There are 6 modules vulnerable to security threats:
voicemail (Cur v. 14.0.6.16) should be upgraded to v. 14.0.6.25 to fix
security issues: SEC-2021-009
manager (Cur v. 13.0.2.7) should be upgraded to v. 13.0.2.10 to fix security
issues: SEC-2021-010
blacklist (Cur v. 14.0.3) should be upgraded to v. 14.0.5 to fix security
issues: SEC-2021-011
bulkhandler (Cur v. 13.0.23) should be upgraded to v. 13.0.24 to fix
security issues: SEC-2021-011
tts (Cur v. 13.0.13) should be upgraded to v. 13.0.15 to fix security
issues: SEC-2021-011
ucp (Cur v. 14.0.3.18) should be upgraded to v. 14.0.3.21 to fix security
issues: SEC-2021-011
What’s is the best site to read about these vulnerabilities.
I’m a little nervous to update my FreePBX 14 box because the yum updates have fallen quite behind. I think it could break the box. These vulnerabilities have made me paranoid enough, I’m thinking about spinning up a new FreePBX 15 box, updating it all the way, and restoring my nighly. The only thing I have not done before is transfer my Starter package license.
I do have a secondary FreePBX box running, however, I have been unsure of the backup module difference. For instance, on the myFreePBX 14 box, I just dragged ALL of the options for backup to make sure I have everything backed up. On FreePBX 15 If I select this option, all 94 modules:
Is that everything, or do I have to add items to CUSTOM below it?
I want a complete backup of everything, Voicemail, IVR’s literally everything like I do with FreePBX 14, but I’m unsure of what items to choose with the way the new interface works… I looked for an updated manual, but for some reason I can’t find it for freePBX 15.
It basically seems to imply that if one backs up ALL modules and these two directories, that SHOULD include everything INCLUDING voice records, IVR’s etc. Is this correct, would this be a TRUE full backup. Basically if I do this and include these custom directories, and do a restore later, will I have EVERYHTHING restored?
ASTSPOOLDIR/monitor
ASTETCDIR" to include *_custom.conf
If someone can confirm this really is a full backup that would be great.
Okay, this is driving me nutty. In FreePBX 14, if I chose local storage, backups we’re saved to here:
/var/spool/asterisk/backups/BACKUPNAME
As you can see this is still the case, however FreePBX 15 insists on having a filestore location, ANY local location I add, when I run the backup I get PERMISSION denied, backup failed. The backup is running, and it DOES get save in the original /var/spool/asterisk/backups/BACKUPNAME, but it NEVER get copied to the local file path I choose, because FreePBX says it dosen’t have permissions to make that directory. I tried, chmod’ing a directory with more rights, no matter what I do FreePBX says it dosen’t have right to the file path and as a result the backup failes, but there is a copy in the default backup directory. Anyway to just tell Backup & Restore to go with /var/spool/asterisk/backups/BACKUPNAME, as it already is?
WTF? Insists on having? Of course you have to have a file location to save the backup. Just because FreePBX 15 added a way to easily have various options you get mad?
Go in to Settings → Filestore and make a storage location.
If you open it up you will see the /files/tmp folder holds the sql data for CEL & CDR. It also apparently holds something for Zulu and SMS, which I am not using.
A default one. I have this all worked out. I think I was a little mis-understood. @sorvani I’m not mad. I just saw that they added a filestore location. Which you’re right is a RELLAY good thing. And I see I can use the variable to point to the same place locally, so that’s great too. I just realized I had to let the back up user create the directoty, instead of me creating it in the shell and pointing to the path. I have it all worked out. And thank-you for letting me know that MySQL isn’t being backed up. I have a script for that now.
It’s just different enough from FreePBX 14 that I wasn’t sure if everything was backing up in backup and restore if I chose all the modules, and then the 2 directories stated in the FreePBX 15 wiki for the new backup and restore module. I hope I’m not missing anything else, but I can test a restore and see. Sorry if I offended you. Thank-you for all that you contribute to the community. You were a great help to me when I was starting out with FreePBX. And you still are.
@sorvani, just to clarify, If I backup ALL modules, and this:
ASTSPOOLDIR/monitor
ASTETCDIR" to include *_custom.conf
Would that Be a FULL backup for FreePBX 15, I want everything, All module Data (Extensions, ring groups), voicemails, recording etc. Is there anything else I should add? The documentation seems to indicate this would be a full backup. I just want to make sure I have everything (Like I did for my 14 box), and I am not missing anything.
