TMCnet Asterisk Week in Review

From the Asterisk (News - Alert) Global Online Community on TMCnet – your resource for the latest news and information about Asterisk-based open source telephony, Susan Campbell considered new security releases announced for Asterisk, in versions 1.4.41.1, 1.6.2.18.1, and 1.8.4.3, which are now available for immediate download. A number of different issues needed to be addressed with the new releases.

The first – AST-2011-008 – is resolved in 1.6.2.18.1 and 1.8.4.3. This issue occurred when a remote user would send a SIP packet containing a null and Asterisk would assume that the available data extended past the null to the end of the packet. Instead, the buffer is actually truncated when copied, causing SIP header parsing to modify data past the end of the buffer. As a result, unrelated memory structures were altered.

The second issue – AST-2011-009 – was resolved with 1.8.4.3. This issue occurred when a user would send a SIP packet containing a Contact header with a missing left angle bracket (<). Such a move would cause Asterisk to access a null pointer.

The third issue – AST-2011-010 – was resolved in 1.4.41.1, 1.6.2.18.1, and 1.8.4.3. The problem that occurred here was a memory address that was transmitted inadvertently over the network with the IAX2 through an option control frame. As a result, the remote party would try to access it.

TMC’s (News - Alert) tech guru and blogger extraordinaire, Tom Keating, weighed in on how Google (News - Alert) has adopted Jingle as the default protocol for Google Talk. Jingle is an extension of the XMPP which allows for peer-to-peer and session control (signaling) for multimedia interactions such as VoIP and videoconferencing.

The protocol was developed by Google, Collabora, Yate, Tandberg (News - Alert) and Jabber Inc. Others that support it include Asterisk, FreeSWITCH, Nimbuzz, and Pidgin.

Imagine a P2P protocol that lets the thousands of Asterisk-based PBXs communicate with each other using XMPP. Taking the Asterisk ecosystem along with other large user bases from Nimbuzz (News - Alert), Google Talk, and potentially others could potentially build the largest P2P VoIP / video conferencing network in the world.

Bigger than Skype – at least, that's the promise XMPP holds. Peter Thatcher of Google said in his announcement to the Jingle developers list that, “the future is Jingle,” and went on to say, “I hope that this will be a support to the Jingle community and further our efforts to have open standards for voice and video communication.”

Stefanie Mosca reported on how VTech Telecommunications announced that its VTech Hospitality will supply hotel phones for Percipia Networks, provider of hospitality technology products. Percipia will now carry VTech's analog and SIP corded, cordless and trimline phones for hotel guestrooms. With 25 years of telephony experience, VTech has built a reputation of delivering easy-to-use, design-forward and technologically advanced phones for personal communications. Last year, VTech announced its first line of communication solutions customized specifically for the hospitality market.

“I am incredibly pleased about our new partnership,” said Michael Velasquez, CEO of Percipia Networks. “VTech's telephone design, business history and strong brand image set them apart within the industry and make them the right fit for Percipia Networks.”

And, this past week Susan J. Campbell also noted that voice and media applications can help contribute considerable value to your organization, as long as you select the right platform for management. This can be much more of a challenge than most may realize as selecting the wrong platform can lead to more problems than benefits.

In technology today, there is an ongoing debate surrounding the best methods for developing and deploying applications. This debate surrounds the difference options available in Computer Telephony Integration, including Customers Premise Equipment (CPE), Hosted Solutions or placing apps in the Cloud.

To help companies best decide on the right platform for their environment, TMCnet presented a Webinar, sponsored by Sangoma: Determining the “Right” Development/Deployment Platform for Your Voice and Media Applications. Register today for the archived version to gain valuable insight.

David Sims is a contributing editor for TMCnet. To read more of David’s articles, please visit his columnist page. He also blogs for TMCnet here.

Edited by Erik Linask