Release Notes

This update is mostly a "bug fix" and "security asset" release. Some small internal improvements were included, even if they are not listed belowfixes a nasty issue with the connection between Asterisk and the Web console. This issue involved the Presence service as well. Another important fix is the XSS script attack prevention that has been fine tuned.

PrivateServer - 2.4.4174

Improvements

• N/A

...

• [PS-7021265] - Access prevented on the HTTP port 8080. The "*.madama.at" certificate has been updated

Fixed Bugs

• [PS-1236] and 1291] - Console doesn't always reconnect automatically to AMI if Asterisk has been restarted
  • [PS-
  1237] - XSS possible attacks blocked.
  • 1287] - Registered accounts list is empty after Asterisk has been restarted
  • [PS-
  1255] - The webserver now hides its version from malicious users.
  • 1289] - Pruning the presence cache prevents to repopulate it
• [PS-12671299] - Fixed a bug in the HTTP service binding that prevented console service and smartphones' one to be splitted on two NIC.SMS installation link is detected as a possible XSS attack and thus it's improperly blocked