In this update:  Security update, infrastructure improvements, improved validation mechanism for GUI and API, and bug fixes

IMPORTANT NOTE! When upgrading from version 5.0.59 or older, follow the following procedure (click to expand)
If you are upgrading a Spark system, you may ignore the special instructions.
For any other system of version 5.0.59 or lower please perform the following steps:

1. run
yum install xorcom-centos-release

2.  run
yum update

This will ensure the system will be updated from the correct repositories.

PBX Improvements

  • Infrastructure improvements
  • Improved validation mechanism for GUI and API

Security

  • A fix to CVE-2021-4034. Relevant for all product versions, excluding Spark. The security breach allows unprivileged users to run commands as privileged users.  More info here: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4034
    It is always advised to protect your PBX by minimizing access and permissions as much as possible and making sure the PBX is installed behind a firewall.

Bug Fixes

  • StatExplorer – failed to auto-export PDF reports (in some versions)
  • Minor GUI issues
  • An issue with installing French sound files (cbpx-sounds-fr) on Swift
  • It is not possible to disable firewall or whitelist hosts on Swift