[Vtigercrm-developers] Vtiger CRM 6.4.0 - Security Patch (20160610) Release

socialboostdk socialboostdk at gmail.com
Wed Jun 15 09:58:44 GMT 2016


+1 we want all of them :)



On 15 June 2016 at 11:54, Alan Bell <alan.bell at libertus.co.uk> wrote:

> well this one is quite a cool new feature, allowing "current user" as an
> option in view filters so that people can create public views of "my stuff"
> that work for everyone
> http://code.vtiger.com/vtiger/vtigercrm/merge_requests/72
>
> this one makes links in workflow emails clickable in mail clients (it is
> sending html mails, if you don't wrap links in <a href then they are not
> links in modern mail clients)
> http://code.vtiger.com/vtiger/vtigercrm/merge_requests/72
>
> this one allows dates in reports to format correctly according to the user
> preference
> http://code.vtiger.com/vtiger/vtigercrm/merge_requests/39
>
> this one is quite a simple fix, but only applies if there are multiple
> uitype 10 fields linking to the users module
> http://code.vtiger.com/vtiger/vtigercrm/merge_requests/69
>
> this one is quite a simple spelling fix, not a big deal but should be easy
> to review the diff
> http://code.vtiger.com/vtiger/vtigercrm/merge_requests/74
>
> I remain rather concerned at using unsalted MD5 hash for portal passwords
> and to hash all the portal user passwords as part of the migration (don't
> run that script twice folks!)
>
> Alan.
>
>
> On 15/06/16 10:34, Prasad wrote:
>
> Alan,
>
> If there is a blocker one that need to be picked up - please mention the
> same here.
>
> --
> FB <http://www.facebook.com/vtiger> I Twit <http://twitter.com/vtigercrm>
>  I LIn <https://www.linkedin.com/company/1270573?trk=tyah> I Blog
> <https://blogs.vtiger.com> I Website <https://www.vtiger.com/>
>
> On Wed, Jun 15, 2016 at 2:44 PM, Alan Bell <alan.bell at libertus.co.uk>
> wrote:
>
>> so today is code freeze . . . I have 7 of the 19 outstanding merge
>> requests, will some of these make it in to the release?
>>
>> Alan.
>>
>>
>>
>> On 10/06/16 11:42, Prasad wrote:
>>
>> Dear members,
>>
>> We released a minor security patch for 6.4.0 (vtigercrm-640-20160610.zip
>> <https://sourceforge.net/projects/vtigercrm/files/vtiger%20CRM%206.4.0/Core%20Product/vtigercrm-640-20160610.zip/download>)
>> today.
>> Please download and unzip the same on your 6.4.0 installation.
>>
>> This patch addresses minor xss
>> <http://code.vtiger.com/vtiger/vtigercrm/issues/93> and non-admin access
>> control
>> <http://code.vtiger.com/vtiger/vtigercrm/commit/7cdf9941197b4aa58114eafce3ce88fb418eb68c> issues
>> shared by security advisories.
>> We take this opportunity to thank:
>>
>>    - Sebastian Haas - sebastianhaas.de
>>    - Tomotaka - JPCERT/CC for assisting us through the process.
>>
>> Further, we would like to keep you updated with 6.5.0 release plan:
>>
>>    - Jun 15th - Code freeze on 6.5.0
>>    - Jun 4th week - 6.5.0 GA Release
>>
>> Regards,
>> Prasad
>>
>>
>>
>> _______________________________________________http://www.vtiger.com/
>>
>>
>>
>> _______________________________________________
>> http://www.vtiger.com/
>>
>
>
>
> _______________________________________________http://www.vtiger.com/
>
>
>
> _______________________________________________
> http://www.vtiger.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20160615/6024b8f8/attachment.html>


More information about the vtigercrm-developers mailing list