v10.5 Release Notes
Critical Update, please upgrade ASAP
This version changes the focus from Ease of Use to Secure-First. As such, we overhauled the security infrastructure which introduces breaking changes you should be aware of.
Breaking Changes
- The web site can now be accessed over HTTPS only. The HTTP port always redirects to HTTPS, no exceptions. If you do not have a certificate already, you may generate a self signed one, using the embedded Certificate Manager, but we recommend you generate one using your enterprise root certificate. That also applies to all other connections, such as Replication.
- The database password becomes system controlled and is changed by default to a random value. If you need direct access to the DB, you should set a NEW manual password, using PreConfiguration. Do not revert to the old password.
- The default security profile is not compatible with SIP over TLS. In order to accept connections from CUCM v14 SIP over TLS, please lower the security profile from TLV v1.3 to v1.2.
Changes
| Id | Description |
|---|---|
| #3485 | Critical update |
| #3486 | Upgrade Storage servlet to SecureStorage |
| #3492 | Remove Log4J |
| #3493 | Upgrade Jetty to 10.0.8 |
| #3493 | Further security fixes; removed SearchByCallID |
| #3498 | Security improvements |
| #3499 | Auto changing Postgres password |
| #3500 | HTTPS only web site and RPC |
| #3501 | Upgrade Java to 17.0.2 |
| #3502 | Security improvements 2 |
| #3509 | Default certificate keysize set to 2048 bits |
| #3512 | Enabled HTTP/2 |
| #3521 | Added version and git version to login |
| #3530 | Secure Recording Fixes |