Elastix Bugs
Project:
RSS


Anonymous | Login | Signup for a new account

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0002003Elastix distrofreePBXpublic2014-10-01 19:392014-10-06 19:04
Reporterbob 
Assigned Toeabad 
PriorityurgentSeveritymajorReproducibilityN/A
StatusresolvedResolutionfixed 
PlatformOSOS Version
Product Version2.4.0 
Target VersionFixed in Version 
Summary0002003: FreePBX Vulnerability reported by FreePBX on 30/9/2014
Descriptionhttp://support.freepbx.org/node/92822 [^]

On a quick review, as Elastix 2.4 has ARI installed and 2.8 Freepbx and appears vulnerable (if Elastix is exposed to the outside).

I have not had time to look further on how much it affects Elastix, but wondering if any feedback from Elastix.
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
(0007514)
a_villacis (administrator)
2014-10-06 13:26

Fixed by upgrades.
(0007516)
bob (manager)
2014-10-06 19:04

Alex,

I have had a brief look at the updates RPM provided by a yum update.
Can you confirm the following for users on Elastix 2.4 with 2.8.x Freepbx

1) The update that is important is freePBX-2.8.1-18.noarch.rpm
2) You are recommending that users perform a yum update or yum update freepbx?

And for users on Elastix 2.5 beta (with Freepbx 2.11) to use the method suggested by Freepbx (e.g. remove ARI modules)??

Regards
Bob


- Issue History
Date Modified Username Field Change
2014-10-01 19:39 bob New Issue
2014-10-01 19:39 bob Status new => assigned
2014-10-01 19:39 bob Assigned To => eabad
2014-10-06 13:26 a_villacis Note Added: 0007514
2014-10-06 13:26 a_villacis Status assigned => resolved
2014-10-06 13:26 a_villacis Resolution open => fixed
2014-10-06 19:04 bob Note Added: 0007516


Copyright © 2000 - 2016 MantisBT Team
Powered by Mantis Bugtracker