PJSIP version 2.14.1

Bug fixes

• Deadlock between stream and ICE: #3801
• Answering re-INVITE: #3770, #3818
• Transport loop: #3773

See also PJSIP version 2.14.

PJSIP version 2.14

Release Focus

• IPv4 & IPv6 dual stack option in account config (#3590)
• Video feature for Android and iOS sample apps: Android PJSUA2 Java & Kotlin (#3673), iOS Swift PJSUA (#3342), iOS Swift PJSUA2 (#3381).
• Xamarin samples for Android and iOS (#3584)

Backward Incompatibility

• Handle 2nd INVITE when in early state (#3458)
• Allow dialog establishment when remote does not provide To tag (#3394)
• Respond with ACK first before hanging up call for dialog fork (#3445)
• Consider session terminated on 408 and 481 response (#3457)

Security Issue

• Use-after-free in SRTP media transport
• And all the security issues listed in release 2.13.1

For ticket list, please see Milestone 2.14

PJSIP version 2.13.1

Security Issue

• Heap buffer overflow when decoding STUN message
• Heap buffer overflow when decoding STUN message (2)
• Heap buffer overflow when parsing DNS packet (2)

Bug fixes

• Video: #3325
• OpenSSL: #3583, #3577
• iOS native preview: #3350

See also PJSIP version 2.13.

PJSIP version 2.13

Release Focus

• UPnP (#3184)
• Support OpenSSL 3 (#3168)
• Fix video deadlock issue (#3166 and #3183)

Backward Incompatibility

• Call replace must now use the same account (previously PJSUA app can override the account used) (#3059)
• Our coding style now uses spaces instead of mixed tabs/spaces (#3210, #3292)

Security Issue

• Potential media transport downgrade from the secure version (SRTP) to the non-secure one (RTP)
• Potential buffer overflow in pjlib scanner and pjmedia
• Potential stack buffer overflow when parsing message as a STUN client
• And all the security issues listed in release 2.12.1

For ticket list, please see Milestone 2.13

PJSIP version 2.12.1

Security Issue

• Potential buffer overflow in pjsip_auth_create_digest() (GHSA-73f7-48m9-w662)
• Denial-of-service in XML parsing due to an infinite loop (GHSA-5x45-qp78-g4p4)
• Potential stack buffer overflow when printing SDP into a buffer (GHSA-f5qg-pqcg-765m)
• Potential out-of-bound read/write when parsing RTCP FB RPSI (GHSA-vhxv-phmx-g52q)
• Potential infinite loop when parsing WAV format file (GHSA-rwgw-vwxg-q799)
• Potential heap buffer overflow when parsing DNS packets (GHSA-p6g5-v97c-w5q4)

Bug fix

• Android Camera2: #3044, #3063
• Android Oboe: #3046
• Call hangup: #3026

See also milestone 2.12.1

PJSIP version 2.12

Release Focus

• WebRTC updates with AEC3 & AGC2 (#2722)
• Support Oboe for Android (#2707)

Backward Incompatibility

• UAS INVITE transaction no longer terminated upon transport error/disconnection (#2683)

Security Issue

• Potential integer underflow upon receiving STUN message (GHSA-2qpg-f6wf-w984)
• Use after free of dialog set (GHSA-ffff-m5fm-qm62)
• Missing unreleased of locks in failure cases (GHSA-8fmx-hqw7-6gmc)
• Potential out-of-bounds read when parsing RTCP BYE message (GHSA-3qx3-cg72-wrh9)
• Prevent OOB read for RTCP XR block (GHSA-r374-qrwv-86hh)
• Potential buffer overflow in pjsua_player_create(), pjsua_recorder_create(), pjmedia_wav_player_create(), and pjsua_call_dump() (GHSA-qcvw-h34v-c7r9)
• Potential out-of-bound read during RTP/RTCP parsing (GHSA-m66q-q64c-hv36)
• Prevent OOB read in multipart parsing (GHSA-7fw8-54cv-r7pm)
• Use after free of dialog set (GHSA-ffff-m5fm-qm62)

For ticket list, please see Milestone 2.12

PJSIP version 2.11.1

Release Focus

Security update. This version is recommended for all users to improve the security of applications using PJSIP.

For more information, please see Milestone 2.11.1

PJSIP version 2.11

Release Focus

• Trickle ICE
• iOS native SSL
• Android native codecs (H264, VP8, VP9, AMR-NB & AMR-WB)
• iOS Swift and Android Kotlin sample apps.

For ticket list, please see Milestone 2.11

PJSIP version 2.10

Release Focus

• WebRTC interop for video:
  • RTCP-FB PLI
  • VP8 and VP9 video codec
• Audio Enhancements
  • Voice Processing IO for MacOS
• Timer refactoring

Backward incompatibility

1. Due to #2209 (Insufficient variable storage to contain Expires header field/ parameter):
   • Any sign comparison of expiration fields MUST be modified, for example: pjsip_contact_hdr.expires < 0 should be changed to pjsip_contact_hdr.expires == PJSIP_EXPIRES_NOT_SPECIFIED.
   • Direct setting/comparison with -1 should still work, for example: pjsip_pres_inititate(sub, -1, ...) or pjsip_contact_hdr.expires == -1. This is because PJSIP_EXPIRES_NOT_SPECIFIED == (unsigned) -1. Nevertheless, for future compatibility, it is recommended to change any -1 to PJSIP_EXPIRES_NOT_SPECIFIED.
2. Due to #2233 (Change enumeration typemaps in SWIG Java), Java applications needs to be updated:
   • Accessing enumeration value is no longer using swigValue() method, e.g: pjsip_inv_state.PJSIP_INV_STATE_CONFIRMED.swigValue() must be changed to pjsip_inv_state.PJSIP_INV_STATE_CONFIRMED.
   • All enumeration types are now int, e.g: pjsip_status_code code must be changed to int code.
3. Due to #2251 (Deadlock between PJSUA LOCK and conference mutex):
   • pjmedia_*_set_eof_cb() and pjmedia_*_set_cb() are deprecated and replaced with pjmedia_*_set_eof_cb2()/set_cb2(). The callbacks will now be asynchronous.
4. Due to #2265 (Compatibility issues on Python 3.7 or above):
   • PJSUA2 async field in OnCallRxReinviteParam is renamed to isAsync.

For ticket list, please see Milestone 2.10

PJSIP version 2.9

Released on 2019-06-13T10:14:40Z

Release Focus

• Video conference
• Darwin (Mac & iOS) native SSL backend
• NAT enhancement: TURN over TLS
• SIP multiple listeners

For more details about the ticket list, please see Milestone 2.9