You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Latest update

Release Notes

Release 14.3.5606 fixes some bugs. Despite PrivateServer carried a version of bash vulnerable to shellshock attack, due to its internal architecture, it is not possible to exploit the vulnerability remotely (eg: via HTTP access).

This version carries an upgrade to bash to fix shellshock.

 

** Bug
* [PS-1048] - Web console users form "forgets" the user role if the password is not accepted
* [PS-1054] - UI: obfuscation key not applied before to "Update Accounts"
* [PS-1191] - Unmanaged SQLException in license cache services
* [PS-1315] - Asterisk does not manage properly TLS error with trunk
* [PS-1328] - Trunk messagenet modified from udp to tls without register flagged, appears online (OK) in sip show peers.
* [PS-1344] - Clear License cache if the same username change device
* [PS-1393] - TLS Trunk: connection error not handled by Asterisk
* [PS-1459] - Sending message and pretending a network issue
* [PS-1498] - Redirect denied when i have received an sms or email to install PGSm on Blackberry.
* [PS-1703] - In the Conference room List, I was able to Create a new conference room that already exist by ticking the Scheduled box.
* [PS-1793] - Regression: "delete filter" icon disappeared
* [PS-1795] - Regression: account creation wizard doesn't work
* [PS-1797] - Regression: automatic activation doesn't work anymore
* [PS-1801] - Regression: checboxes are always checked
* [PS-1811] - Regression: "image" buttons in forms stopped working
* [PS-1812] - checkbox for "Re-route temporary unavailable users?" in "Outbound SIP trunk configuration page fails to be checked
* [PS-1814] - checkbox for "Re-route temporary unavailable users?" in "Outbound SIP trunk configuration page fails to be checked
* [PS-1815] - The default button on the "SIP/TLS Configuration" page is the Reset button, not the Update button
* [PS-1816] - HDIV 2.x fails on a session initialized by HDIV 1.x
* [PS-1817] - KO user batch creation failed with message: "Group not found with id 0"
* [PS-1818] - ntp server cannot be updated

* [PS-1837] - WARNING in dialplan "verbose_exec: 'caller policy: no' is not a verboser number"

* [PS-1886] - Asterisk crashes when trying to poke unreachable TCP trunk

* [PS-1892] - Wrong cipher suites are set for AES-256 SRTP
* [PS-1895] - Phone numbers starting with "+" char do no works with trunk failover
* [PS-1918] - HTTPS cipher suites change do not trigger a security event
* [PS-1919] - SIP/TLS cipher suite change does tno trigger an asterisk restart


** Improvement

* [PS-1441] - Map /favicon.ico URL, required by old/legacy browsers
* [PS-1754] - Disable autocomplete on password fields

* [PS-1854] - Fix iso version and splash colors

* [PS-1894] - Add ECDH and DHE cipher suites for SIP/TLS
* [PS-1896] - New generated key includes support for DHE cipher suites
* [PS-1904] - Disable SSLv3 in Asterisk
* [PS-1905] - Disable SSLv3 in Tomcat
* [PS-1906] - Disable SSLv3 in OpenSSL
* [PS-1915] - Configure Tomcat TLS Ciphers

** New Feature
* [PS-424] - Add DH ephemeral support to TLS

 

** Request
* [PS-1870] - CLONE - "Restart Services" is still after assigning new certificate to one service


** Task
* [PS-1432] - Review referential integrity constraint between raw_session_log and session_log
* [PS-1677] - Check if in case of update of certificate in use on PrivateServer the console asks to restart services that were using that certificate
* [PS-1856] - Define TLS test plan and tools
* [PS-1859] - Embed local copy of SAML plugins
* [PS-1878] - CLONE - Disable TLS compression
* [PS-1912] - Backport security fixes from OpenSSL 1.0.1j
* [PS-1914] - Enable TLS_FALLBACK_SCSV extension in Tomcat

 

Improvements

  • [PS-1823] - While creating a Conference room and setting end time minor to start time in the error message there is a mistake 

  • [PS-1857] - Update expired default certificate *.madama.at

  • [PS-1860] - Increase username max length to accomodate email addresses

Fixed Bugs

  • [PS-1307] - Audio Messages: Dialplan gets the wrong "Audio Tone" value when multiple Trunk are set

  • [PS-1777] - NTP service default configuration is broken

  • [PS-1850] - Error message with accented letters in login screen are rendered wrongly

  • [PS-1864] - Manual modification of account password is not applied

  • [PS-1889] - Shellshock fix

Update impact

Here are the impacts upon the update process:

from 14.2.5450: 
  • Web console will be restarted, interrupting services: 
    • web console
    • presence
    • secure messaging system

from earlier versions:

server will be rebooted

  • No labels