SugarCRM has released version 18.104.22.168 for all commercial editions. The 22.214.171.124 release is available for download to On-Site customers and is being automatically applied to On-Demand instances running an earlier version of Sugar.
Sugar 126.96.36.199 is a security update released to address certain security vulnerabilities identified during our routine QA checks.
We strongly recommend that you install this update at the earliest opportunity. While we have not experienced any reported incidents relating to these vulnerabilities to date, failure to install this update could leave you exposed to malicious third-party attacks. For more information regarding this, please refer to the following Security Advisory announcements:
- Security Advisory sugarcrm-sa-2017-006 : Authenticated users may cause arbitrary SQL to be executed.
- Security Advisory sugarcrm-sa-2017-007 : Authenticated users may access system files.
- Security Advisory sugarcrm-sa-2017-008 : Unauthenticated users may cause arbitrary code to be executed.
These vulnerabilities have been addressed in release 188.8.131.52 which is available for download from the Download Manager.
Administrators are strongly encouraged to upgrade their Sugar instances running 184.108.40.206 and prior to version 220.127.116.11 to prevent potential exploitation of these weaknesses.
The following issues have been resolved in this release. Support Portal users can use the following links for more details about each issue:
- 75304 : Report filters based on fiscal quarters do not respect the fiscal year start date configured via the Forecasts module.
- 77730 : The SOAP API call
get_document_revision()fails to return documents as expected.
- 78080 : Users assigned a role with Edit permission set to “Owner” may be improperly restricted from duplicating reports.
- 79000 : Dependent dropdown fields may incorrectly display when the selected parent dropdown value has no child values enabled.
- 79177 : The Adobe EchoSign e-Signatures for SugarCRM integration version 1.78 and higher may not pass the health check as expected for upgrade.
For information about what is new in 7.9, please reach out to our team… Contact Us