Asterisk 15.0.0-rc1 Now Available

The Asterisk Development Team would like to announce the first
release candidate of Asterisk 15.0.0.

This release candidate is available for immediate download at

The release of Asterisk 15.0.0-rc1 resolves several issues reported by the

community and would have not been possible without your participation.

Thank you!

The following issues are resolved in this release candidate:

Bugs fixed in this release:


Sending a “tel” uri in a From or To header in an unauthenticated message causes asterisk to crash
(Reported by Ross Beer)
core: ast_safe_system command injection possible.
(Reported by Corey Farrell)
res_rtp_asterisk: Media can be hijacked even with strict RTP enabled
(Reported by Joshua Colp)
res_rtp_asterisk: Allow remote SSRC to change due to renegotiation
(Reported by Joshua Colp)
core: Don’t queue up multiple video update frames.
(Reported by Joshua Colp)
bridge_softmix: Quickly joining/leaving may cause video stream to remain in SFU
(Reported by Richard Mudgett)
If wget is not installed and “or” is not available, external components (excluding pjsip) are not installed
(Reported by Seán C. McCord)
manager: hook event is not being raised
(Reported by Kevin Harwell)
res_pjsip_session: Handling of ‘msid’ is incorrect
(Reported by Kevin Harwell)
bridge: Crash when mapping streams
(Reported by Joshua Colp)
Make –with-pjproject-bundled the default for Asterisk 15
(Reported by George Joseph)
channel: requester leaks joint_cap on success.
(Reported by Corey Farrell)
Asterisk 15.0.0-Beta1 does not compile
(Reported by Ira Emus)
res_pjsip: parse/add msid attribute when webrtc is enabled
(Reported by Kevin Harwell)

For a full list of changes in this release candidate, please see the ChangeLog:

Thank you for your continued support of Asterisk!

What can we help you find?