Log message:
update to Asterisk 23.2.2:

----- 23.2.2 -----

## Change Log for Release asterisk-23.2.2

### Links:

 - [Full \ 
ChangeLog](https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-23.2.2.html)
 - [GitHub Diff](https://github.com/asterisk/asterisk/compare/23.2.1...23.2.2)

### Summary:

- Commits: 4
- Commit Authors: 2
- Issues Resolved: 0
- Security Advisories Resolved: 4
  - \ 
[GHSA-85x7-54wr-vh42](https://github.com/asterisk/asterisk/security/advisories/GHSA-85x7-54wr-vh42): \ 
Asterisk xml.c uses unsafe XML_PARSE_NOENT leading to potential XXE Injection
  - \ 
[GHSA-rvch-3jmx-3jf3](https://github.com/asterisk/asterisk/security/advisories/GHSA-rvch-3jmx-3jf3): \ 
ast_coredumper running as root sources ast_debug_tools.conf from /etc/asterisk; \ 
potentially leading to privilege escalation
  - \ 
[GHSA-v6hp-wh3r-cwxh](https://github.com/asterisk/asterisk/security/advisories/GHSA-v6hp-wh3r-cwxh): \ 
The Asterisk embedded web server's /httpstatus page echos user supplied \ 
values(cookie and query string) without sanitization
  - \ 
[GHSA-xpc6-x892-v83c](https://github.com/asterisk/asterisk/security/advisories/GHSA-xpc6-x892-v83c): \ 
ast_coredumper runs as root, and writes gdb init file to world writeable folder; \ 
leading to potential privilege escalation

### User Notes:

- #### ast_coredumper: check ast_debug_tools.conf permissions
  ast_debug_tools.conf must be owned by root and not be
  writable by other users or groups to be used by ast_coredumper or
  by ast_logescalator or ast_loggrabber when run as root.

### Upgrade Notes:

- #### http.c: Change httpstatus to default disabled and sanitize output.
  To prevent possible security issues, the `/httpstatus` page
  served by the internal web server is now disabled by default.  To explicitly
  enable it, set `enable_status=yes` in http.conf.

----- 23.2.1 -----

## Change Log for Release asterisk-23.2.1

### Links:

 - [Full \ 
ChangeLog](https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-23.2.1.html)
 - [GitHub Diff](https://github.com/asterisk/asterisk/compare/23.2.0...23.2.1)

### Summary:

- Commits: 1
- Commit Authors: 1
- Issues Resolved: 1
- Security Advisories Resolved: 0

## Issue and Commit Detail:

### Closed Issues:

  - 1739: [bug]: Regression in 23.2.0 with regard to parsing fractional numbers \ 
when system locale is non-standard

----- 23.2.0 -----

## Change Log for Release asterisk-23.2.0

### Links:

 - [Full \ 
ChangeLog](https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-23.2.0.html)
 - [GitHub Diff](https://github.com/asterisk/asterisk/compare/23.1.0...23.2.0)

### Summary:

- Commits: 58
- Commit Authors: 20
- Issues Resolved: 41
- Security Advisories Resolved: 0

### User Notes:

- #### chan_websocket.conf.sample: Fix category name.
  The category name in the chan_websocket.conf.sample file was
  incorrect.  It should be "global" instead of "general".

- #### cli.c: Allow 'channel request hangup' to accept patterns.
  The 'channel request hangup' CLI command now accepts
  multiple channel names, POSIX Extended Regular Expressions, glob-like
  patterns, or a combination of all of them. See the CLI command 'core
  show help channel request hangup' for full details.

- #### res_sorcery_memory_cache: Reduce cache lock time for sorcery memory cache \ 
populate command
  The AMI command sorcery memory cache populate will now
  return an error if there is an internal error performing the populate.
  The CLI command will display an error in this case as well.

- #### res_geolocation:  Fix multiple issues with XML generation.
  Geolocation: Two new optional profile parameters have been added.
  * `pidf_element_id` which sets the value of the `id` attribute on the top-level
    PIDF-LO `device`, `person` or `tuple` elements.
  * `device_id` which sets the content of the `<deviceID>` element.
  Both parameters can include channel variables.

- #### res_pjsip_messaging: Add support for following 3xx redirects
  A new pjsip endpoint option follow_redirect_methods was added.
  This option is a comma-delimited, case-insensitive list of SIP methods
  for which SIP 3XX redirect responses are followed. An alembic upgrade
  script has been added for adding this new option to the Asterisk
  database.

- #### taskprocessors: Improve logging and add new cli options
  New CLI command has been added -
  core show taskprocessor name <taskprocessor-name>

- #### ccss:  Add option to ccss.conf to globally disable it.
  A new "enabled" parameter has been added to ccss.conf.  It defaults
  to "yes" to preserve backwards compatibility but CCSS is rarely used so
  setting "enabled = no" in the "general" section can save \ 
some unneeded channel
  locking operations and log message spam.  Disabling ccss will also prevent
  the func_callcompletion and chan_dahdi modules from loading.

- #### Makefile: Add module-list-* targets.
  Try "make module-list-deprecated" to see what modules
  are on their way out the door.

- #### app_mixmonitor: Add 's' (skip) option to delay recording.
  This change introduces a new 's(<seconds>)' (skip) option to the MixMonitor
  application. Example:
    MixMonitor(${UNIQUEID}.wav,s(3))
  This skips recording for the first 3 seconds before writing audio to the file.
  Existing MixMonitor behavior remains unchanged when the 's' option is not used.

- #### app_queue.c: Only announce to head caller if announce_to_first_user
  When announce_to_first_user is false, no announcements are played to the head \ 
caller

### Upgrade Notes:

- #### res_geolocation:  Fix multiple issues with XML generation.
  Geolocation: In order to correct bugs in both code and
  documentation, the following changes to the parameters for GML geolocation
  locations are now in effect:
  * The documented but unimplemented `crs` (coordinate reference system) element
    has been added to the location_info parameter that indicates whether the `2d`
    or `3d` reference system is to be used. If the crs isn't valid for the shape
    specified, an error will be generated. The default depends on the shape
    specified.
  * The Circle, Ellipse and ArcBand shapes MUST use a `2d` crs.  If crs isn't
    specified, it will default to `2d` for these shapes.
    The Sphere, Ellipsoid and Prism shapes MUST use a `3d` crs. If crs isn't
    specified, it will default to `3d` for these shapes.
    The Point and Polygon shapes may use either crs.  The default crs is `2d`
    however so if `3d` positions are used, the crs must be explicitly set to `3d`.
  * The `geoloc show gml_shape_defs` CLI command has been updated to show which
    coordinate reference systems are valid for each shape.
  * The `pos3d` element has been removed in favor of allowing the `pos` element
    to include altitude if the crs is `3d`.  The number of values in the `pos`
    element MUST be 2 if the crs is `2d` and 3 if the crs is `3d`.  An error
    will be generated for any other combination.
  * The angle unit-of-measure for shapes that use angles should now be included
    in the respective parameter.  The default is `degrees`. There were some
    inconsistent references to `orientation_uom` in some documentation but that
    parameter never worked and is now removed.  See examples below.
  Examples...
  ```
    location_info = shape="Sphere", pos="39.0 -105.0 1620", \ 
radius="20"
    location_info = shape="Point", crs="3d", pos="39.0 \ 
-105.0 1620"
    location_info = shape="Point", pos="39.0 -105.0"
    location_info = shape=Ellipsoid, pos="39.0 -105.0 1620", \ 
semiMajorAxis="20"
                  semiMinorAxis="10", verticalAxis="0", \ 
orientation="25 degrees"
    pidf_element_id = ${CHANNEL(name)}-${EXTEN}
    device_id = mac:001122334455
    Set(GEOLOC_PROFILE(pidf_element_id)=${CHANNEL(name)}/${EXTEN})
  ```

- #### pjsip: Move from threadpool to taskpool
  The threadpool_* options in pjsip.conf have now
  been deprecated though they continue to be read and used.
  They have been replaced with taskpool options that give greater
  control over the underlying taskpool used for PJSIP. An alembic
  upgrade script has been added to add these options to realtime
  as well.

- #### app_directed_pickup.c: Change some log messages from NOTICE to VERBOSE.
  In an effort to reduce log spam, two normal progress
  "pickup attempted" log messages from app_directed_pickup have been \ 
changed
  from NOTICE to VERBOSE(3).  This puts them on par with other normal
  dialplan progress messages.

### Developer Notes:

- #### ccss:  Add option to ccss.conf to globally disable it.
  A new API ast_is_cc_enabled() has been added.  It should be
  used to ensure that CCSS is enabled before making any other ast_cc_* calls.

- #### chan_websocket: Add ability to place a MARK in the media stream.
  Apps can now send a `MARK_MEDIA` command with an optional
  `correlation_id` parameter to chan_websocket which will be placed in the
  media frame queue. When that frame is dequeued after all intervening media
  has been played to the core, chan_websocket will send a
  `MEDIA_MARK_PROCESSED` event to the app with the same correlation_id
  (if any).

- #### chan_websocket: Add capability for JSON control messages and events.
  The chan_websocket plain-text control and event messages are now
  deprecated (but remain the default) in favor of JSON formatted messages.
  See https://docs.asterisk.org/Configuration/Channel-Drivers/WebSocket for
  more information.
  A "transport_data" parameter has been added to the

Log message:
*: recursive bump for nettle 4.0 shlib major bump

Log message:
*: recursive bump for icu 78.1

Log message:
Update to Asterisk 23.1.0.

## Change Log for Release asterisk-23.1.0

### Links:

 - [Full \ 
ChangeLog](https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-23.1.0.html)
 - [GitHub Diff](https://github.com/asterisk/asterisk/compare/23.0.0...23.1.0)

### Summary:

- Commits: 53
- Commit Authors: 17
- Issues Resolved: 37
- Security Advisories Resolved: 0

### User Notes:

- #### res_stir_shaken: Add STIR_SHAKEN_ATTESTATION dialplan function.
  The STIR_SHAKEN_ATTESTATION dialplan function has been added
  which will allow suppressing attestation on a call-by-call basis
  regardless of the profile attached to the outgoing endpoint.

- #### func_channel: Allow R/W of ADSI CPE capability setting.
  CHANNEL(adsicpe) can now be read or written to change
  the channels' ADSI CPE capability setting.

- #### func_hangupcause.c: Add access to Reason headers via HANGUPCAUSE()
  Added a new option to HANGUPCAUSE to access additional
  information about hangup reason. Reason headers from pjsip
  could be read using 'tech_extended' cause type.

- #### func_math: Add DIGIT_SUM function.
  The DIGIT_SUM function can be used to return the digit sum of
  a number.

- #### app_sf: Add post-digit timer option to ReceiveSF.
  The 't' option for ReceiveSF now allows for a timer since
  the last digit received, in addition to the number-wide timeout.

- #### app_dial: Allow fractional seconds for dial timeouts.
  The answer and progress dial timeouts now have millisecond
  precision, instead of having to be whole numbers.

- #### chan_dahdi: Add DAHDI_CHANNEL function.
  The DAHDI_CHANNEL function allows for getting/setting
  certain properties about DAHDI channels from the dialplan.

### Upgrade Notes:

- #### app_queue.c: Fix error in Queue parameter documentation.
  As part of Asterisk 21, macros were removed from Asterisk.
  This resulted in argument order changing for the Queue dialplan
  application since the macro argument was removed. Upgrade notice was
  missed when this was done, so this upgrade note has been added to
  provide a record of such and a notice to users who may have not upgraded
  yet.

- #### res_audiosocket: add message types for all slin sample rates
  New audiosocket message types 0x11 - 0x18 has been added
  for slin12, slin16, slin24, slin32, slin44, slin48, slin96, and
  slin192 audio. External applications using audiosocket may need to be
  updated to support these message types if the audiosocket channel is
  created with one of these audio formats.

- #### taskpool: Add taskpool API, switch Stasis to using it.
  The threadpool_* options in stasis.conf have now been deprecated
  though they continue to be read and used. They have been replaced with taskpool
  options that give greater control over the underlying taskpool used for stasis.

### Developer Notes:

- #### chan_pjsip: Add technology-specific off-nominal hangup cause to events.
  A "tech_cause" parameter has been added to the
  ChannelHangupRequest and ChannelDestroyed ARI event messages and a \ 
"TechCause"
  parameter has been added to the HangupRequest, SoftHangupRequest and Hangup
  AMI event messages.  For chan_pjsip, these will be set to the last SIP
  response status code for off-nominally terminated calls.  The parameter is
  suppressed for nominal termination.

- #### ARI: The bridges play and record APIs now handle sample rates > 8K \ 
correctly.
  The ARI /bridges/play and /bridges/record REST APIs have new
  parameters that allow the caller to specify the format to be used on the
  "Announcer" and "Recorder" channels respecitvely.

- #### taskpool: Add taskpool API, switch Stasis to using it.
  The taskpool API has been added for common usage of a
  pool of taskprocessors. It is suggested to use this API instead of the
  threadpool+taskprocessor approach.

## Issue and Commit Detail:

### Closed Issues:

  - 781: [improvement]: Allow call by call disabling Stir/Shaken header inclusion
  - 1340: [bug]: comfort noise packet corrupted
  - 1419: [bug]: static code analysis issues in app_adsiprog.c
  - 1422: [bug]: static code analysis issues in apps/app_externalivr.c
  - 1425: [bug]: static code analysis issues in apps/app_queue.c
  - 1434: [improvement]: pbx_variables: Create real channel for dialplan eval \ 
CLI command
  - 1436: [improvement]: res_cliexec: Avoid unnecessary cast to char*
  - 1451: [bug]: ast_config_text_file_save2(): incorrect handling of deep/wide \ 
template inheritance
  - 1455: [new-feature]: chan_dahdi: Add DAHDI_CHANNEL function
  - 1467: [bug]: Crash in res_pjsip_refer during REFER progress teardown with \ 
PJSIP_TRANSFER_HANDLING(ari-only)
  - 1478: [improvement]: Stasis threadpool -> taskpool
  - 1479: [bug]: The ARI bridge play and record APIs limit audio bandwidth by \ 
forcing the slin8 format.
  - 1483: [improvement]: sig_analog: Eliminate possible timeout for Last Number \ 
Redial
  - 1485: [improvement]: func_scramble: Add example to XML documentation.
  - 1487: [improvement]: app_dial: Allow partial seconds to be used for dial timeouts
  - 1489: [improvement]: config_options.c: Improve misleading error message
  - 1491: [bug]: Segfault: `channelstorage_cpp` fast lookup without lock \ 
(`get_by_name_exact`/`get_by_uniqueid`) leads to UAF during hangup
  - 1493: [new-feature]: app_sf: Add post-digit timer option
  - 1496: [improvement]: dsp.c: Minor fixes to debug log messages
  - 1499: [new-feature]: func_math: Add function to return the digit sum
  - 1501: [improvement]: codec_builtin: Fix some inaccurate quality weights.
  - 1505: [improvement]: res_fax: Add XML documentation for channel variables
  - 1507: [improvement]: res_tonedetect: Minor formatting issue in documentation
  - 1509: [improvement]: res_fax.c — log debug error as debug, not regular log
  - 1510: [new-feature]: sig_analog: Allow '#' to end the inter-digit timeout \ 
when dialing.
  - 1514: [improvement]: func_channel: Allow R/W of ADSI CPE capability setting.
  - 1517: [improvement]: core_unreal: Preserve ADSI capability when dialing \ 
Local channels
  - 1519: [improvement]: app_dial / func_callerid: DNIS information is not \ 
propagated by Dial
  - 1525: [bug]: chan_websocket: fix use of raw payload variable for string \ 
comparison in process_text_message
  - 1534: [bug]: app_queue when using gosub breaks dialplan when going from 20 \ 
to 21, What's new in 21 doesn't mention it's a breaking change,
  - 1535: [bug]: chan_pjsip changes SSRC on WebRTC channels, which is \ 
unsupported by some browsers
  - 1536: [bug]: asterisk -rx connects to console instead of executing a command
  - 1539: [bug]: safe_asterisk without TTY doesn't log to file
  - 1544: [improvement]: While Receiving the MediaConnect Message Using External \ 
Media Over websocket ChannelID is  Details are missing
  - 1554: [bug]: safe_asterisk recurses into subdirectories of startup.d after f97361
  - 1559: [improvement]: Handle TLS handshake attacks in order to resolve the \ 
issue of exceeding the maximum number of HTTPS sessions.
  - 1578: [bug]: Deadlock with externalMedia custom channel id and cpp map \ 
channel backend

Log message:
comms/asterisk23: import asterisk-23.0.0

Asterisk is a complete PBX in software.  It provides all of the
features you would expect from a PBX and more. Asterisk does voice
over IP in three protocols, and can interoperate with almost all
standards-based telephony equipment using relatively inexpensive
hardware.

Asterisk provides Voicemail services with Directory, Call Conferencing,
Interactive Voice Response, Call Queuing. It has support for
three-way calling, caller ID services, ADSI, SIP and H.323 (as both
client and gateway).

This is a standard version.  It is scheduled to go to security
fixes only on October 15th, 2026, and EOL on October 15th, 2027.
See here for more information about Asterisk versions:
https://docs.asterisk.org/About-the-Project/Asterisk-Versions/