Procedure for updating vulnerable modules

We started getting alerts for the framework and ucp modules. They have security vulnerabilities and need to be updated. I waited a bit to see if a PBXact release would come (since it seems generally frowned upon to update individual modules in PBXact), and have not. Does anyone know if Sangoma would find it problematic if I were to update these outside of the normal SysAdmin update tool?

I’m running 10.13.66-13 on a few UC 60 appliances.


We published last week 10.13.66-14 to our wiki for PBXact

It was going through some testing this weekend and has now been published as GA.