W#lz1Eˈ& CexVAi% yp7)b%v-QeEE4I+ϋ;X5CAm(yww#'nF&鋇Ntqq=H:Ba#O %iRFA9t?%knFvgsV7?!q U` KoVUat`5}r_n-Sĺjadj7Q(ߕAD'N  amRjNOS< ^ xaV53rɌF(z,fݎX2gD $61I;˺ޡփ-smi-pA+zK _7I.#'a9sLvMaPo2)"5F֣ZvGF%TY[{{&ވq\D!XЁi=[Ur8RFXQ/Ɛo%+ ~ N[V 6v H.#}P!!Ƚڍ!++%Ϧ,|o XkR<)؊P[2bЖ-bpT8i DLі}>S/Qw9w<9@1:5ly C(mieE<]Kp|^lk|-vyϼ5l]9q9Ͳ0zOWt;ĔJ}Q0`Cnk㈢d©ܒwy@; ::e] -oLKЪuF]L(v+_cw[诡r,|ӑ!cp/+.d._ ?Z]'#v5RhD  4&*g|Y2\6ĔhB:{ѷzTou;,m-FUtޓZ7Bx1%'3o|oAs eYix?: DGd*UQ06vk50'j09;M$>@. Lw4YUM3S5mbDYᑋn 2d|Զڃ"N&eF#/GqF`60oW{,K0} 1u*fk$WZAwlc%4d@+va|XG`CͿڈTnbLeN8(m0ʡ`[lTމ{IV[mW 7;*mim$ b߈2Ro{5: 8ШǶ\s (YՋۛ"X~$B xt׎reo;u0荗<Я"S28҄ Nyg i Ԉ oAe¿9z#Ot' 4ΥyLu)\y9Xl:VMq"GhJD`6C Q9k>PJjN.hd ^{ %nM Q - T!yz oJvq > r U'* +hz E/mA.=(ϙ&zP[$?#+ޠᩐEfxc9pE/ EMB,`d NO#FGX^.zYR<@Cِ_wF FcF[@y+;dnr@pMnz?yGVoW #LZQ" 'V%gnqZ{ϛ9jabszuW!`j)n(B7r 8ӶIL]?Ŏ x0v*bCLcuz xׯ.}9+ipWEɃXx`׌4tFTUfgLy"߻g0#(ZoM{$y|I46Ҡo=IDw!hZ">)s¿L%PywO!FfړmWiJ}_ݖ9 h~sfLuʼna8$FrVRgK=U3/nnhl -rY yVz|^N>$# K+hE)NLM"\v PŹ*y$z2r DDTqɤ)i2-J:WP&l>Ƽ׹,Wc%c -~Ih+lNL?0->B]%%4,"S:#;}@i+ƤQaq`[FiuӳkY 65 '!p;o@zթD}Ы󷤢kL .{y(l#?`uR|g||2ݣGf9) aEa.H]킳Xeyg–L_j7[Ux< Ԥ9)|TթhZ(1jx6(L`S(#3'gr/H E:jPo>ctʱ/VwEx&*EDL<Ƥ[n4`Cho#YGRZ8Tܪ[.F;:ۋ4}ôs"!TYPK6ʼnVn> 3?KY._A]E1*E󛥁#5k)FDeFݖpjgC@b9wbq[K [-rXMtk\#8MH|O}<fO8}aB7豦cӌj뮋& Y6p T;ewԍ Gg3nD@$r0 *k*d21r9*y 3*´ZQ;n(Kd֡d>;j~$ܓzhf,?`jwi'&X`CLIPm`Z1[rRQv_4L:\wlᠠet[X Hx^{|H6g\B+HX|duϿ([רs$zMK[ސB/TX%,8͜zFMH?F()F#@r1FV bzM)˟aߦmjr~pZ'1 $LZTV$ $f9?C<1ʛ)UW@hKGIf63OLAFfs1)AAR>z6>K1+ð܈0jnsMOpwOg`q8êrhM|{vnFoT hS ~eL0,3 kB3,:nLiqz4"HV pXr2OUPZ6 x'VV YP} `mTlwBZ4^Ң\f$ P$^sk {ovچC)874u#sČ0*Gl%i:_(qJ0B~01c,(1k r@)>d/E~R^ZxiOu>!LDx%+ܡ_/1,,W5+!YX$HZՋ`Nm…s'Ft -%1ٳ?TXw)5<-V\O n_dzξȁbhVzUڨ{ƇBuA#W [ JWgF,!rj6G ^2Q&ò jʓeΠ3 nCdZ ٖ'a(eyb22?סPߜ洿ᾂOOV`-g謹@ s4R`<Ļ\ֺGz W ,N?L)ea@_˛4CJWc{ wj rV U2Ty)w#ka$#1+dƤ(MyRrMؤ^r@a{%!2y4N&P*>e%:4ғѯ3H#%'Q&YVSƟ{:mQ̖vh A$g˕# [JNgUP>f=|6 mUfa@yc+!a+^jONb_6t[nZiI,ԖVUշ!+xkpIifyb$d&b}$Y/=gd;&i`t氦 qZp,1zov:vӘޒòQ2keŧ!9F׽Dߥ!R L4x_pfYa=<9ȉ@t!"ƨ/v %Uc5\ljt6H3mkT:i6؟6̎8^P}w'o e<c6F8V n;ٕ$1t:+[^:AٰPF ^mQJ9rElk_98k,~6jՇ H-vUE+h4e8$8]ؘajBkA.w$-ˁaLb" o=r.j_V@Γ_0yZ&Ítxk٫q)4KOk5_[G? L=v;g"䊚o287{0၅fTЇ[NE5M@ B*j#{aYcRT s|g|[ yxxSiW]6j*"b6ae>(g䞞%x?OfCB{m;> JapdI].Ϊˠf p L1fOhfլt 0 Bʉi8"٭kkӅ(7 6Z2?7T'WLBYU=EƑ)쭋C[>n=ϛ&@+`kYTk<}xk)y7(/l{/UG[gdZfP3my7axNjj j4 O P-:f@.rgQӁMhwO;xpi?(.Iu?|0k^_Em G8n>\ċ2qvis d&Sd4c2Y9,:Hⱽx[W>PN&mxlD C8;Ҏ痀 jxz )Dv=ȺHR*^Q>z󚤻!j<{R=ꂆE0um S*Ԁ̭ o YC+#iI9un|q*P3Ս*U6SÝ,鬿:Nv 3go2I~: ;R~< `eIN4o S;rx+cK(7bVJ24F?7ax ΌU .y[x{j ʅ[%GL|>ܤ`DnPi~tՄ)YRܾC:(Ȩ\@K>ZvnHfU Ν@Gy/[꜑qyWr@Jn0W6^iS0|y&yoluWRxs|`4 gJ6lg'۟G/{\ ya/[W$jA?%DJN؝˪RIP95MmW4Ll+^?;S" " Θæk  /Vk>2gh?- TLkό EMRD)t͒ރ^]قbP&zL|#! \K}9\u%aHCI8`"VeQ`2YL37µVu7?ˬ=+摙כ(ÕPgW;ߧS*uIlzF?BYFFkrB#MSkF &Z&|1O3К0nLeoٺ Xږ4;`:0 jL(!O}BZڏ.W}ep[@sŬLivh{A\j6r"4'/ d1`1" (mGoR[5vɃEڠ K Mbq>_ brd7)ž0*]DfpVSyβnϵ5E/VO~ⲘkQBi57)XaM3,vU +|/wi^$ź~nA@RG!Y-e,QuS@"9e ڎqy.!]*u?(0R2>Y4Id1ݤ宴]Dd]ddZF: C~0u>NBXh'(.y9mm{(?>N`bqH@k˪<ݑ6v7ό R-+iH93gnƫ~]_mwuhOl'= aݢa#ڰ`m+׉3ӝo:H"5gR_ eJ&9+*܁0{ۘ O !r"JE*pBV9`t3L[qjSp;TJ$^bފj@jN"jp+$GjhgܾQ\ ۰hw#4"5`= 6&%JɓR;7`yC$*, 4U*tG*G)!;UaDS4]NE B7d0d:/G6A+WuaNZqooWbL /wh4VLaϧ3mp 1ұ${ NbKvpOmZ+iBii.SZ})pR?(P)zOCFW8Y\ 8znY :9~L8 hԙ^Xq${mA%t~$ƹv>jQEA0nz.fDЄlOͼ8%S + @.We 7.]mO}۳9$`Ř'3&^\ D(D3{|/fxz%MKlpl lg_~y͇oRd%UG!P}ѭJیOW,HebtI?*֬iiEYK낪p?S0B 9:OMCGiM<] 03x˙p1ebr= ^)Wvu Ȩm=8B֯?YYIS< ̠bbTвך%¸(ߵúC_20(]{(L6AT)il|?dXj1gIm#wcD"PoKΩ<혙m~aFF~tHQ$\.<8Pr9,}2$5A+SnL< DGm?@c$|ݵԳ:PD]0-В߇l& ~s$ʏplE;r eQktZ/KPSMo6Ǐw7&4#_hjZM\#w*}`COoű~J ԑ֭.?Avo˜-٨K~sQ'?!P yӗG%$SWteo_ )vIW8բx=Ջh2߁7k"ZAȵMܑlF͗0|Xz^%-nwS:[`eUM)bpt=DK16!tYhrMI GcWD}oe¬=<y+q;Tm2 ]Op3r)p_!q.6OD7rGv2;C,#ygon-ܼIìIf>)%rrb/|I*iykG&.ug.J (:2/|laAIȓN`,XigtO0C>c,o<R]p;এq 1o(sߑɂ;Y6|=7@.RUS`ՅmlM-'00oM {)_ڃ@s 9uD/Z7InRrO$DYe7co}oÅK阷MjV˃>?[Kj*Wg<>Ε6V_7=EգƯ-wVh%̪aXەv 9\M,ֆ;dJ=m=O^c8+,}X6a o (RڷB{8H4H?E;o8 N!JcQj 8q;ọ jV3u(֓M83 hdz{3n٦X#o1"ʙoYAa( Ęzyik%dckjKYҩYjLN7D0H =ͮE}9ͮ21GM?$QډN<s H__"ϠLo+ymrj#GR!]}*uQڒo;]v}ə~އj;SdjFjO7_أzbHxeHgۘ88d:#j. ba&ݭҽ#\{܉%N뾞345>/ߴVPC$Gm8<+DQ@$n† |}AH& 0G˻ur2׋TYJf`I(e'!q59&0 OPe/XCƉ尉ƦtX{fgrq1$*G6*rʌd=*TO~f$Njz>kEۚj4i5> *$d=lXÃPy1MI+b*fg(eڂ8~nheF\@|aWR% /ȋՒnͩX,%3betpL ]Q̙QlP';W>k"Ѓ.5*mPm8|9'9.p*Ys  3ONL(ý>+!޷*]Q^65)4cWxpsZ)9Ld 􍘌MO ~0;8{`!c zUumu;7)heXwڨriK@]LaTOM?|m7)~Hޙ"%g7GVߺ؊UцNJzLկgN=AiJOOoo1*eiﮚAqW>2AX!lYY!0+O'jʤm65h9B[k?, \p+Z[ѧEc(pisδ!Һԗ+a ֋UW{ue{bL '&w1:zpZ$-{l.-!Cpv {Anۭ.ИKYTAT.E2@토ȶgķ]2!߷>}(9wXf̄qwW'6.5B.qʗ [e2#!ѺUڂ'.{]Z[ n 1oUom z`ۼ9AEu]$jd2 p,coB͓ȏ crX^ .?aF vHK8LOV5SΆ*F}A""Dw#:33L]Pj%?,B3ei9<Z:3/3ij_9:e2/[M!g#M]p<@qsh?N=*CB,0jx8aXVvyhiK;_:"y\C.V㩅*Wgn<>y К6Et->!#DRXZh-}ñ'inPcW+R!;\^h/?I=\c2TI'l{1Wq]){Ad=Dj) T 1֨TVzyx<5% 듦\!$ 7c?+_OPD+[19"U|/|>cpNST%`9HO^Xua*UtЛb|]V* hi5ir9Mn ϲ .48, M3[s+nh_> BAnUξCmy8WCSö_ h6kkr5^ B̟I>|Bz4V)N]tUqN%"R5}ЙOgzrQۂK\ث'8v/!Y*՘-k6 jR&j O0= RS쾆'ј,Cwi &I>-Mo^BahZ2?eɫ5Ө"O` 3 BW1/`0Ӊ̭W޶z"A.nzEnv|3aLК38; N=k_:^F~ϊ}MƉ=lA#=d- l[FiGpKufRGPMs<_..?V{#.ӝX59j0c IGK"•O|5eoX>x1T, mt2Ïޖ1^im;F^?.sb E|H6ENzzz\䔜d&ZOȁHC6Npst5/ɜ/öZWT-3ELGϲU6ك e[&JM46)`~:s(Z/Dǧ?\;e)XZw)Nf[{]ZEuʄ:8j^컒?EW1L-a'WhIXn(Myp@guFV09s "|5l{HLugknx_\ߞ5ȅYB|`2mUԵ ~+9~rEZg|8‹$C0NX]H+fOCJ@ٳ26!Oޞ[i8~ގ* ֿWNCQy_g7{8FWf XnWϊ,7}": 9rzm}+Pp8mAč:qnl냊|\2C/F*m)'F+-# 6kOo.=1s ޚVs;UÆ"ɱn_TD|x9 ΒrC 12y)~¿\C8c[ǝ]u6ZӺa,,/H Ƚ [M *fVMiL,5ӿW-_Fq1CdZ 50Ϸ%ΰ+R{{Nn S}S{q-F]4!6cH)}<YP*j-rH*LIf'mj2B2d[6/锧䖆/i{g_:r KZ)oVMso閹:(`Q&]F\ Ka0os7%I;`!C=#ědBOB GuhIu]ְ:8ӹUvA›0"Ȩs띏ƻHj]fդFe%cT,niC@=q]&'5s,N;*E*n4Q7}QЋ'rCewuIXtlòo-q{c'd+wWHaAa'3?b0cs ֍EMi ʽ/@e |q%&%{p`2|yI>IX" `jңE]7ć8*"0zc]@}ÿu'H(TcjI+gnD{c59sBR+V@A|ĄKBS3Ga ;5~v %?*/"D4b!.,Y_Fh56o uݥO^ޤ/:QN,u!kuASJwfx={[5An4jPBS lw;)rk݈ jmfm_3ɒf_/\0Zzh;p9o{6٫v, 4:I}Q;$9z9LFA/鼗۝߭ Vcru̟k![D#r8N BYd z +[Gq]JQ,45\5X !l4Xo"Dj X=I"oڰ!菤ءL z=g{N;̙~G(/n_vr VtOӵD/jEv <"Ei嶕eACYFԴ=1*{`i]m5)9 ~zVM=pV&j$G!O@`D@AYe+aӨzs-RkCj2,y@`іs~ۺ%$80^>oq6W*cM%q7 Ӷ 4'T8.҉ Ii +Fu{9 +AÀ^)qu ȩB/Y굿Q%D11a&;<;Ur\ Vu"-ϕZ4D;Tث->]oX(H1N{? /xdy0Dy9PrS7K2㜌B|=WEp2 Z?WXH|:/rM&/$nsݖfX.IUh$󃣘K5 s|ycsMgM'^fM 24KFd{"J%v >VH:Sy̴!>7j07mw:/X;~ɢ VCkE'n(h꺹ezXFٕ_o8h̶ S]Րͯ`Sڔ^2y?&>)O]t@b/-k<^f~if$'a 6ꐒ؀sߩ*ϳ_xv8w[S _[;./w^h,2 u*b jW߾~ n:p.}nǷ:I~R-W(1]G=oRfq|= b+5 OX=@qSkͥ$X޺Nb⫁[㹂 ѼQ?RkG[L^jgJde$`H[J]?ɼ&!Uл_ASY;!b ݼ\r (=NH~U-N)`uo𠄯q#ielFdXJ?~HbDzg0}ay|̍Zl / W=Tٿ0_UD"@nRGQ|f4 ~Vxp،$ړI4QhP^ͱՂ `x^7'DE&f*x< jNc֎ $+2KgIbr dgPd-39j?YYCg>پF r+7Y)g+o@Q#XS).Wɽ.nFĄt>N)=9Wh; g،k;d9ז^lIMö5Eh7{ G_7ݾKxNG.8uQw:.d xekģ09CsWOqDv ,a=&n 8Uױ8]zo zP86ry^u!:϶AE@ cV'&y+bx$+A咭!N{E U.I?w Ȥg+*8}~&/o<@/tkW2$9+Ņfk,uw U߂1'X}+W>RvO:8i6CiQ9UWzc t5x!"^\Iau-"2- 0.ltO8f9GbwF1iևɈ=Y4xrs{n>ԏ)0[ZHc->['׮, ZԎ'͗7 ^Q'#Vbo`m蘆(seD*6dUH'4 "L?_޽~"X{gbk'H6Iyi7kgފ_ qۋ:w[hfgMW2:wCnmC`$nlYz^fH̕2KUR0^mIk >ηݼӚ%fN!s|5/D0jcCdiħj'S|kﱜP2tK>h7tܲWTR^4> G>$e5֔Ǹe>>䏒1_!,.G "!}jAM RV ޖ*8W"nBz-EG`3}q#։܂;=PpOTf]DpdIrb0'ג}VCfFDp5AJ@π'`UR]`k3cGG ,oۃ?|h|05TIH)eq2+z-fKA*ǣg5Q@ada;_/Z@f Hd9w6NPkTiS8?k xx![JԾ@ʴG!w k0+pe'[UЗ/l0T51+2;K6wRfZ$NLMO[7T~Y/uae+r_C'LwO$8?4zzh%B-jؒc3nD;dX#"lEur{9Ol >nX_QАlT|a8{ۺڕJTz9^4鎽{>JE433BDH0W# vmDZDgޮ/5 ֈTĨJKK̆h{1(kLgs6 $93?Oe'.JG$d|^dƝ2zgqc4]d/X9jDЉ{bAѕ?uʺ\K6yϢ̢&#zͦSB&4Y=(k[Ecܫ)nExe7 ;(m8|wLMɹ\? G95yɴ}K—@C,;gzvX0y^_tӶh!< i#(>ʠ4 rqTX~VU{C FM/0/ۆzk{ՌR4JsN[v A#iaڧ1-ΦB'M]`tp;9m (^RKN򒂺mԺmWMV/Ë-/| 2u"FtO>/OAV'dy~$.I~o-PF ̣>NhwTrmmjƚiu'4@nOYTr{TAr{4=Xd⿺2zp-7s %K|xxhXאONWIȉ5l>=Kf#9j8o*e%lkĠǠ !y0Bx`L#$Z4s~7#/ExY"v8aq_UV< O]fH<!e#!.k,Iw 2OJpa_VY1_mZ·ui\>b=xe^)aK i=S63 !5湳Ԫ/Ot8<8,v"^[T+mZn,AvB'iOܔ> π*C]L4:+\hB$mcߥ/zaI<ݷkwYtd!2 <˴x\bAEI2T}@58hPB>.Ig4s[/&hExlFY'l,چ-Eo =Vq?h鄡(DR6y#VNy{(BBJ{W/`=b' Ep^ 諨ᐂ'TΰÌٛ\UnFJԘ>ݍ[E&JyEX\(3 |P6^ֺ< iֻ Ȓ}^ }6~ڇ 9y ~U95!k5q `-,vIrƄgdsp.wseV'iDw`@RTt[KA^yPα&i'S3g"hQҚͿ\^l3rAr=QKUrF-{BT`BӤ9q`crg!Oпi6NvT:ۻlc3N+'b1sbSѰkz7<}tGj"od)AHSqLгN`]Oů`59j*m=o2&'XSo cC ,M+W>!,rwlʸH\ R۰lm44gmܺ 7{,*y?j;)AZluu)@X|ʥG|-FPLeJ$!HGu(iu8,(_;=W~Èp):=H_>PPh*K" Da̕~҃jPйټ4:c%2|g$uf#ĉ>c0U7rrwbfd +FNڟϹr,:vE1nms}ĸ]K4P&*L/ckX!1h/B:(" W-ԝ40V.CT%]]A=Ghx!L'od=AEE,TB*(3ACx{֓q $/u@}D{A% :xԒsYhJƈC;*>Ӂt/ Uq8v!/{wPG8ը+er|9C@< /R"[H*g$-ɦeOU@ui^+NLSg T^*SFI=Qz ͼ=RbATbcf^D+7 "#uYb$5:ZGohz:eTg[I9m$flȲ&JvROilxK\J+fȐ n#5_?Me\Lr`bh#M`et򐪇8 ma82XKgWi451S Ɇ=g.i{kINkREZsp UI7ְg`XakRAw1fFB&[uje^F&-  a}_qEh Udǀf(X8ImNveͷ(] xaŕ .PbYӸxR~T}4-WƧ?1C>Ւ1Lj\ÍD`dX~UDJqn;]l Ȃz'2B4U1cnh"׸XqHv8L;N'8q7aBb'VI[mp(Ȩ.,qڗHe%-܀򍢈F޺x+0/u>ɩ&f'|Un-=#H* hێ3ykF~7;4SАx褪= ߆NVٓvVhu3\D҈_`+رƘr 7㋥ڦS',+3gIA^-Ό84գQ&(Db+PFj"a` K#D"(8J&49~R;ٹm (k$ 9pA{]j;-ӣ:Amrɫ2ahH(w++=B\{~5%B+?w3;Ue$8tݿYMwF!3;_4b U\mir/3_|0bqgd)nK:kror :x4k^ABhZL;GZUؽ2[iۃ3HlWVؔ8$H0-ӈRA&DT" sG7 bun0-3Q">n"3 j0 sp{+9e,?$y d >I&=ֹm5y\QSp}u ҡey0 sjtz7ϑĪNHl~k|N̍@d;6OjrKU«ϳkhPRf 3>1fGs%WGXރN2g2X։}cX-s_U D|E,svI;;, h̾z\ Kc<+=7Zۼ}rX}N/rJV6!Jν:c#зn16 98+U6\vq[x>JYc>I{t' t^׹ N(/ƣ@g@ۙ{S->aʊ۱g`[P;h?dÒ*Ttelbۮԋ+l+4߭eWl@XBDw~%8mP])[u̙g~xWC7if;DSyp2^o5 PB6܇2bFB~t^5'tfӦ'*S5yx ']<~ڑT4!C/%Է&H8F44ETͥl{{Uk]tsG(ERb gM<2. 21 /Qv냏"~iʐεUx K+VԳ@p)"7\v%*ʫ#~Y9J420/*-$X]T0w ]of[c`^k6H]ÓTο>b{vg< CK z*(F 2w/S(rOɀ}ͬTF$\' "vKeQ9ܙXԘ^C%w8ya8{ҠG?PCX>$2}^Ռ{!܋$K<Z*sɮ`8s#MӈX0+G 6ߞ*%%n-:)ZqEpȗ^\XCyc%vC~7kGۉ ZcYos QOhk$92(8'j`_`61i!ƥN9ӨJVxCU= Q,Yg? l! &݃D̺Gv+b% vVVy]M7[MLKUA^߭W?I2+.H2۱7viYoH{<Ď36,j9 I^U!c&iIT0%VKC{p_*= AV *k"I_ȱrHA]Z DQ ϕc3uE|˩LWuCd*gE_W`nrb7%͞2F@*ש:Ԫ`aY0bG6vD˶G?b0IKVB\>? _F4H!fH 3,Ay w(ݗy%EE1n71Lr~ERv.zЌ^񵡽!;$ApPU_[|$J@ꍓDi#An/ŗK~zZS?Vuq MO89ߕ) aR2%]]jB궇ZS|u#`d I^ `g4!5 I;\d4ysqG qo,# 1+6Q B8JVUz:wiSʵ 9ꊎ#wll1cJ`l/\Ru:JfG/kq`AÙ|]LH6`i.#iGc;C05!z.#2fHڨ2ߟךI̕E7 <e\j ,v.d]mo]g$$HMA{<n_htfkK\B|> &*&Fp7joZJ&E2ha?p7C=;٪S=J`z+ƈBvnfuVgi~LlZoCdmF(^X}."!6HNlեZS8#^[^މz:XF޾5@9#gQ*M\etRb̌72X Xp @27b6S"Ul sˑgY\I$PĒlci*zv. L"Aw5CU$vΙ ^mwH\lTcbH( l0dP(B1UG-kITrABlYT_Ȋy,_;' P.Q@D5tZ6c SaV^V>4?w8GLN.@jrr6{̝SdN$@R׶y@^-@l ;te[v ba]/5#'w*.'*49SO]M\<*7^39K[}bFoxUtjb !el QI"qume8T_gvڌ6AOQ3qjeCJ{5pHL,8$02+$nj%̚`ʳXfAY m欐F8Mb9;뭶VGqOaY9K<9k3s%za,5fo. \&AWvn¬]lyBtt>UK< 9|u51TbwD._5}\CƒttǠL+oXudItA͵i[Q/!Ӕsljx5/DtEz\ q,)@|<,LME݋_qUǯJfQ`—VfhfJ9 )oyB-ECeDw@wK>H~3ά)^<2iC L?~1`*h&Ȣ#>f^'MOvrV1:0ھό^k YcU;"Qbd 8#u' Nf OQ9<3g`fyKQ]=uʖ6?p6ST5-o 9KmaΛA}>eq ;Bm35@504T ~T>`2w]w\ƸVa ĉ AZmt0\}_Ή;~m11Kjr|/)sK<]5YX" MV~s+"cmx1ym)6.]_ ;ITq#fBfC܈U+Exs_}a4GdFX8.mB(qloDf" _ˮ׾p:$HoR>WpjUwKD[`hwf;Ϣ-,$u\1izyx4ʓZ[xjQR17>Y3R6<[Tiz)z[!8V pX`}4sM݃#r阞:kazWZǔ'Αd%Q+:)_C ]yLZKFgJv=s &.ɋ =Y.`>`n5eù]0̌\J('Puٔq U+JJH<7(d}̺?T[,A/7xp&j8LDmۭSs>I PM+y _P:K(`\VyWW+a;v Ơ <FZB.X0~Ti^qڎ,RhklmbpeVz(M8&n:%_ș(?<2H6ލNL_QN.tmpuȵarJjWF76kqa85`k,J//Px1Uo^cnXiN LP4f~HI!*/ 1|~F}* r<ilW+O͈4Rbl9]IGyI>EWw3ͳd"y)` _[aؔ6hM.}esXjޜ0_ OD4>0X:2z˦%ok.<_grmqw?o82'd_D'Girr ; oXLmZ!6JB5w+ lv Y N(@Z%+'+sGx Ȩ-*ԇupmK%z3_vm4*zaz*L<Ӏ[Pc359i}hKXb⬲DvKoE*Ͽ"4?犒6ƚ`V-hHg)tqKƊq VaH63#/4OY`8UG.E iUkmz /E1gj} |NofԁuMzקS'/LaH~d)g_t%dz^nW"|w4:|lܫNGlA_*ד.hP:E #-u?,-fq_!SbHWBi>!Ÿg[27{ŔVBSMsJv}>üŌ q.M!{x$Z6>Cn}*lnŊIjo\ÀL|d1Hq'=RwqiU.Y_+7qLA|PKm7g7cjhm埱EC ՎC:ŠqPfk3Ӽ lVwcw蟅XEڪ*IF`$m,.d`ό~, DJ Q "<ί<՘t f5[TVS1'Úi "-q\~i7V 橣KXߔccK"jW}]_?S֋Ŧ Te1#SK V2t p˿So=yB|AQrK:nFn{B_$27%xwsy@LީR-bV}?R|8#*]+wb/Q*嘠Pl**oXʢ\bYk&6>?~;|-xx /00-a8`ytw/^C)Z[&W|!- R}>b;CG A<9(iD o:?27a@%; ykͼQax*P_8S=i?(H*}]XhNGkxEO쿦CeĂ) a&Y ʜɺ3ò|%;l2~`NSr,%8ӛ g˽IW`W ]h˨psOo9Ĩ2)84y6 5 *t.A;4ݴJwԤfa}Sj{G4A] vpbdo{-rnzlLXj}˳}-FՎ %|YX*и0G؃ńP- <:ˊv&V6 Ѵ7|{c#sʰq 9ꭚ(Za蜘`C{4+Rvז~ڠaGNt(KŞ;%܃):.u@Lmٞ6^j6 ,aV-K+G#2m+cjwHL`ݷ9&1?fN=JFڼ8fn67|L:&O #8WoN- M*%ҫCٔk;Nn"-_ds2LygZ `_|hYðQB,;!1jmU쨨7C&;gZXm)%NjwC'VwՑ}^iT ծ ђ+Y~a.uAUccN3<6RgL8y?ɓJK~L=*D̾h'p%XwGbUa:QKP2D[QxE\sc}-[EɜbLJln$޳t.p?.d5{WS%VccԔ ah͹~zY㍞e mUf+#C6Q2%4q/$!b3Of܁k!m"?"ˇ0Ld/dY:k:iSV7iu%ޞI앂tb@AsoSPgrz:a"ӊu'͞G*.g^b=@E?dݡkX,:zrɊdM%$VͧoA )IB#"6rjk<~z <=CP_ȔT:FfclK$=ʺ9uQJvAj#GnC%.m#31QKl@)φDV05=XpbށIb7c&sAwl&_>ϊ?Vee}>fjjMݔu5G/ޢïbZH'7S]@+rZ+C^ned7cJg**9_( ;q{){wtd n WT0Fl;+sP8;|H0NmJVg<ů&7i2zIp 䥖ge8"h49B]B]p})Dcgz8s>EY#h~6"+^R||(@@0?- <1gœ9rhYS 4;  S\r^]{_I[vxzu3J^hs5??m Ӫ@v%@0}61gV{V誺3l~SDcX#gg" p?VwOkHbm4Ѳ;F&g,ɇ}t G-bK$ * =УO5\o3ki''G}|8/QHŊ&]J}mwA] p[z#֫zr"'6)^ecAt7׋G&Ք6Ty誻ȥ$ D@Mm'NY'#A%'wj8mHҲױ/cКZFc9az3S7sChָ +@No"BCe?IMj9=Gӹ跺6q26_NOʴlgI~AVi h,ԀZ~:ӱx~`ωW qkͯ3ǃy4 #jV} K~GoƊAB`3PD JU \ʗPR5tfhZi-n jn wn>G]Ju}<5;ܱNi 990$WE˻dP̴lmf=Ti$Qv7AXkg+ēN<)\f{j7vg2ib)DQb)L)NK6ApJ]?mQuH3ytTaA hOҿ q2R9C$ވcZkQ-]'mIU2 SzR$ը64 tv__݃G6o6\ތKO,{oZGϜot̴S;jZӝ$Fg܎0~GΒB!)|I6C =%ej[/) G--"}_&s6yRR} ?t2@x )[?> }Gi[9sYC]3gd->U )v}N¬Sƣy9&fŃHC'Qv68(IpVDr>) Ǚ'Ⱦ60^ RY(jMxkVG (Lp[{\7Vv="mQ=-%G$^Fpu B5?τK{vŎy~ c7\VX(R@6-=pbG8.@XŅIsj5އUS?l˾zOGA vƵXlYd## >=d}TZHOʂ+%@pZ28ӓt'm۬Ǧ |ԛExuaH 1k̆볲0eD,())^xC!;SMr ]kȤ >C]pcG54Lmفoʷ1- a 6'pxIƹ)07-@woL%FL泀@)JGgIl.oG3OHtYaWJ$)zzqQd8j&C @ N"qL P7̬FfT2z$ w= kJrYޣ53F2چ7J<1]?,}Ɓ]F~{/Z9o, p >S4XxHݐO Ln]dh0v݂{H86 C pKcT+~Lrt@~\ߌy[sH* dҾ/-f}ve Yyx"$EN}ݐo#!"Υ1ٱvwJ~5ug382 ^smnȯ /@^}}jHd^]ZdR^~DQjJA"?JTڞ#t6rol G=lf[L]׍~"tG[j0ݫgq]\g1S2#Z6p$L=%{CquǾ?0!'syz!<*&~Z=%tNO&hdkWS19t{M ryԎs5j*ajVﭖIjSN^t[:9]NiԁoV04G~8RԇWh-,vs[!' A'oB$T?hN:]=Qȏ#<*U%sm$ ᣪ<ѻ4N !St*Z+\r8:fOqUq0S~wJ882&k|Ph+0!w}ګ'Q1M8Uz=KM0Sd7BWrd5~/QƄ+3%ٗ dQiv>8;`@OAՈ K^a܎'ţ|%[1,Pbl&.1rG &&d{@`KJٯL17:1]ATdLV -`Y8aΪLZu=-iAV44ݒIL: o)n7in@nӳ!E:7b{ B1VKbV[<8Wb\F9GPx{[B?zY)ޥ ?|H씶?PWMKN2 D0,3>phM<%lR%ǛRBVb(Wge[-}6 6k @0߅ \m4u>Y_cq><#uQ% ]P"$8 \s?Av9菡3J:[w$Z䤄6o@5NIjGKbverjj=^_G ŭbN,Mj,'qyyj=.>B|Jɋ)Hss77 ECwuQסC+6Y| E7ƈX#F~ꀍ7"21(u(-~?5.κ+ۦ~ Puɬ9IR XXo Y<`].T|K·IڔY_2բ0M#6tDzaP ԇ |asm7)i7QL-M*}]Iw)Ks"s>O`w{U>*h,1԰m x v(\xGh]Q Gf}/=R$,!|Q }á|5]ibͱ5s|q=m}*P:~⌇5 gn(lV(޷ItKU *Т@h SDPBG8Nѷ"ށغ *m>'&57ql7 ~_t_LPN fe9z{6&ϛC>HQ(:zkvy;}˩9R!J9'q!ԕ;/=;Y1i]JUdZs!7`g?*rH"!h>._5TZa4*WloZԹO-7H"h@Z4GS&4@ ȼ$GL#&B㺵:hnvy Aݝ˜qydC diq98I0yd6 )oh9{!j D2^ ";%µs趲tC YI/2e|Yt[U҈:X I>7Ds92X!64XL"Cβ0at{ -Yz[pYv a/T+ C0/{a{ Mr]v JpTqEߎ3ڳR%οE~[3ueQ@ WLQ<%#F"ɍj LrpwpDhU_TВ`&ԃѤ(7t WpEجN;wb7-͢vg?=121WlV!rdt@F\Ku'E8Q7.ejt(lX5~Í8V+;QZUTLO4Hrj4/ e53丄tui q-wEdW \!V[{oQMz0 A 5RѬ}0 Vz/>`㏓ C4qyʑ8}ЊLInEh m;[3\v*L| tťi$j/A f &qlƟiNTb<nMv7C%`/IvS[|b5Z^F,X˓$4ܑL >ڃ.>:= yeɛ.0o,c$y,8ho6ʬu IAi5Fx.d2r3lF6Ǐ|wÅa;5&0,ht֩x]WboU`(MCOKZם&zN:ƙzP8WDB狪d015q9"ֶ2EHdvx~ MbBXt"WU]Kqn^U}jd>NzO$E \f9XW 5ĉAuS/3췂x;18@zC<Ѡ(<.=^_?mS ͕*Eu:Np᭫dqo s^, FUd`ZyNI `_Bp ⲙ d\u}}Y#ɉxXmrc"G0A.g0Nڀ=NKTcIgT"wt"ܗ SAcQVVq!0w^{/Ҙb17MAML m@:rs9J()%` ;K:L֬u(=t'+}>ɂvg.8nA0 E`+Ɯt#k)Z`Hմڼl5n3ʵ561đFH`\f`P$ ߧ>x-F뱦;1FF7fEoC?pP|# EKpPQ*r—\b?4G %/IMm }vE–n`*Y叧<ӴL4XFvP0<@Pb|soatWBmE6v5fq[Q61>9xhչ:ODP,D?d=‘^ȋoNhF%}vo9_;!TRrªìS!Uuz3wUk]BfIR\aĪ掬HeG8n4#FB'OoSآ~qp;¹wSg^T3 o3AJ!:KDSMƹhoա= n=xSwĒcِ@ ?V&ӌ`WRV+y/o61K ﯪr O'.B7m&O ֌Uh:=MjzG<*"2xhnJڟ9n7;CɗpbX5$ݾu ┎-uɰ{>8NdIbbpH :5T}ؘõxó(MOx1+$^  Υ'399Ϟkg3؇QhB/w3"ۂ^jm2aQbM 'ޯ>_fNpyE;Δv|ŕKQH[}+#qk kdiY>˥ +\K %v<} ѿK? C/>A3ho簓Z}NU&>ǧRߚٺB~a,Q˩z5n(Qa$Rv8[_r2UwB`; jGô0t1J+8AB&6qW(췘XwWz^.tf7?L4rY~/@Gxen=)alWʾ}ҕi|,MBٿ0aߝP$Ct2wؑO$E=~@4Gpvc2y0\2k',=*_;ߩ AidWkOV0xىَ`aЃՉ̄.SEUelb;1 ` '"Jͨ 9"y|D%$C8o|0=8 IJs h$w74 9K.㮽?o}#7nmQЁ LF:D;!( ,a;* ۬evg%)21u#޴3 P(CVrm0lixU劣}e[zOeMųRM'_P³?(|fpCH(gXj[W<) ߶!5eQ|"؃}z>kYͮJoٮ-#ejo(ɯ4?dlվ `NVojgvY}%F@@Z@[V&Hw)!⏎x$Sw(Hmm{ޥVTjإ w>Br_lC|8p+Yi*( Ӌj,QI_rSͷj#>)] 3o8v*6tYޔ{D q?Ѿó>Ab?rk ' B Q(Gy3Iy~*tBJ+? @09fe6>4 ~۸՛OAUPphmO0 30`Tc6:fqX{cigdYPLӺF*Fz ޳: g꺪kqV_'֮iODAgBx5@/\#_jLm* ̖`]Q 2s4=H)@| iTyT1eHgI$ؕ~;-^3u8^$3sVGEzKϨ`%O%sH0yL؊PD@oa~PQWפpゔ>@XciDV(26E<&"Uz 5\ ЯN d(X?YViwq-=IEo$֝#/5W 9-NZ,d9Qw$M^]i.[D 0:)e]K5N A+l X-:R׶3r3i@{4'Ē:hyMس#hM=V؇:ţLZi&k}y{ KMd{21(xrVNCq/eMZ̜)!y# 'QU%1F_>n6⸋P睗V((An N%)H'`OZזoKȴtvzX_{3n:XmFyCV -i> 62ڰ)Q}0}Q}k UB5}CUqT?1 y\{ȅa ?&ΘPNXf=>@f )%Xq=ıBHabL+O.0{T@aƴ""/STcg!"3)~&TOaZ$ʭaC\Re*GHV?\'@sɰNam,mtCkMϝKYtd$Slh*YIpZ/{t6ά 2c5 L96"P5jěvLE"y MzWm3~.nkQ9:63,Gujց:qG'T#/M>96ES5QdfbAn蜌0#d^?$AӝpMDoL|&L?c.[oFlA"P|Ь5?Va^|&qNҴ ZAg`HS(-WLEF 2!'EUcE;Y5ŋ]d"!G&[*0j0!vگf6CV}~7s@e'W3Wtm(%P2ٱr|d/T mNafYԳoqVN =DT8V<d"}4U#EJCgQG# *CE-;U`hwi8Zuk`xw۷QD6;9WM:FO48<]ݴs;!~DnZ,깧a"]?QyCRBZ?{>c; p3Ǯ*: dSCDt`*ldDCq7W8p@0Z*STGդZ)2};rꎧ$20 x| CMo4eL-fCp7?bR/35Pϥ׽I7TgP!)58Zadr|ѫԁ1#c/6b" 2Qm0u|yMrJ )xçdA9+)Nc//Ʊ<ϓ*/QWvzy{D/Mz}|vi'H? /ߤkm$7a yS@ ^#`l&ZپVTxpeV壦Z%/V`IDXH\E8i/M%'v'0'+![iH!CbOّZ?pA[&$Gҟgq>;퉔Ί8G@n#ɉVwJRTN6?TsT#dΰr_,CstS 3,…cC ;RH^/ӻh;H@UH"squ jfeGu_Gi<Xj <JnK=KAUV&pN IS# jDWk/𵄹qC[V%1f?f|~q6|:;|:Y:&Yn, Y7Ԅ9rx"l`aN"YaK7>X{F?6'[k[IF祝g~ w|\eSclo oCL/WYCg~ہ,xT層 G&׌ aVFH+gsf62L=ag@{e=W} f: 7")]]o܈ȼcK8}xJ[ܫN%!a-uP+";]2 hF (!$"RU=_M;azJOS5nK k׍_[={\]ގQ^oNM0Q4`NЪԧfJ{ pS6IّR]=7=F"6M0|ԅM!^Kvѿ2Ns! @:Eƈ҇^'ٺyuܧ0(6.Ih)2^r. +\Ɠ%ic}ZăK~*R6wLOgp#ّ`b42ב7V3UQCZJ.뤬u_c 5RڐbvLyvNi`Nh& ]rY^ Zӹ2-|>f,z| zwv&fQn|!DB6YPR]3O9"r | {uذ'|rtp}~*ݕmp:t%`[Jܗ Z}`"B[`#ȧdҿ>aUu;&puxaP^}hNb gp۪)B/$-91-dWq:$ٗ,hC^}R%\B!n$Bd͐G9grUWsu 1~־OAT~Z8/^@]tv}j? y~<[x&%38P@zEʒs-!DVe3X wCl260t}M] 9bX00}I,4%Pl,uX F^zzgH UW;׾š[T~Kp~#Q>b- {c"WR̀ze-H _$+ 4XC&jXGdojsd3~KNk| &^gw/"#BA c]@c2mNPK,8. I&8׊!dCvl~}'sQ'8P7SeO l5i`2^gֻ0u@@\nT+{deĖqʬLF>͕d=IM^~d: +@lzao"j( $hb7 Ucިb7[-k\yfSQ_2FNIC;ur=zH]]цm">h fm1NckTܙUmzR/-Uqλm6R&%dcSx"B69\kݼ}}"+5Xiߊx>J0(QaؚրlF)0-)$&i``b,p 7y#UzYyTȬi P&L4|H| Yc՚%Cc#TmJ {5oľ'Ղe[wcMvKL-e_m-+0Kجl_o4]}3^yѢ3߽;ag&#0|9f7{k:H+Q*L~^\!֌1ʄXsw) {V뫥fx1eC1xlݹpE6#A(ʺ=tuQ+`ɹN4[1eG*~3 ՗JdJU z;~x;O{IeO txkXIG&Kư| L=α( b{4J(IXo*% / Cz4H`^Irk8K * W* '6DwDK@}:bJm^/HEd ImCW'[g#~ACT61p+ipAm{QzCڏp-[[Fk}A^$o6X/ɸX'$ JG;3.k XXǿ:  ^9 !-]T~AW gdm6V  eɌN5t|EܪYf-)'|LlRUIml b jSc}{FX\ 垴.'QE{sp4o){ $yt_v,D)nOкux2gHȤ!1W^6_Lvzlt殥3_ӥ=4K-m7{U:t#1I6+OzRUׂ5Eo?̭u-촟~dH +`kEVFQ(5 IO)&+ %:6N-/P$Kr(1F< Ŏ1W\M-ju]fײȃ .+\EVEPp! |xIVeo0D^z cg /rB{ :R/-:y]I3ML9qa6^(օcm'i.V w9!j`㼕! hI"cJaKHypVc $ čNh`ʮ Ri8r56U\OJ!l=HgAlrnRpŢ$H'q׵:A4*yCD $tR?|q\~[>(V=mF}?v@*t$&E(F4@"LH~103y8WTn)G]zc@vPgTP1Ooo{+/$! JG"(DB(iکz}]fMޮKAUU@ΧMZvbdU͑)n@g@0bϲD$lj|Ur1 00L& |wl)#vY([!%xUaUp]A^qJuq9l.z0~Ek=9 ݱPQ~`LS#_s$'S9u4陖z%/ t/;myŚ$3.h3\ S.t-5piqnd0;%ABb*j[z6 ox~cJ<$pɄ^: ԳhFR9󧖬<{*b I/T,A, [9E&6gfO(1{0A }?\p_lϩ"QfTKiwv=åPĉyŃxxr<ދj4PFNu|`,I.FExkRBג/0l?v M3 AL<,bg*)qÇ3u^u·!Ex>SR 㞆N dtgL;۩~ k1%z]?A;`''04-הJV9XN3fBX4jCu!xZPbiSVh~]+ߖs7t&T lhEEgNYַj\5 0P\& ڷ.g18+Տ o S/#t-erK}a9e&?ܵ鑒SlNB`cc5:&,t _ j.Ҩ P^k+۞tgpiŀcxAq'}˜ѽ 56ٺ@Ӝ_}_`ӠK*kKª |6"B`6L hKT|{Cf{5SVCPS&Dו:G[y &ɟ"5]RUI ^ } K>gefa:| 2Li ╩ǒ?$uz ZlʑIZ{?o sCq6=j@ҐVS`!aCWڀ׍=U럓F"?OE}&2#֬Z!s7.ZYO*kpIX.z mSc>v((r['[WoزqvM$xBpWpOӢ~aBI$۠sЎ]z@\W~,fc?*.܈]jV{߈^({Ii7ZEq mNG  |Lndw&L{Ą+쑛J:-8ⱶeq|]+7葍ɦG' 'zHy1IA_׈9dgײdzJia:빗}>Gs5RuǴL>iX.\AyZ??QY4.2n6'Y>18 yw*B^mn:x. * t ;*(bݵ =~l#LnZ5E/7^ǬTqh/lVM41][T qLc>Y8o^V[6ab 05yԒS`wa]|6:I'xڊ;?F, 3|*90!l[jݭ4, ?P\؞,ޅV!Aնr|Sx U\@6qX=hs=Gc%i2ru`>"_(88y'^nr0͂ݒ`W&UP5@~{i(<">c=xGͨ>'EY`Nl :Ϭ?fԍL›6<7">pV8u%iQsԸASxrh)}\+ s+!ߔɍ/S 2>M"7r-6 e1+$ ^2đ ټ|?U͹ gD%n` GL^VorHW{r= ~/G~W.3>n6읧7(nRl6 '%vf`'nu9~b@g[srO};Q[t xz'd_6׺xSR1TKcՅcf~rU> 7]$`"XOfxp2:f,}4/+a7:C`sHR<.jp}g*R@stʈ1fke1GNLБe \lv=H^*KiDMRQqHS7{ڐ1 FJwDRak'xr$q`, ԀDQ L ϰIEeY,7(uj+b%)oCjs$ss2&JS(R+'("t')臍cxZp{@ut1;ނMt;w쇼>VnoB!m \uc!-E2Yj34[t+n5X Р=l'^6d])ݖBZg9D+ DC&m"YaY'OnȎ$=^wH3рƹ[ mhe8q:it'{/P x\Odf^g(Tg^z4,E7?u0 @89 :`ckd ټY΋!& Ǘ5B|cygfZRMܧ'3EQI?fŖK#> ` XRbG_?!3-wnhCJǣAlmڷQAޚ}>H"szwbׂ5JDۙ׋z:ڻK $  0F%>$_cnH#CM ȸwF*Wh vf+;](:Q@WlГ ݱӠ!}*&i%57sҁݞ=|4YE& 2m0,Aߞ%xaNj8B#gq2*i0lZh^ ?ML(BM{ VD=)9XClIϪ^Ev TmA7XD$k}&t. o2݇%T܂@ qK9Sфݳ {qXm8^^ ŤS+abuy ˜aekSyDszKbCi\]2MDu]3aMr1A@t |RX(mrvnoHGn~M?,Ks(,[/QSJ~$}:}$'9&,z.{q '懾lZ^a@J=:7*ׂVU!ߡ |rdYx-DҌޏ"MiY0&*Vx.FLz-4BcyӮEjO&tݳo&*3D آb(R^*/ 4L'YiN)0[IIT(iKNEMYth se:=Z뽉 *)zۅ " 9(Tg|E'S'zFVP NWG YwA lj>|GQT~87WL` 76!Qp<$4^.鉡%7)qEx.[sY(󮏈 ܊<4"-k™տ]ĝm"ߞPɍd+'"&' \sy/xʺ9-I?iTRnOېv ֒Plqj@%sq9&qhyC5Cس2xTkQ:qt&Bᩅb;~1kD TٳPFzu@ji;*l#/ X05!=*QY_ufesE?gT.1dYn'fMl)>wqt[#pG>pt u'Ap9 l,Sx5KVbVY{W77WoiT]ov]܌5QFD|w<Ǐ+\y)Fklo^"Ű eG P蠪/j,yh^GGmlam8F:ԋ!/2zŽl͍+pIn)9P cS1 S|eG>KӇ0csOPneu,둳LEccEŢ"Ɔ$y57Yzv|9rVs1Fq*Gga{)D3pez%tK$Ruʢ{,@"wd߃\YDw 0lu5ES E%fvQL_~Pa<'Qek 5KQ[=gH47DMߔM!㹘($9u B'o3o5%"0:c*1Y PT&Ab x!ٵsB]MKP kR3#.E+UV*'vw^jSEYMՓI-BL-O2nD>wMw<Bhl!U%K+Tr~6(wEV8.G+X[=^մ P!݋+#l.+E{9*-`qOZe0RŒr|C;2BM*y; eaFmog E9 aa.C7*hen~3s%9"0W25N\rzL /oN)s6P,xfʞSnZ9Pv 8s;FuGDG>UcbB'S8d q ldU'5HB*5X>^$eJ%x}V_*ݸSzK4qRqeڬSrЖjMLes}j.9&DHJYy#OV zj FYr%SY>\r+@*9V:'cA#`һZBz޹0b{"!{4Y9/T6#*kMF>İrɝ]Vxp-FEfۋ (Δ>adGڂXqFInH>e'c~ '!g t+lo;c@|.v6H yWEk0xVrHCx|jm|1ߢb۞郍9C4kbRT$F ~fϖKBm+= "sRkɪwеPףKsGtӡ:@CEuj&-Ί9t^y$DKV5q,&x~!,Ϥ<bD|TS cwv|鹑6/4a6VM.i[J< r9xSm ֖{-[y |<Ҿ8Bṙ+5Gd6!,w"թHoX8x_'f>v|&s޿c*/k`77jL]/-m)GbPƚaxm!ޜ_D{|(*|軿} ͬd)x/_:"c|+ j-}l(lPvD<}CNM' Z"z9IX \QΨ ~ I]1,5p6%a`v@FZIx~}x 9}-+^*.e5θȦFCrdSM`ޛێStQTe2&g\Gb;}r;EinZG'x*5<ԡqѥS/K)Jy+EDdf̤:jn~Vg^||`GT8j^$mBz}U/4L} 6L <7¦utTݩ8]~tߓLk<NZ󥷰7@Kf$Z?%_J ۲܊vQyFrZRu3-Ѧg+)EۨޯpӜL7<_ 226g]k/(."!MgcOboI#-p?.u"zw)_{תkmܠfP|%*!mHQM PbJ4.e> meҩ8̀6D]#``f5E L1뙩 _CemR('˧,S)c,@DScrl'Nu @7:1v\PfiHPmӋBcc!LL:y_}u;rRnѹ ء:qK! v|a jnqMn%5ޔ} ͨIDUA~8GݤV,'JL-?8Fc:YGt_qqd6~Df= 0M%UsEi^h4hlM"K2:#2)ӌyHMO; ) y~r'Ro'4!1A sϛ7%k 3 T)vd?US=<>L/{0 겗 tȓ0ѝA%KVWDnT0t\߾ӕRDcA]7dz(c)ۋEW/\y!&*' E-4 /"h3W,C⛘j%~zPx=C?yށg9cCvbXQ:~mGҪP$>st TMa`Z%nŊ0 HdAbn@O;U3S^?`Uo({QEȈ.ī[}QWdf6BwEBE >_a`5(C8w$ %-v7~ ,yM->ټVٛdOsKi^̿;uG?z=3ah!#(ypڡAH7aжTev="bƩ_O:AfW^16%f2;Coi+C_R)2^'6 {' jka<&'ɰQz`[v5bXK}*^֋HՔ@#]NKUw6wT(9:vA7tzJz٨!<;<Xw V|=+7Ֆ$U|3m5b{/p5dݐ1f܆8E2ӆ\Wh cS5 uM.NnTIl ҲgEdLh~R HBF15c[IUqS/yXbONjY\ \Nǻ?P*\?]XOnr}i͆3c/0-w?ENk^r' @v츌Ҙ1tw*,{݇->7uAB5ϬU디P":a@QdBb94jw~(; 0HQGE1 ! q $.o(+AR`E>!@h4WNX#Qv-|6"!Mm+kpΆJTʏ0طP8o#XWG2%f^o'o(gnlUtV`>[ƀ:D_b)V.=ae{76QĪzQ%)Fou,m\6 12r?/&oIn'5oW㏾\YKvT#9_cw+H"r7nvm)d6s9q航_ ىWW2Q89[_kl@~ƴw;V9<"k{@8}nA$ l2dbs1S̶wO%X*BMU3ؽlf"V;Mjw8tV'C8.j4ԢMQBx1@4RcpZa\ac*xzs#Twϫ9jQ ޲~&y9ŏ;",1/9ρ{v֦${ 랐}꧿hg{=jY%/&OMf֭) ĒmB"$7ǭ,Tz_U|#U)`G]QzWUpҤ HPwlip$t5zjK!{Lͩ/L^ٻMvT-0dHjCmQ {BPVn?5׷lI$bu3x2kt\atcNT~}׹UjUPy"@(u+~0)}+0X[Txw8' =ջ;F|9LGn_P o2Fby1iV2oޤ=>RpT_9_b3袾7WfXJyFpJM,;T6,2"G0^V s$&+I V%;:aċ Ϻǭ #~w1O{]sq0zUX]]!tH'a_4߉Q7A`2f4c5rQHXO-i Zžѧ N/@cr >e .TM$w_9npVnAJ&+>N|xɕ$(m^֚-CA.ÌĢD)^0 ) WCbIrn뜹r~B>`t&&+vp.uC@rhFq?,7́*F(wJ@Dfy<1s ]&!ihLS)lr24;d;eH+%L|ulL q*NPY6?H&?Q1kZ`qMr1ݦ._0,J4 dֹ{xrU׼(@t*&Ύ0,D&'"nf$ IW@P8%Ga/:ĻldUY 5%S&⭄ Ui16PAxW2mS8Uk|{pQ+TQ?Gލvݙ} hE aW'moĠE1LV-z7Ʉ4PЫk|s3L{#at Se`=2b..bӞ ٱ'M$i0ہٞ+]|SX<[4 T$҆ԯqudO\ۯnĸ,3{)1q!* +vݺ_.BkyX9VQ׽DhEwOhC-`dx+ 5xɁ6!mm NI>(OfxJ_DXaP$$ ~Jp=$9@uYMdwʚrPn>CM+ 1V~ PAw>- []ziG7M"e&zG42#rU?4scWџ3 v{BYº`E*ǜQLhUaPʺ535"V©$z-,ոK` zh?v@Ba*Iw K܏ʢNk][xbt[-\Vaxotoȝ$kOs2۸(ݙTa3<$T@OeSFq,x;rxrM蝹rƑ5-:0l?Hz'*Zd%^nl~[ޏݡrĭv&9OӷZl)dId @$ dz.iTڇfE3^dFD;ǣlTw fj;Pp>ѽ|ff ԅ5mZNJ #y $t/?mA(.hnf5Ki֝[[XHVLfO`̩5t!^x‚8!ف(1!MJV${1V -L>oݭ˪5jGl #۰.h)Vد>[A\m@kN)^wt@%gfgǞs3 \/ax,\YKMvΥ5U ̔͸G}&JC+ Sc&wL¡MTnvGtq}^'8_&j}8zY]*!ޓg>JxW@d Gb`㒺G ͞/ScBvM뮥ߛ?bRQˆHKYʺ]ۆEub.SsH\>EFH]3Q 2mfC[i]m$8I1:hC r=Ek= K֧.b/hؗK_?v>! %P6#Y`9_@~>H_я:&)k`u{FzY-J̟'$f Jnu^|^+DKkbn^[pEy&$.1tvcv)34vB6ID=ȗ~*U@"w1rrgIǤt(KxDu@i5^kf#x(Ǿ;x[Ntr[<]ʤaCO3v:TCd̓j>EYa[_N/ EhNk'b$(Kxwv3B1.nDsWJk6*ـ2N|sAsSףR%T|WVm"7u"1 ('CGJ8M4@}äNW׵]13~ $IPA䎟=nOP7z yo ~~= L`VA6d,&"~uQvI*:xHGW  R\Jsr0 3,=)>g~̀Xv]&.W(nd{\F$i`ʘ/.MFMtQ|WK-ȏecb(J͇nb,&3*<>&ZR"ߋяTVѶhD3-ִL}Pm y^fn(\i#ܛ+i!M q8U`Ggɨ~/ԅ6K<7|1S-6k5oŝ tŇxqx=ݖ rXG{+(RN'CaTʖh@+K,{hˈIi:P,K_zi[<<E$=`?zhi4mCF6u"|m2NGNFa&]4lRRU$ /̾%aXY(`d|oHz(2}U Vj|yQf;iQ\u@E.O2!$v(׼=;kLR\=RnWy %AE"3-uA^5<1It\^3ausa"he8L&&њ,v(ڶ~|H%gA(8LW[a^1b;ވW#苌};F MR{t &*G&ťK(Db^T'Ãl*)M눐lS|Ttn}NlWU!c݀T᯵g.F)b>F?w޸&Z߄|$5I/"5OS/ pF5oCilWJClAක~&tSUmBNͰP cFOY+>8~{]םެEͷaҧW9vvZ7rj+Ȳ$'&#ι>?ි4c浨K`("*Am)t~K@+Y׵&c誷F۽")(xko;Zks,`{נiQ8png_rQ0TiOgԗ'gAu7'^nO Jaax4i ] <z#ͫ_8-B5t3 1=ÓR@F@T$VpӨr+upGFI@IBb@\) f!(k8nn"2g@~'ED1Z# M;̒Kc ZFR f:(ϮAj?fv$78P*!p6Q<--G V+ 0 VqlIXL,CnDк!uvSji4 l dW Ҕlh^7ه=w󿌑=@iA@cE U(ޭT.삞^)/(\R`3~tr@#kJa3QQbdZo ##D̹S8O9 ;βy|֞mWmk|E8u/SFtKsIB37٥u-''^X6ꋛZjINTXWouio VPṾB="¼8= /G!tͫ^pz*pO3vٚtғkbR8,8/" `Ʀv/psZ?>bl+d@'Q5̋[[WEv_Oyg˒LQ2\.iR2s.IKr |?k]l6侃܊i3^ IK4?wN }?zV< W7sEv/ݶ^jdӠIEj|,PFv1zdk/R}JP+~g->^ŬlE4, wWT!$`Ybe*k%Z=׋zr{P|g R~@?;o.ӧF{\qBF%'D1F`C&q܍(^MZ8[DKI%Zn*CR cPfgE#HcSuxY^*x&g-7ӅuYcOF |ǣ(JEhv|D,(n5÷^x3{ǭ^ b#28JM7{DVT(P)HOH+gԋsPQT^ Y[\Hټe01e|c}Z52FU5 ?7r圁)YkD+vM=4`m`v5" Dye9uQ# nPGWܬ7by3 !/X}zloPZm/X$& uR,`@V|a.^7Gўi@G IԘw̗2 ?%10tD'" {?8@MiBث%͌sԪ>hGM JM/b܁rhAM"?2Z -^a!><鳶I L@=*)3楙 Qmghx ;"}@\&k F8IZ3̮bM(f;3ӐfӥR=$A\ yrwjP*=^/n]L{&t3 HCBu. 68CߤR_Mw+]{2ߴ.UncmcoNZЗ3ؚ0F!Ӥƾܦ FD4<}_ST">p8@0!C%Ru78]R)#Y֪8nXbp;7yö<3'JLrjV.6c~<Urx$iOa" K!=8hNǣ&Rs!y!:'SHFqA)J}ִollkb@~VCq+=cAwOɤbCNF)jg'^% a׌[-E#m{vڏ'|ՅvfVoĖ h5%sO" Puǘe߯5[U|-nى Uv !m_,d#X\s ŐA{x@H&*`'ާ*m 5G圻k|1_ق6 ^KҟƋ"$;8ÁybHpkʼ-JH!J3[׈ 574WҋM7D t;0Wy&>jCQ/utKڠK 6c*ǞZrW \|ezҲ0;ﲆbr0;'y֘r)KrIdd 7ݖiF}{pk:[G [ܐڂ=(塄CxPϵ6^;>?AywnRTC=(XknCFַάq Zj]职n2-1!yJ AZۙS#> :$3:y>%ZۮNݡ+7H?8{G{ЗG dMᴝM YFВv@iBd n, {_" %58 x%0_vpo2 \/bˊS*F{-wQrN4yU{2H=飗.rO *mِ(݌doB%ͷ {m՛~S0QdB5lq쮒ƍx2AHЍ Ξ:&]`ji)9(ܵg&eiqBQZMͧ28n!_Ǘ;c^ሼ@$MvsbZA{,>-,haX.RTCQ]M$epЃ QE YZ