Vtiger 5.4.0 Security Patch Released

***April 2nd, 2012 UPDATE: Some users may experience performance issues after applying the security patch below. If you do experience performance issues, please download and apply this patch after applying the security patch. As many of you are aware, Vtiger CRM Open Source 6.0 is still under development and is slated for a May release. For those currently using Vtiger CRM Open Source 5.4, we would like to recommend applying a new security patch, which fixes a series of vulnerabilities reported by Mr. Nick Freeman from security-assessment.com and Mr. Egidio. The patch covers the following discovered vulnerabilities: Local File Inclusion Local File Deletion SQL Injection PHP Code Injection Cross site scripting Arbitrary File Upload Authentication Bypass vulnerabilities(SOAP API’s) 1. Before deploying the patch It is essential to have an available backup of your Vtiger installation in the result of any errors. To do this, create a copy of the entire Vtiger folder, and place it in a different location. As there is no database change in this particular case, a database dump is unnecessary. 2. Obtaining the patch files Download the patch files from: SourceForge Vtiger Link 3. Upload the patch files to your Vtiger CRM 5.4.0 folder 4. Extract the patch files to that directory, overwriting any files as necessary
newest oldest most voted
Notify of
Pablo HP
Guest
Pablo HP

Hello

I have version 5.4 of the open source vtiger.
I never upgraded to version 5.4 of my vtiger before.
I think that since the launch I never even installed an update.

Today I found your blog on the suggestion of installing the security update

Can you tell me if there were others before this update?
Can you tell me if this installation contains all updates released to date?
Can you tell me how do I know which version of my Vtiger (not 5.4, obviously)?

I’m anxious for version 6.0, but as they say, everything is good and cheap it is time consuming.

Thanks if you can help me.

Tom
Guest
Tom

I installed the patch yesterday and afterwards I recognized that vtiger is now very slow in loading the pages. In this way it isn’t usable and I’ve to do a rollback. Anyone who discovered the same behaviour?

Bye
Tom

Pablo
Guest
Pablo

Yes, same problem here, it slowed down the site.

Mitch
Guest
Mitch

Yes, way to slow to be a productive application….

Nicolas
Guest
Nicolas

Yes, I have exactly the same problem !

Kieran Kay
Guest
Kieran Kay

My most sincere apologies for the delay – and thank you all for chiming in and leaving feedback. In our initial testing we didn’t run into the problems that you faced and apologize for pushing the security patch out without catching that. We were recently able to replicate the issues being seen and have released a performance patch here:

http://sourceforge.net/projects/vtigercrm/files/vtiger%20CRM%205.4.0/Core%20Product/VtigerCRM-5.4.0-Performance_Patch.zip/download

If you still experiencing any problems after applying the patch, please leave a comment and we’ll dive in even deeper to see what’s wrong. Alternatively, if the patch does solve the issue please do also leave a comment. We try to test as many scenarios as we can but unfortunately can’t replicate every instance. Thank you all very much for your patience!

Pablo
Guest
Pablo

Hi, I’ve just tried to download the file but i get the following message:
“The “/vtiger CRM 5.4.0/Co..erformance_Patch.zip” file could not be found or is not available. Please select another file”
Please help, it is really slow

Tom
Guest
Tom

@Kay: Thanks for providing the performance patch. I applied the pach succesfully resulting in a little faster behaviour. But compared to the initial speed of the fresh and probably insecure installation of vtiger this is a big difference, because it was much faster at the beginning. I guess I’ve to wait at vtiger 6.
But thanks again for the very fast developing of the improvement patch.

Tom

trackback
Vtiger 5.4.0 Security Patch Released » The Official Vtiger CRM Blog | Mobile, Web and Software Development Company | Scoop.it

[…] April 2nd, 2012 UPDATE: Some users may experience performance issues after applying the security patch below. If you do experience performance issues, please download and apply this patch after applying the security patch.  […]

Naresh
Guest
Naresh

@Kay: Am not able to download Performance Patch, but i noticed Security Patch Updated 7 Hours ago, does it means Security Patch merged with Performance Patch.

Pablo
Guest
Pablo

Ok, finally got this working, the new security release has the performance integrated,
Thanks for fixing this.

Przemysław Staniszewski
Guest
Przemysław Staniszewski

Hey

After unpack security patch javascript stop working. Nothing happens after clicking icons in the top right corner or clicking More on toolbar.

Do I need reload some cache or what?

Best Regards

Google Maps integration with vtiger blog banner

Find the Quickest way to reach Client Location with Google Maps and Vtiger CRM Integration

Hello Folks! Welcome back to Boost Productivity with Google Workspace Integration blog series. We appreciate your patience for being loyal and committed to our integration ...
Building an Effective Team

8 Techniques for Building an Effective Team

“Coming together is the beginning. Keeping together is progress. Working together is success.” - Henry Ford. The above quote beautifully describes the importance of working ...
Office outfit blog banner

9 Reasons Why You Should Dress Well For Work

Do you get confused and stressed when choosing your work outfit? You have probably heard multiple times how important it is to dress appropriately for ...
Vtiger + Google Drive Integration Banner

Upload and link Documents Smartly with Google Drive and Vtiger CRM Integration

Hello Folks! Welcome back to Boost productivity with Google Workspace integration blog series. We hope you are able to gain knowledge about Google Workspace integration ...
Overcoming Challenges in the Workplace 2

6 ways of Overcoming Challenges in the Workplace

John T talks about the challenges he faced in his first job and how he overcame them. 'In one of my first job roles, I ...
Google meet Integration 1

Leverage Google Meet Integration with Vtiger CRM to Share Meeting Links Instantly from Different Modules

Hello Folks! Welcome back to Boost productivity with Google Workspace integration series. In this blog, we will be discussing the features and benefits of integrating ...
Vtiger + Google Contacts Integration

Export and Import data Seamlessly with Google Contacts and Vtiger CRM Integration

Hello Folks! Hope you have been following our Boost productivity with Google Workspace integration series. The previous two blogs were about Google Workspace integration and ...
Gmail Integration 3

Get a 360-Degree Customer view from Gmail Integration with Vtiger CRM

Hello Folks! Welcome back to Boost Productivity with the Google Workspace integration series. Hope you have read the previous blog which gives you a glimpse of ...
Google Workspace Banner

Leverage Google Workplace and Increase Productivity

Hello Folks! We are back again with yet another blog series - Boost Productivity with Google Workspace Integration. In this series, we will be covering the ...
Checklist Blog Banners-031

Eight benefits of using checklists at work

My mother used to create checklists all the time - for her groceries, monthly expenses, shopping, and so on. Her travel checklists were legendary. Depending ...
loading
Copyright 2022 Vtiger | Privacy | Policy & Legal Center