Ameyo Contact Center - Patch Release Notes - Version 4.13.36

release details release date 2025 08 04 short description this patch introduces enhancements to the cm cdr history table for improved billing reports, validates vla storage mounting, includes security fixes for error handling and rate limiting, and addresses several bugs related to reporting and ui behavior highlights / summary cdr enhancement for billing added contact center id , crt object id , and call id columns to cm cdr history table to support detailed call leg reporting for billing purposes vla storage mounting validation tested and validated mounting external object storage (oci tested) for vla voice log storage using s3fs security fixes addressed improper error handling for csv uploads, removed patch flag dependency for a security fix, fixed improper access control vulnerability, and implemented rate limiting bug fixes resolved issues with duplicate entries in chat reports, ticket id display, negative talk time logging, rule engine events, and ui password masking component versions component build url ameyo server ameyo server 4 13 595 20250802 r 213005 linux gtk x86 64 rpm ameyo art ameyo art 4 13 92 20250801 r 212705 linux gtk x86 64 rpm system smart view app smart user app 100 0 135 r 54858 aaex note release details provided in the above table has the change only, other releases has no change and are same delivered in last patch cycle feature enhancements pi voip billing (en 143741) the cm cdr history table has been enhanced to support detailed, call leg–based reporting the newly introduced fields improve the traceability of each call leg across contact centers and routing configurations column name type description contact center id string/int identifier of the contact center where the call landed crt object id uuid/string call routing tree object id used in routing logic call id string unique call identifier used to group all call legs storage mounting in 4x vla (en 144138) this task involved validation and testing of the existing storage mounting configuration within the 4x vla environment, rather than implementing a new setup the test environment used oracle cloud infrastructure (oci) object storage as the cloud provider mounting was done using the s3fs utility with configuration parameters including bucket name and region the access mode for validation was set to ftp , and the mount path on the server was /home/testingandshared authentication was managed through access and secret keys securely stored in the passwd s3fs file appropriate permissions and access control were configured using allow other , umask , and use path request style options to ensure proper read/write access across dependent services the objective of this exercise was to validate that the mounted bucket is accessible by ameyo services (voicelog) for seamless voice log storage and retrieval video integration – media permission issue (en 143938) as part of crm integration and multimedia compatibility testing, validation was conducted to ensure smooth functioning of embedded iframe based video calls alongside ameyo audio calls the test involved embedding a webrtc enabled video iframe within the crm and initiating parallel audio streams—one via the embedded video call and another via the ameyo dialer key observations video and ameyo audio calls worked without issues when used independently during simultaneous operation, potential audio stream conflicts or merging were observed, influenced by the system’s configuration and audio handling behavior bugs fixes duplicate entries in chat detail report (sl 17275) resolved an issue where duplicate entries appeared in the chat detail report for a single chat session the problem occurred when a chat was transferred across multiple queues, resulting in multiple rows with the same chat id the report now correctly displays a single consolidated record per chat this issue has been fixed in the latest app server build incorrect ticket id in ticket summary/pdf view (sl 17273) previously, the html always contained the interactionid, which caused it to appear in the exported ticket header even when a customid was configured the html generation logic has been updated to prioritize the customid when available if no customid is configured, the interactionid will be displayed the issue has been resolved in this app server build negative agent talk time display (sl 17165) logs have been added in this release to assist in diagnosing cases where agents’ talk time appeared as negative to enable detailed tracing, activate trace logs for the following modules cc voicecampaign impl calculator callhistory cc voicecampaign impl calculator userdispositionhistory tickets missing after status rename (sl 17125) addressed an issue where tickets became invisible in the ui when a ticket status was renamed (for example, from “pending csd” to “csd”) the fix ensures that both internal state and external state fields are updated consistently during status renaming the issue has been resolved in this app server build rule engine timer precision (ga 15001) introduced a configurable flag, officehourspreviousdayslimit , to define the number of previous days considered for timer based rules during office hours lookups this flag is stored in the server preference store table configuration details query select from server preference store where key ilike '%officehourspreviousdayslimit%'; default value 7 days minimum value 0 (interpreted as 1 day) maximum value 30 days password policy reminder popup issue with secure login (sl 17301) fixed an issue that prevented agents from logging in after changing their passwords when both password policy enforcement and secure login were enabled with this fix, agents can now successfully log in under these conditions in the latest app server build monitoring data and reports feedback report showing duplicate data (sl 17153) resolved an issue where the feedback report displayed five duplicate rows instead of the expected two when multiple feedback entries were submitted for a single interaction to address this, an order by 1,2 clause was added to the crosstab source query, ensuring proper grouping by feedback id and correct ordering by question id this issue has been fixed in the latest art build incorrect data order in default calls quality report (sl 17239, ga 15189) in the calls quality report, qa parameters were previously listed alphabetically, causing misalignment between parameter sequence and intended scoring order this led to inaccurate interpretation of qa scores across campaigns the issue has been rectified—qa parameters in the report now follow the original configuration order, ensuring correct mapping between parameters and their respective scores nbr report clarifications (sl 17218) (ga 15122) fixed a display issue in which the crm page failed to reappear after navigating from the knowledge base (kb) page back to the customer tab the crm page now loads correctly during tab switching this issue has been resolved in the current app server build si apps smart user app – multiple issues (ser 2882) agent listing issue resolved an issue where agents did not appear in the listing screen when a poweruser remained logged in continuously without logging out the agent listing logic has been updated to exclude the poweruser role type, preventing listing failures under such conditions multi select filter issue fixed a problem with the “select all” checkbox functionality, which previously selected only the visible items on the current page after filters were applied the correction ensures that the “select all” action now applies to the entire filtered dataset security and performance updates vapt – improper error handling (ga 15082) the issue related to handling invalid csv uploads was re evaluated and found non reproducible under standard error scenarios the system now properly handles invalid file extensions at the ui level by displaying a toast notification indicating that only csv files are allowed this issue has been verified and fixed in the latest app server build vulnerabilities in 4 x code (sl 17090, ga 14986) a previous security fix requiring patch apply=true has been integrated directly, removing the flag dependency for this specific fix deployment teams must validate this configuration during rollout deployment note before or after applying the patch, ensure the following verify that patch apply = true in the system configuration parameter table manually update the value to true if not already set vapt – improper access control (ga 14865) addressed a reported vulnerability where authorization checks were not consistently applied before executing user operations, allowing actions to proceed regardless of user privileges authorization enforcement has been implemented, and the issue is fixed in this app server build rate limiting for 4 x app server (sl 17006, ga 14925) the vapt scan reported missing rate limiting controls, making the app server susceptible to excessive api requests the fix introduces a rate limiting mechanism where any subsequent requests made within one minute after the first successful request now return http error 429 – too many requests , confirming rate limit enforcement for improved api security limitations / known issues no new limitations identified in this patch browser and platform compatibility supported browsers chrome version 138 0 7204 169 (official build) (arm64) mobile apps no updates in this patch contact / support information for issues or queries, please contact ameyo support via the support portal or designated email channels