FreePBX 14 Release Candidate

It’s been over two years since the team at Sangoma set out to give FreePBX a facelift, and over a year since we completed that goal when FreePBX 13 went stable.

In the last 12 months, we’ve implemented hundreds of new features for FreePBX 13 while continuing to grow our Unified Communications product lines through Zulu. We released 6 formerly commercial modules as open source, emphasizing our support of open source. We’ve also added over 41,000 lines of new code while welcoming an additional 18 new contributors.

We also introduced Edge Mode for bleeding-edge module upgrades, support for Asterisk 14, improved reload times, self signing of modules and a new improved certificate manager that supports Let’s Encrypt. While adding all those new features, we’ve also fixed (at time of writing) 1185 reported issues.

For a full list of everything that was accomplished during our 13-release checkout our roadmap.

Making FreePBX Modern

One of the biggest problems we’ve run into over the past few years working on FreePBX 13 was the fact that we were basing FreePBX 13 around the PHP 5.3 platform. PHP 5.3 was released June 30th, 2009. With the release of FreePBX 14 we now require PHP 5.6 which was released August 28th, 2014. That’s over 5 years of improvements, which has resulted – among other things – in considerable performance improvements with 14 compared to version 13.

Due to this massive internal change, FreePBX 14 is now recommended to be installed on the Sangoma 7 distro.

Of course, manual and custom installations of all versions of FreePBX are still available, but the legacy Schmooze Distro (Cent 6.6) will not be able to upgrade to FreePBX 14 instantly, as it requires an Operating System Upgrade to Sangoma 7. More information about this will be coming in a few weeks.

Emphasizing Security

One of the first changes we made in FreePBX 14 was to let systems automatically update modules that have security vulnerabilities. This will ensure that when we release updates to modules that have security issues, your systems will be updated to prevent those security issues – in less than 24 hours! We’ve made this option opt-out, so you can disable it through Advanced Settings if you desire, but we recommend against it!

Upgrading with Ease

The days of running distro upgrade scripts or having to go deal with stuck upgrades are over. In FreePBX 14 all system upgrades are done right through the GUI, in the same place you’d normally go to update modules.

You can also schedule automatic module or system upgrades at specified dates and times.

Globalization & Localization Improvements

Sangoma Technologies is a global company with over 150 employees worldwide. We realized that United States of America date formats don’t work for many countries and locals. FreePBX now comes with the ability to define the time zone, language and date/time formatting system wide, per group and/or per user.

Each user can also individually define and change these settings from within UCP. FreePBX 14 now also supports a broader scope of UTF8 which means you can now save settings in FreePBX with emojis!


Introducing The Calendar Module

For a long time, we’ve heard different scenarios of complex time conditions logic to deal with holidays such as Easter (which falls on a different day every year).

To solve this in 14 we implemented a calendar module. This module allows you to add any web based iCal, CalDav, Google or Exchange Web Services calendar. You can also add local calendars through which you can add custom events. These calendars can then be linked to Time Conditions, Paging Pro groups, Find Me/Follow Me enabled/disable events and more!

To learn more about the new Calendar Module see: http://wiki.freepbx.org/display/FPG/Calendar+Module and http://wiki.freepbx.org/display/FPG/Calendar+Event+Groups+Module.

Remote calendars can be updated on a specific schedule you define. This allows you, the administrator, to delegate a calendar out to your users that they could update, adding events when the office is open which will then trigger Time Conditions at the appropriate times. We hope this new feature helps to ease configuration and management of your FreePBX systems.

A Redesigned UCP (User Control Panel)

Starting with the addition of the ARI back in the 2.x era, FreePBX has long had a need for a User Control Panel. A place where your end users can go to change specific settings related to their accounts or listen to voicemails or call recordings.

In FreePBX 12 we completely overhauled the UCP interface to give it important HTML5 updates. Including in-browser playback of recordings, notifications, a responsive interface, native chat and an in browser WebRTC phone. In FreePBX 14 we’ve gone one step further by giving your users complete control over how their Control Panel looks and feels.

With the additions of dashboards and widgets users can add, remove, resize and organize how they want their dashboard(s) in UCP to look and function. Users can have multiple dashboards that have different configurations of widgets. You could have one dashboard for your voicemail boxes and another dashboard that has widgets for your queues. For more information on the new UCP and what’s changed click here.

XMPP Improvements

Six months ago, we decided to open source our XMPP chat module but promised to continue improving the underlying source code.

Staying true to this promise we have completely reworked the internals of our XMPP module. Our new chat engine is more robust than ever and is fully supported by our flagship UC Zulu product line. Support for group chats, avatars, message history and more is already supplied in XMPP and best of all it’s free!

Zulu already supports these outstanding features and in the next few months the UCP chat interface will also support rooms, avatars and message history. We are very excited with how Zulu has progressed and how it’s also helped to expand the FreePBX Open Source Portfolio.

Moving Forward

In the next six months, we hope to release a Beta of FreePBX 15 with a redesigned backup module that will no longer be required to restore from the same version you are backing up to. This will also start our quicker release period where major FreePBX releases will happen every 6 months.

Get FreePBX 14 RC1 Today

Choose one of the following methods to install, provide feedback & report bugs:

Thank you for using FreePBX!

Security Vulnerability Notice

Summary:

An unauthenticated remote attacker can run shell commands as the Asterisk user of any FreePBX machine with ‘Recordings’ versions between 13.0.12 and 13.0.26.

Details:

The recordings module lets you playback recorded system files. Due to a coding error and a PHP quirk, certain Ajax requests were unauthenticated when requesting files.

This has been fixed in Recordings 13.0.27.

For PBXact UC users on version 10.13.66 make sure you upgrade to version 10.13.66-15 or higher to receive the patch.  For information on how to update your PBXact system review our wiki here.

For FreePBX Distro users on version 10.13.66 you can either upgrade the Recordings module in module admin to version 13.0.27 or upgrade to FreePBX Distro 10.13.66-15.  For information on how to update your FreePBX Distro system review our wiki here.

This vulnerability was discovered by: Adrian Maertins <adrian(dot)maertins(at)gmail(at)com>

Additional Details:

As FreePBX is an appliance, any remote shell access can be leveraged to become root.

Keep in mind for security, performance, and the best user experience be sure you keep ALL modules up to date. Some security and functional updates may be delayed or unreleased by maintainers of 3rd party repositories.

It is also always good practice when requiring internet access to your PBX to run the FreePBX firewall and/or other quality firewalls in front of your system. Limit access via VPNs and where possible, such as Sangoma Phones, take advantage of native phone VPNs to minimize the exposure you must provide to potential hackers by limiting the ports you need to open.

Links to More Information:

http://wiki.freepbx.org/display/FOP/2016-08-09+CVE+Remote+Command+Execution+with+Privileged+Escalation

http://issues.freepbx.org/browse/FREEPBX-12908

History of Security Vulnerability:

Sangoma takes security issues very seriously and we try to work with security experts who find such vulnerabilities in a cooperative manner in order to maximize the ability to protect the user base with timely patches and appropriately timed communications.

This particular vulnerability was reported and the reporter only provided a short time window of three days before disclosing the vulnerability. As such, we have not been provided adequate time to get a proper CVE which we will be working on and we are providing patches to address the issue and requesting users update their systems immediately to be protected against possible hackers once they see the report and create malware attack scripts to go after FreePBX systems open to the internet.

FreePBX 13 BETA is Ready For Testing

FreePBX 13 BETA is Ready For Testing

The development team is excited to announce the FreePBX 13 BETA release is now OPEN and available for install via the FreePBX Distro, or upgrade your current Alpha system through Module Admin.

When you open up the new version the first impression will be a complete change in the look and feel. You’ll discover features such as scrollable dropdowns, search bars, wizards and re-designed navigation menus that make your day-to-day interactions easier and faster. What won’t be immediately obvious is the vast “internal plumbing” changes that result in benefits such as significantly faster reload times especially for large installs and the replacement of the deprecated PearDB library with the modern PDO for faster and more secure database access.

The team has been working hard for 9 solid months; with close to a dozen developers involved, the results are impressive. We’ll be introducing a “Version Upgrade” module in the coming weeks once we get the initial feedback that this Beta looks solid, which means we need your help now to provide us that feedback!

“Town Meeting” via Google Hangout

We’ll brief you in just a moment, but first, please mark your calendars for our premier in a series of interactive Hangout Meetings where we will tell you more about Version 13 and give you an chance to interact with us directly to get your questions answered!

When: Thursday, July 9th 4PM EST

Where: bit.ly/1GNCg4c

Understanding What’s New in FreePBX 13

This new version takes off on many of the technologies and experiences that were introduced in FreePBX 12 where an all new mobile friendly User Control Panel (UCP) was introduced based off of Twitter’s bootstrap framework along with a myriad of other enhancements spanning from Asterisk’s PJSIP support to HTML5 voicemail playback and recording to secure module signing.

The visual enhancements of 13 stick out right away. From the new grid layout of each module to the ease of use wizards:

FreePBX 13 Grid Layout

 FreePBX 13 Quick Create Extension

FreePBX 13 Wizard

The team has made changes based on your user feedback and improved UI design research. Past problems such as menu selections too long for your browser window have been addressed with scrollable menu bars and advanced users can navigate quickly with search box abilities:

FreePBX 13 ScrollFreePBX Search Boxes           

The list of navigation and usability improvements goes on; the best way to discover them is to get it up in front of you and start experiencing all the great things the team has been working on!

We also put in effort addressing some bigger “sub-systems” to further enhance FreePBX based on user demands and changing technologies with the evolution of Asterisk.

Bulk User Management has been a big request and has seen minimal support in the past. This version introduces the new Bulk Manager which is a pluggable module that allows you to do mass “spreadsheet” management of Users, Extensions, Contacts and DIDs, and designed to grow and scale with the evolution of FreePBX and the introduction of features from other modules that affect these.

 FreePBX 13 Bulk

Call Event Log (CEL) integration and reporting, the Asterisk evolution of CDRs, has been added to be able to view the detailed activity of events from calls on your system.

 FreePBX 13 CEL

 FreePBX 13 CEL

With FreePBX prevalent in over 220 countries, language localization has been a priority and version 12 already saw huge efforts in the improved localization abilities of FreePBX for different languages. This new version adds the next dimension of easy sound file management with simple online access to other languages. The last leg of this effort will be the System Recording module which will be re-written to enable the concept of multiple language versions of the same call recording and will be following right on the heals of this release. This means, for instance, you will be able to have a single IVR that can play in different languages with the exact same recording based on language selection decisions in the call flow.

 FreePBX 13 Localization

FreePBX has always had a very limited ability to work with it at the CLI level via various ‘amportal’ commands. This latest version has adopted the Symfony framework and began to offer much more extensive CLI access through the “fwconsole” command.

 

 FWConsole

There’s so much more to talk about that we can barely scratch the surface. The above are only highlights and the real efforts that have gone in can only be experienced by trying it out yourself. So we look forward to you helping us drive this forward to a release candidate and final release soon!

Downloads and BETA Availability

FreePBX 13 BETA is immediately available on the FreePBX 13 download page. The plan is once we move further in the BETA process we will release the .tgz file for users wishing to do localized builds on their own standalone systems. For the time being we are releasing only for the FreePBX Distro so as to control factors introduced by the OS or other unknown variables but any user can always checkout 13 from FreePBX git servers.

In order to help us release FreePBX 13 on schedule, users of the BETA release are encouraged to report any bugs, issues or errors at http://issues.freepbx.org.

For now we look forward to your feedback testing and helping us get 13 finalized! Without your contributions and support FreePBX wouldn’t be the most prevalent and open source PBX platform on the planet and for that we are deeply grateful!

FreePBX 12 Release and Astricon

HI Folks!

I’m sitting in the McCarran International Airport in Las Vegas about to head back home to attend a wedding from a wonderful Astricon which is still going (until Friday!). Just wanted to send you all a quick note that today we finalized FreePBX 12 with the release of Framework 12.0.2. This means we are officially certifying it “stable”. Bug reports are always welcome and can be filed at http://issues.freepbx.org.

It’s been a long couple of weeks (with lots of hair pulling) leading up this to announcement and with over 12,000 people already using FreePBX 12 we decided it was time to go stable. I can’t wait to work with all of you on FreePBX 12 and in the future. It’s a great release and FreePBX has come very far (technology wise) with it (and if you don’t know what we’ve done then scroll down to check it out). I’m proud of what we’ve accomplished and the community seems proud as well:

 

If you didn’t see my full break down when we released beta you should go check it out right now, otherwise I’ve broken down the important points here: http://community.freepbx.org/t/freepbx-12-beta-1-and-some-really-cool-stuff/22782/1

FreePBX 12

A few of the features included in the FreePBX 12 release are:

Asterisk 12 Support Allow a system to run both chan_sip and pjsip

Allow Extensions to be able to be switched between the two – Added an Asterisk Rest Interface Manager module to add users to be able to utilize Asterisk’s new Rest Interface New User Control Panel that replaces ARI

UCP (Please check online and download the module *after* upgrading to FreePBX 12)

– Presence
– Call History
– Widgets/RSS Feeds
– Modular design allows FreePBX hook into UCP
– Settings
– Find Me/Follow Me, VmX Locator, Call Waiting, Call Forwarding, Do Not Disturb
– Voicemail
– WebRTC
– Conference Pro
– Fax Pro
– SMS Support in UCP for SIPStation customers 

Brand New DashboardUpdates to Module adminCDR Reports now support html5 playback, no need to have quicktime player Parking now supports direct slot parking (Meaning you can transfer a call directly into a slot) Secure Module Signing (http://wiki.freepbx.org/display/F2/Module+Signing) The full list of features can be viewed here: http://wiki.freepbx.org/display/DC/12+Planned+Changes+and+Features

The requirements for FreePBX 12 are simple:

– Asterisk 1.8 through 13
– PHP 5.3.3 or higher

 

Upgrade and Download Plans

The easiest way to get access to the Release Candidate is by downloading the FreePBX Distro at http://schmoozecom.com/distro-download.php and following the steps in http://wiki.freepbx.org/display/HTGS/1.+Install+FreePBX. You can also download the tarball of just FreePBX manually from http://www.freepbx.org/download-freepbx and run through the setup processes documented in http://wiki.freepbx.org/display/HTGS/Version+12.0+Installation.

Whats Next?

So where do we go from here? What’s in the woodwork for FreePBX 13 and above? There are a few things we’ve all hashed around but nothing is set in stone yet, hopefully in the next few weeks we can start working with you on what will be included in FreePBX 13. One last thing, something that is important to me that I think we need to do more of is community blogging. Perhaps going over features or giving you more updates about what we are doing internally along the same lines as what Philippe did in years past. I’d like to engage more with you and get opinions and ideas about what you’d like to see in future versions of FreePBX. Remember that feature requests are always welcome at http://issues.freepbx.org. So won’t you join me on this crazy ride we call VoIP?

Andrew – On Behalf of the FreePBX Team!

FreePBX 12 RC Release

I hope everyone in the United States had a happy Labor Day weekend and for those of you outside the US I hope you had a happy Monday (or Tuesday for those of you living a day ahead of us) just the same. In case you haven’t been keeping an eye on FreePBX’s Module Admin we have made public the “FreePBX Upgrader” for all 2.11 systems that are not a FreePBX Distro based system. This give you the ability to be able to upgrade to FreePBX 12. But before you do that I advise you read the rest of this post (and make a backup… You did make a backup right?). If you don’t know why you should upgrade to 12, I highly recommend checking out our previous blog about the beta cycle: http://www.freepbx.org/news/2014-06-23/freepbx-12-beta-1-and-some-really-cool-stuff

A few of the features included in the FreePBX 12 release are:

  • Asterisk 12 Support Allow a system to run both chan_sip and pjsip
    • Allow Extensions to be able to be switched between the two
    • Added an Asterisk Rest Interface Manager module to add users to be able to utilize Asterisk’s new Rest Interface
  • New User Control Panel that replaces ARI “UCP” (Please check online and download the module *after* upgrading to FreePBX 12)
    • Presence
    • Call History
    • Widgets/RSS Feeds
    • Modular design allows FreePBX hook into UCP
    • Settings
      • Find Me/Follow Me
      • VmX Locator
      • Call Waiting
      • Call Forwarding
      • Do Not Disturb
      • Voicemail
      • WebRTC
      • Conference Pro
      • Fax Pro
      • SMS Support in UCP for SIPStation customers  
  • Brand New Dashboard
  • Updates to Module admin 
  • CDR Reports now support html5 playback, no need to have quicktime player
  • Parking now supports direct slot parking (Meaning you can transfer a call directly into a slot)
  • Secure Module Signing (http://wiki.freepbx.org/display/F2/Module+Signing)

The full list of features can be viewed here: http://wiki.freepbx.org/display/DC/12+Planned+Changes+and+Features 

The requirements for FreePBX 12 are simple:

  • Asterisk 1.8 through 13
  • PHP 5.3.3 or higher

Upgrade and Download Plans

The easiest way to get access to the Release Candidate is by downloading the FreePBX Distro at http://schmoozecom.com/distro-download.php and following the steps in http://wiki.freepbx.org/display/HTGS/1.+Install+FreePBX. You can also download the tarball of just FreePBX manually from http://www.freepbx.org/download-freepbx and run through the setup processes documented in http://wiki.freepbx.org/display/HTGS/Version+12.0+Installation.

Andrew – On Behalf of the FreePBX Team!