Reference10:Release Notes Linux Application Platform
These release notes describe the V10 (that is, Reference10:Concept_Linux_Application_Platform based) linux application platform.
This article contains the link to the new project lists replacing the release notes. Do not edit!
Please click the link to continue.
Please see the disclaimer before using the information presented here!
Linux Application Platform V10
V10 Service Release 1 (100062)
3669 - Logrotation didn't work due to updated logrotate package
Ticket #103856. The updated packages required permission changes on and in some files.
3649 - Removed obsolete NTP client for successfull NTP updates
Ticket #103291. There were two NTP clients started, which caused the NTP daemon to crash on startup.
Now one of these clients has been deleted.
V10 Service Release 2 (100067)
3686 - Allow non default HTTP port for device after initial Linux installation
Ticket #104360. Now the IP address and an optional port can be entered for the device, where Linux is running, e.g. 172.16.123.123:8080
3706 - NTP server handling reworked and cleaned up some files
Ticket #104632. This simplifies debugging and prevents init script from failure. NTP servers are correctly synced with NTP servers from DHCP.
V10 Service Release 3 (100079)
3796 - Correctly parse server ssl certificates for reject list
Ticket #106838. Now ignoring an openssl return code > 0 and instead try to parse the response for certificates.
3833 - Include SSL certificate in curl requests to support servers with activated MTLS
Ticket #107938. Otherwise the Linux application platform can't be authenticated.
3750 - Linux: create certificate signing requests and self-signed certificates
Ticket #106083. It is now possible to create such application certificates.
3756 - Linux: do not execute apt-get update after installation of hotfixes
Ticket #106159. This command attempts to connect to internet and download some files. If there is a bad internet connection or no connection at all, the command may hang a while.
3757 - Linux: V10 application hotfix could be installed on V1 application platform
Ticket #106160. check that major versions match before installing a hotfix for an application.
3785 - Mutual TLS support
Ticket #106653. Linux now supports mutual TLS. You can configure a port for MTLS connections.
V10 Service Release 4 (100083)
3862 - LDAP: rebind needed to follow referrals
Ticket #108647. If we try to follow the referrals we need to re-authenticate. If not done the LDAP library attempts with anonymous and the server responds with an error.
V10 Service Release 5 (100086)
3947 - Fax server: Support for charset of plain text
Ticket #111310. Now the fax server converts the plain text of an email to UTF-8 with the given charset in the email header.
V10 Service Release 6 (100088)
3988 - Increased number of relay cdr files from 6 to 10
Ticket #112413. http://wiki.innovaphone.com/index.php?title=Reference10:Concept_Reporting#Relay_CDRs
4031 - Linux: execute backup script only once per hour
Ticket #113390. the script must be executed only once per hour but there was a bug and it was executed every "poll timeout" minutes.
V10 Service Release 7 (100097)
4056 - Completely shutdown Linux VM on Diagnostics->Reset "Shutdown"
Ticket #114370. Now the VM shutdowns completely.
4057 - Prevent usage of a backslash inside public web/webdav urls
Ticket #114374. Otherwise the lighttpd webserver couldn't be restarted.
4060 - Rotate system log files on 5MB size
Ticket #114414. Some logfiles have been rotated after 1GB under certain circumstances.
V10 Service Release 8 (100105)
4065 - Create webdav install directory if not existant
Ticket #114637. If a customer deleted the webdav install directory, it will be recreated now.
4117 - Linux: copy init_install.log to root partition
Ticket #116002. in case something goes wrong during linux installation
4126 - Linux: error parsing certificates
Ticket #116188. we assumed an specific format for PEM files but these files could contain some additional information.
4091 - Updated translations
Ticket #115368. Updated translations of Linux and its applications.
V10 Service Release 9 (100111)
4183 - auth.log increasing due to unnecessary sudo system call
Ticket #117527. The system log file auth.log has been growing quite fast due to a sudo system call inside a PHP file which was not necessary.
This call is now only done if really needed.
4159 - Linux: application platform monitoring
Ticket #117112. there is a new php script which returns a xml file containing the output from the most relevant commands used for monitoring, free, ps, top, ss.
4135 - Linux: increase swap partition to 512 MB
Ticket #116414. avoid a crash if memory and swap get full.
4136 - Linux: performance statistics
Ticket #116418. result from uptime and free commands will be shown under Diagnostics/Status.
4182 - Rotate system log files without weekly/daily condition and use of correct PATH
Ticket #117512. Otherwise these log files might get too big.
The postrotate script hasn't been executed as the wrong PATH variable has been used.
4199 - Update OpenSSL due to OpenSSL Heartbleed bug
Ticket #118148. Integrated latest openssl package.
V10 Service Release 10 (100114)
4243 - More checks for the first time installation
Ticket #119770. The first time installation might fail on different points.
Now it is checked if the new file system is in a good state and the copy operation didn't cause errors.
Also the web server start after a reboot has been delayed.
4217 - Removed timestamp from manual backup filenames
Ticket #118740. Removed the timestamp from manual backup filenames, which makes them easier to use for software.
V10 Service Release 11 (100118)
V10 Service Release 12 (100124)
4347 - Enabled support for basic authentication for backup script retrieval
Ticket #123064. Before only save authentication methods have been allowed, now basic is also enabled, which is still safe with TLS.
4335 - Updated translations
Ticket #122668. Updated translations.
V10 Service Release 13 (100127)
4350 - Fax server: Unrecognised PDF document with mail from Apple Client
Ticket #123303. If a mail with a PDF document is sent from an Apple client, the PDF document isn't attached to the fax document. This is fixed now.
4358 - Fixed potential failure on first install of the image
Ticket #123728. There had been a small chance that the initial install sript has been executed twice at once which caused the installation procedure to fail.
4357 - Increased PHP memory limit on VM
Ticket #123725. We doubled the PHP memory limit for the linux VM. This is e.g. usefull for huge faxes.
V10 Service Release 14 (100136)
4400 - Linux: CDRs are not URL decoded if reporting is not installed
Ticket #125895. CDRs were not URL decoded before writing them to disk.
4402 - Linux: logrotate should not restart the Webserver
Ticket #125937. There is another way to rotate the lighttpd log files without restarting the webserver.
V10 Service Release 15 (100147)
4419 - Linux: Email address validation
Ticket #126805. Email addresses with e.g. '=' aren't accepted, used by the fax server application. The email address validation function is fixed now.
4448 - Run database vacuum only at night
Ticket #127681. It is not needed to be run multiple times a day and it also consumed to much resources.
4465 - Support for PBX CDRs: New info-from/info-to tags, to get dialed number
Ticket #128145. The numbers in conn-from/conn-to could be adjusted by a received "connected number"
4444 - Updated bash package due to bashbleed/shellshock bug
Ticket #127581. http://derstandard.at/2000006008829/Bashbleed-Kritische-Sicherheitsluecke-bedroht-Linux-und-Unix-Systeme
V10 Service Release 16 (100154)
4510 - Added Polish translation
Ticket #130261. We added the Polish translation.
Mainly innovaphone Reporting has been translated, but innovaphone Faxserver and innovaphone Exchange Calendar Connector are also mostly translated.
The innovaphone application platform itself still remains untranslated for Polish.
4483 - Disable SSL 3.0 in web server due to POODLE bug
Ticket #128951. Since ssl 3.0 is insecure, we disabled its support inside the webserver of the Linux AP (lighttpd)
http://derstandard.at/2000006854219/POODLE-Neue-Luecke-gefaehrdet-verschluesselte-Internetverbindungen
4479 - Suppress duplicate call entries in myPBX call list
Ticket #128862. A user with multiple devices might have experienced duplicate call entries in the myPBX call list under certain conditions.
4486 - Validation check for email adresses
Ticket #129306. A new validation check also checked DNS records for the email domain which produced false results.
V10 Service Release 17 (100157)
4561 - Do not return a server error 500 on CDR XML parse errors
Ticket #132424. Otherwise the PBX always tries to send the same CDR again.
Instead ignore this CDR and set up an event on the PBX with the failed XML.
4530 - Linux: Country field was missing in the signing request
Ticket #131440. This field was not included.
4565 - Updated Polish translation
Ticket #132464. The Polish translation has been updated.
V10 Service Release 18 (100160)
4576 - Destroy session data for php scripts which are not used within web UI
Ticket #133075. This reduces the amount of session files and speeds up the session cleanup script.
4560 - Linux: memory leak in process.fcgi
Ticket #132413. some memory was not freed.
4584 - Updated translations
Ticket #133817. Some translations have been updated.
V10 Service Release 19 (100163)
4604 - Updated translations
Ticket #134808.
V10 Service Release 20 (100168)
4668 - Linux: ntp server not removed from ntp dhcp config file
Ticket #139616. the ntp server was not removed from this file.
4661 - Too many log files caused broken log downloads
Ticket #139476. Downloading of log archives hasn't been possible with too many log files.
This is fixed now.
V10 Service Release 21 (100173)
4760 - Correct handling of missing msg/time attribute in CDR xml
Ticket #141662. A missing msg attribute could have caused a trap of an application on the Linux AP.
4783 - LDAP: requests done for all cdr events
Ticket #142486. although the external numbers were equal for the different events, LDAP requests were carried out.
<!-
cdr.c
-->
4782 - Optimized query for missed calls in myPBX with Reporting
Ticket #142479. The query for missed calls might have taken quite long, so that other call list request got stuck and caused "Call list not available" errors in myPBX.
4770 - Relay Host: UI description changed
Ticket #141932. UI description of the relay host configuration is changed.
4738 - Updated openssl packages
Ticket #141055. The package updates fix some security issues.
V10 Service Release 22 (100174)
4847 - DER certificate download had wrong file ending
Ticket #144960. The DER certificate download file name on the Linux Application Platform now ends with '.der'. Now windows recognizes the file as installable certificate.
4815 - Removed windows line break in install script
Ticket #143943. The script contained a windows line break which caused a confusing (but harmless) log message.
V10 Service Release 23 (100176)
4884 - Write access to webdav broken with public root access without write flag
Ticket #145946. If the root has been configured as a public webdav path without the write flag, further folders with the write flag have been ignored.
V10 Service Release 24 (100178)
4968 - Concurrent myPBX client call list requests may caused empty reports
Ticket #148271. Due to a non thread safe function call, multiple concurrent call list requests may have produced empty reports.
4970 - Reporting/myPBX: handling of calls to unregistered users
Ticket #148399. These calls were shown as missed calls although they just contained setup und release events without an alert event.
Now these calls are not shown as missed call in myPBX anymore although the call itself will be still shown in the call list.
In the call details, the call will be shown with an error symbol.
Cause Codes:
18 == No User Responding
19 == No Response from User
V10 Service Release 25 (100181)
5070 - Added French, Russian and Czech translations to Linux and its applications
Ticket #151956. French, Russian and Czech translations are now integrated.
V10 Service Release 26 (100183)
5163 - Alarms on CF card/hard disk error detection
Ticket #154546. The kernel itself mounts the partition as read-only if it detects issues with a CF card/hard disk.
A script now checks every 30 minutes, if write operations are still possible.
Another check tries to find bad blocks on CF cards (VM is ignored). This can be only done in read-only mode, as the partition is mounted, so the check might not find bad sectors before it is too late.
An alarm server must be configured to receive these alarms!
http://wiki.innovaphone.com/index.php?title=Reference10:Event/0x0018009b
http://wiki.innovaphone.com/index.php?title=Reference10:Event/0x0018009c
5167 - LDAP: server active flag was ignored
Ticket #154749. LDAP servers are checked although they are inactive.
V10 Service Release 27 (100090)
5201 - Better webdav support for LAP
Ticket #156134. The lighttpd of the LAP is now compatible with WinSCP and Webdav.
5247 - Do not show connected calls from WQs as missed call in myPBX
Ticket #158104. This was caused by a previous hotfix.
5232 - Fixed some date formats of certain languages in the calendar note
Ticket #157536. Some date formats haven't been correctly "translated".
5217 - lighttpd delivers whole certificate chain now
Ticket #156607. As long as the uploaded server certificate contains the whole certificate chain, the lighttpd web server will now deliver the whole chain.
V10 Service Release 28 (100193)
5230 - Possible deadlock with CDRs and database reindex
Ticket #157441. The deadlock itself can't be avoided, but the database connection itself went bad.
Now, the database connection is restarted in such a situation.
V10 Service Release 29 (100194)
5339 - Speedup CDR deletion and database cleanup afterwards
Ticket #163231. A separate REINDEX of the database is not neccessary anymore since PostgreSQL 9.0.
Additionally more RAM is now assigned to the process which cleans the database.
RAM is calculated based on free RAM with a minimum value of 32MB.
The general setting of maintenance_work_mem has been changed according to the total system RAM (5%).
A warning is now shown that CDR deletion might prevent CDRs from being written to the database.
V10 Service Release 30 (100195)
V10 Service Release 31 (100199)
5385 - Add link to the audio converter on the official innovaphone homepage
Ticket #166858. The LAP audio converter does not offer as many codecs and lacks a wider input file support.
5395 - LAP support of IPx11 platform
Ticket #167135.
V10 Service Release 32 (100210)
5436 - Do not perform vacuum full after CDR cleanup
Ticket #169045. VACUUM FULL requires too much additional disk space.
Without the FULL option, freed disk space cannot be reclaimed by the OS, but PostgreSQL will still reuse it for further CDRs.
5449 - Updated packages due to bug in glibc getaddrinfo CVE-2015-7547
Ticket #169484. https://security-tracker.debian.org/tracker/CVE-2015-7547
Updated packages:
libc-bin
libc-dev-bin
libc6
libc6-dev
locales
multiarch-support
V10 Service Release 33 (100215)
5483 - Fixed installation of the LAP VM on greater hard disks
Ticket #170771. The installation of the LAP failed on hard disk with greater sizes.
5498 - LDAP: process.fcgi may crash if connection to database is not available
Ticket #171521. pointer will be null if the database is not available
V10 Service Release 34 (100218)
5520 - Added new innovaphone device CA certificate to trusted MTLS CA certificates
Ticket #172150. The second innovaphone device CA certificate now works with MTLS on the LAP
5540 - Fixed php handling of lighttpd
Ticket #172935. PHP hasn't been handled correctly in all circumstances.
V10 Service Release 35 (100221)
8608 - Fixed cleanup of temporary lighttpd upload files
Files under /var/tmp/lighttpd haven't been correctly deleted if too many of them existed.
V10 Service Release 36 (100225)
8736 - Just reload postgresql instead of restart on remote access IP changes
use /etc/init.d/postgresql reload instead of restart after IP configuration changes.
V10 Service Release 37 (100227)
V10 Service Release 38 (100234)
13798 - Reporting: LDAP Request with H323-Name
New checkbox 'Use H323 as Search Base'.
If the checkbox is set I use the h323 field inside the CDR Tag as base for the LDAP Filter.
If not, I take what it is defined inside the Base field of Reporting.
V10 Service Release 39 (100235)
V10 Service Release 40 (100238)
V10 Service Release 41 (100239)
V10 Service Release 42 (100241)
V10 Service Release 43 (100242)
V10 Service Release 44 (100243)
22216 - Blacklist kernel moduel n_hdlc due to kernel bug CVE-2017-2636
We now blacklist the kernel module n_hdlc, so that this module can't be loaded anymore due to a kernel bug CVE-2017-2636.
Due to this bug an unprivileged user could gain privileged access to the system.
This bug can't affect our ARM platform, as this kernel module is not installed there, just on I386 virtual machines.
V10 Service Release 45 (100246)
V10 Service Release 46 (100247)
26694 - Fixed logrotate issues
The logrotate script didn't contain the correct PATH, so that some binaries haven't been found during logrotation.
This may cause increasing logfiles instead of correctly rotated logfiles.
V10 Service Release 47 (100249)
V10 Service Release 48 (100251)
V10 Service Release 49 (10025300)
35932 - Fax Server Incoming Mails: Behavior with wrong date format
If an incoming mail has a wrong date format, the mail can't be read. Used by the fax server and it stops working.
V10 Service Release 50 (100254)
V10 Service Release 51 (100256)
39233 - Fixed parsing of Web Server PEM Certificate for postgresql Public Key
If the PEM certificate contained the certificate request, the resulting postgresql public key was broken and the database didn't run anymore.
V10 Service Release 52 (100257)
40768 - Correctly parse certificates without newline at the end of the file
V10 Service Release 53 (100258)
V10 Service Release 54 (100259)
V10 Service Release 55 (100260)
V10 Service Release 56 (10026300)
V10 Service Release 57 (100264)
58834 - Fixed arbitrary file read vulnerability in log file functionality
The logfile download functionality could be missused to download any system file. As you had to be logged in as admin user anyway to use this functionality, this is considered as a minor vulnerability .
Now just log files under /var/log and /var/www can be downloaded.
58837 - Fixed command injection in log file clear functionality
The logfile clear functionality could be missused to execute system calls. As you had to be logged in as admin user anyway to use this functionality, this is considered as a minor vulnerability .
Now the logfile parameter must start with /var/log or /var/www and the parameter is internally enclosed in quotes.
V10 Service Release 58 (100265)
V10 Service Release 58 (100265)
V10 Service Release 59 (100266)
V10 Service Release 60 (100267)
V10 Service Release 61 (100268)
V10 Service Release 62 (100269)
V10 Service Release 63 (100270)
75245 - V10 Faxserver - add unoconv patchfile for update to stretch
75211 - V10 Faxserver - unoconv.patch file not working
The patchfile for unoconv after a dist-upgrade to Debian 8 will not work.
File moved to "unoconv_jessie.patch