[Vtigercrm-developers] Vtiger CRM Open Source – Security Patch for 5.4.0 and 6.0.0

Prasad prasad at vtiger.com
Mon Sep 15 12:58:19 GMT 2014


Can you share the CRM setup on which you applied the patch?

*Connect with us on: *Twitter <http://twitter.com/vtigercrm> *I* Facebook
<http://www.facebook.com/pages/vtiger/226866697333578?sk=wall> *I* Blog
<https://blogs.vtiger.com/>* I* Wiki
<http://wiki.vtiger.com/index.php/Main_Page> *I *Forums
<https://discussions.vtiger.com>*I* Website <https://www.vtiger.com/>

On Mon, Sep 15, 2014 at 6:20 PM, SIAM Translations <
info at siam-translations.com> wrote:

> applied patch to 6.0 and got: {"success":false,"error":{"code":"Illegal
> request","message":"Illegal request"}}
> Can do nothing right now. Any clue?
>
> Andrew Smith
>
>
> On Mon, Sep 15, 2014 at 6:12 PM, Prasad <prasad at vtiger.com> wrote:
>
>> Dear members,
>>
>> If you’re using Vtiger CRM Open Source versions 5.4.0 or 6.0.0, we
>> recommend that you apply the below listed security patch to plug up a CSRF
>> vulnerability that was recently discovered.
>>
>> We would like to thank the numerous security organizations that
>> identified and reported the issue to us. We would also like to extend our
>> thanks to Sanehdeep Singh at ControlCase International Pvt. Ltd for direct
>> assistance with isolating and fixing the issue.
>>
>> You can download the security patch here:
>>
>>    - vtigercrm-600-security-patch3.zip
>>    <http://sourceforge.net/projects/vtigercrm/files/vtiger%20CRM%206.0.0/Core%20Product/vtigercrm-600-security-patch3.zip/download>
>>    - VtigerCRM540_Security_Patch4.zip
>>    <http://sourceforge.net/projects/vtigercrm/files/vtiger%20CRM%205.4.0/Core%20Product/VtigerCRM540_Security_Patch4.zip/download>
>>
>> Regards,
>> Vtiger Team
>>
>> *Connect with us on: *Twitter <http://twitter.com/vtigercrm> *I* Facebook
>> <http://www.facebook.com/pages/vtiger/226866697333578?sk=wall> *I* Blog
>> <https://blogs.vtiger.com/>* I* Wiki
>> <http://wiki.vtiger.com/index.php/Main_Page> *I *Forums
>> <https://discussions.vtiger.com>*I* Website <https://www.vtiger.com/>
>>
>> _______________________________________________
>> http://www.vtiger.com/
>>
>
>
> _______________________________________________
> http://www.vtiger.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20140915/6594e81a/attachment-0001.html>


More information about the vtigercrm-developers mailing list