Released 05/02/2024
From this release forward there is a now an out of the box ElasticSearch Scheduler Job. The purpose of this job is to run an ElasticSearch Index. This will not be automatically added on upgrade due to backwards compatibility, however can be enabled via Admin page → Repair → Repair Schedulers.
PR: 10265 - Fix #5392 - My Filters doesn`t show up on Project Tasks
PR: 10295 - Fix #10242 - Mass Security Group Assignment fails when multiple items from the same page are chosen
PR: 10296 - Fix #10296 - Add duplication logic check on run_when Always
PR: 10297 - Fix #9453 - User 'delete' option missing from menu
PR: 10306 - Fix 5906 - Currency symbol for currency field in popup is always default
PR: 10301 - Fix 10234 - Enum-type fields may have their values reset to their defaults, if they have non-blank defaults
PR: 10299 - Fix #9853 - The "Case Macro" field now appears empty by Default
PR: 10312 - Fix #10312 - Group External Connection Changing type on edit
PR: 10313 - Fix #10313 - Remove unused line in repair
PR: 10293 - Fix 9858 - "Distribution Method" is not retained on Editview Load
PR: 10281 - Fix #10093 - Results are not filtered in the Targets Module popup
PR: 10278 - Fix #6397 - Studio: Reset Module: Remove Custom Fields
PR: 10314 - Fix #10314 - disabling active languages
PR: 10283 - Fix #10283 - When selecting an Outbound Email Account, From/Reply Information should autopopulate for user convenience
PR: 10308 - Fix #10307 - Retrieve object name via beanfactory
PR: 10275 - Fix #10207, #10209 - Multiple Elasticsearch indexing issues
Special thanks to the following members for their contributions and participation in this release!
Please visit the official website to find the appropriate upgrade package.
To report any security issues please follow our Security Policy and send them directly to us via email security@suitecrm.com
Released 14/11/2023
CVE: CVE-2023-6130 - LFI to RCE Vulnerability
CVE: CVE-2023-6128 - Reflected XSS Vulnerability
CVE: CVE-2023-6131 - Arbitrary File Upload to RCE
CVE: CVE-2023-6127 - Import XSS Vulnerability
CVE: CVE-2023-6126 - Dashlet HTML Injection Vulnerability
CVE: CVE-2023-6125 - PDF XSS Vulnerability
CVE: CVE-2023-6124 - SSRF Vulnerability
PR: 10253 - Fix #10252 - Google Maps Geocoded Counts not displaying properly
PR: 10248 - Fix #9537 - Activity subpanel isn’t working in a module with a parent_type / flex relate field
PR: 10241 - Fix #9898 - Invalid cookie domain when using non-standard HTTP Port
PR: 9522 - Fix #9435 - Dropdown doesn’t return empty selected value
PR: 10246 - Fix #10246 - non-admin’s outbound email link not showing
PR: 10220 - Fix #10220 - Add Email Body Filtering Selection
PR: 10212 - Fix #10199 - PHP Fatal error: Uncaught Error: Non-static method SugarWidgetReportField::_get_column_select()
PR: 10206 - Fix #10205 - Compatibility hotfix for PHP 8 in ActivitiesRelationship.php
PR: 10201 - Fix #9950 editing Email settings drops TLS SSL selection
PR: 10160 - Fix #10159 - Accounts - Not able to search by fax on 'Any Phone' search field
PR: 10143 - Fix #10143 - Update ready.php change checking of upload max filesize from > to >=
PR: 10122 - Fix #10115 - Wokflow Calculate Action broken under PHP8
PR: 10114 - Fix #10114 - parameter userTime method in class TimeDate
PR: 10049 - Fix #10049 - Relationship::delete expects a string
PR: 10028 - Fix #10028 - Allow workflow to send plain text emails
PR: 10027 - Fix #10027 - Respect wildcard in front when searching a full name in basic search
PR: 9881 - Fix #9880 - Error when importing currency fields with a decimal separator
PR: 9524 - Fix #9440 - Forcing default null value for numeric core fields
PR: 9459 - Fix #9456 - choose email provider does not populate SMTP settings
PR: 9413 - Fix #9412 - Wrong email value displayed when aborting an inline edition
Unify jquery versions
Special thanks to the following members for their contributions and participation in this release!
Special thanks to everyone who reported the security issues addressed in this release!
navsec, Christoph Timm, nam-no, Shahzaib Ali Khan, Alex Bernier
Please visit the official website to find the appropriate upgrade package.
To report any security issues please follow our Security Process and send them directly to us via email security@suitecrm.com
Released 03/10/2023
PR: 9806 - Fix #9805 - Use timezone offset for datetime only
PR: 9726 - Fix #9725 - Date field value isn’t saved in a Workflow action related module
PR: 10132 - Fix #10131 - Fix issue with file mode changes not being applied on cache rebuild
PR: 10110 - Fix #10109 - Add displayParams.initial_filter to Parent
PR: 9996 - Fix #8939 - Fix Static call to non-static method in AOW_WorkFlow
PR: 10005 - Fix #9574 - Avoid calling method in a static way
PR: 10058 - Fix #5390 - Redundant message when duplicating a survey
PR: 10130 - Fix #10129 - Fix issue with step 2 & 3 on the importer failing
PR: 10092 - Fix #9062 - Studio layout changes not being reflected
PR: 10016 - Fix #5712 - Alerts in the menu bar are not displayed with Night theme
PR: 10158 - Fix #10157 - Numbering display issue on subpanels
PR: 10064 - Fix #3842 - Vertical Scroll bar missing in Studio Layouts
PR: 10063 - Fix #2111 - Hover over favorites item, shows module name, not label
PR: 10079 - Fix #3050 - AOW: dropdown lists is not updating (calclulate field & modified record action)
PR: 9997 - Fix #8359 - Fix Contract renewal reminder title is hardcoded
PR: 10020 - Fix #10020 - Issue with missing label on Contact Module
PR: 10195 - Fix #10195 - dropdown keys are not the same type
PR: 10060 - Fix #10060 - User preferences detail-view template issues
PR: 10120 - Fix #10120 - Inbound Email Issues
PR: 9941 - Fix #9941 - Remove sugar pro flavor
Special thanks to everyone who reported security issues addressed in this release!
Josh Lees & Robert Stokes(Illume Security), Zilio Nicolas from CrowdStrike
Special thanks to the following members for their contributions and participation in this release!
Please visit the official website to find the appropriate upgrade package.
To report any security issues please follow our Security Process and send them directly to us via email security@suitecrm.com
Released 29/08/2023
The minimum php version has been updated to php 8.1. The supported versions are now php 8.1 and 8.2.
To visit the SuiteCRM 7.14.x Compatibility Matrix please see here.
Smarty, the templating engine used in SuiteCRM 7.x, has been upgraded to v4 which brings some minor performance improvements and better compatibility going forward.
This release brings a number of adjustments and updates in order to support PHP 8.2.
This includes:
Removal of deprecated functions/ features
Updated missing labels
Update functions to PHP 8.2 standard
Fixed Unit & Acceptance Tests
Executed Rector to clean up code
Fixed code to eliminate warnings from logs
Special thanks to the following members for their contributions and participation in this release!
Please visit the official website to find the appropriate upgrade package.
To report any security issues please follow our Security Process and send them directly to us via email security@suitecrm.com
Content is available under GNU Free Documentation License 1.3 or later unless otherwise noted.