Security Issue
- Potential buffer overflow in pjsip_auth_create_digest() (GHSA-73f7-48m9-w662)
- Denial-of-service in XML parsing due to an infinite loop (GHSA-5x45-qp78-g4p4)
- Potential stack buffer overflow when printing SDP into a buffer (GHSA-f5qg-pqcg-765m)
- Potential out-of-bound read/write when parsing RTCP FB RPSI (GHSA-vhxv-phmx-g52q)
- Potential infinite loop when parsing WAV format file (GHSA-rwgw-vwxg-q799)
- Potential heap buffer overflow when parsing DNS packets (GHSA-p6g5-v97c-w5q4)
Bug fix
See also milestone 2.12.1
Release Focus
Backward Incompatibility
- UAS INVITE transaction no longer terminated upon transport error/disconnection (#2683)
Security Issue
- Potential integer underflow upon receiving STUN message (GHSA-2qpg-f6wf-w984)
- Use after free of dialog set (GHSA-ffff-m5fm-qm62)
- Missing unreleased of locks in failure cases (GHSA-8fmx-hqw7-6gmc)
- Potential out-of-bounds read when parsing RTCP BYE message (GHSA-3qx3-cg72-wrh9)
- Prevent OOB read for RTCP XR block (GHSA-r374-qrwv-86hh)
- Potential buffer overflow in pjsua_player_create(), pjsua_recorder_create(), pjmedia_wav_player_create(), and pjsua_call_dump() (GHSA-qcvw-h34v-c7r9)
- Potential out-of-bound read during RTP/RTCP parsing (GHSA-m66q-q64c-hv36)
- Prevent OOB read in multipart parsing (GHSA-7fw8-54cv-r7pm)
- Use after free of dialog set (GHSA-ffff-m5fm-qm62)
For ticket list, please see Milestone 2.12
Release Focus
Security update. This version is recommended for all users to improve the security of applications using PJSIP.
For more information, please see Milestone 2.11.1
Release Focus
- Trickle ICE
- iOS native SSL
- Android native codecs (H264, VP8, VP9, AMR-NB & AMR-WB)
- iOS Swift and Android Kotlin sample apps.
For ticket list, please see Milestone 2.11
Release Focus
- WebRTC interop for video:
- RTCP-FB PLI
- VP8 and VP9 video codec
- Audio Enhancements
- Voice Processing IO for MacOS
- Timer refactoring
Backward incompatibility
- Due to #2209 (Insufficient variable storage to contain Expires header field/ parameter):
- Any sign comparison of expiration fields MUST be modified, for example:
pjsip_contact_hdr.expires < 0
should be changed topjsip_contact_hdr.expires == PJSIP_EXPIRES_NOT_SPECIFIED
. - Direct setting/comparison with -1 should still work, for example:
pjsip_pres_inititate(sub, -1, ...)
orpjsip_contact_hdr.expires == -1
. This is becausePJSIP_EXPIRES_NOT_SPECIFIED == (unsigned) -1
. Nevertheless, for future compatibility, it is recommended to change any-1
toPJSIP_EXPIRES_NOT_SPECIFIED
.
- Any sign comparison of expiration fields MUST be modified, for example:
- Due to #2233 (Change enumeration typemaps in SWIG Java), Java applications needs to be updated:
- Accessing enumeration value is no longer using
swigValue()
method, e.g:pjsip_inv_state.PJSIP_INV_STATE_CONFIRMED.swigValue()
must be changed topjsip_inv_state.PJSIP_INV_STATE_CONFIRMED
. - All enumeration types are now
int
, e.g:pjsip_status_code code
must be changed toint code
.
- Accessing enumeration value is no longer using
- Due to #2251 (Deadlock between PJSUA LOCK and conference mutex):
pjmedia_*_set_eof_cb()
andpjmedia_*_set_cb()
are deprecated and replaced withpjmedia_*_set_eof_cb2()/set_cb2()
. The callbacks will now be asynchronous.
- Due to #2265 (Compatibility issues on Python 3.7 or above):
- PJSUA2
async
field inOnCallRxReinviteParam
is renamed toisAsync
.
- PJSUA2
For ticket list, please see Milestone 2.10
Released on 2019-06-13T10:14:40Z
Release Focus
- Video conference
- Darwin (Mac & iOS) native SSL backend
- NAT enhancement: TURN over TLS
- SIP multiple listeners
For more details about the ticket list, please see Release Notes
Released on 2018-09-05T05:35:44Z
Release Focus
- OPUS param on the fly
- WebRTC interopability - RTP/SAVPF - SSRC
Backward incompatibility
- Application using PJMEDIA API directly should explicitly invoke
pjmedia_transport_media_start()
to start receiving RTP packets. Application that does not use SDP can simply pass zero/null for pool and SDP params, e.g:pjmedia_transport_media_start(tp, 0, 0, 0, 0)
. Please check #2097 for more info.
For more details about the ticket list, please see Release Notes
Released on 2018-02-21T03:15:18Z
Release Focus
Security update. This version is recommended for all users to improve the security of applications using PJSIP.
For more details about the ticket list, please see Release Notes
Released on 2017-11-08T03:23:59Z
Release Focus
Security update. This version is recommended for all users to improve the security of applications using PJSIP.
For more details about the ticket list, please see Release Notes
Released on 2017-09-25T06:23:19Z
Release Focus
- DTLS for SRTP keying
- iOS (and Mac) H.264 Native Encoder and Decoder
- NAT64
For more details about the ticket list, please see Release Notes