Vtiger 5.4.0 Security Patch Released

***April 2nd, 2012 UPDATE: Some users may experience performance issues after applying the security patch below. If you do experience performance issues, please download and apply this patch after applying the security patch. As many of you are aware, Vtiger CRM Open Source 6.0 is still under development and is slated for a May release. For those currently using Vtiger CRM Open Source 5.4, we would like to recommend applying a new security patch, which fixes a series of vulnerabilities reported by Mr. Nick Freeman from security-assessment.com and Mr. Egidio. The patch covers the following discovered vulnerabilities: Local File Inclusion Local File Deletion SQL Injection PHP Code Injection Cross site scripting Arbitrary File Upload Authentication Bypass vulnerabilities(SOAP API’s) 1. Before deploying the patch It is essential to have an available backup of your Vtiger installation in the result of any errors. To do this, create a copy of the entire Vtiger folder, and place it in a different location. As there is no database change in this particular case, a database dump is unnecessary. 2. Obtaining the patch files Download the patch files from: SourceForge Vtiger Link 3. Upload the patch files to your Vtiger CRM 5.4.0 folder 4. Extract the patch files to that directory, overwriting any files as necessary
Sort by:   newest | oldest | most voted
Guest
Pablo HP
6 years 3 months ago

Hello

I have version 5.4 of the open source vtiger.
I never upgraded to version 5.4 of my vtiger before.
I think that since the launch I never even installed an update.

Today I found your blog on the suggestion of installing the security update

Can you tell me if there were others before this update?
Can you tell me if this installation contains all updates released to date?
Can you tell me how do I know which version of my Vtiger (not 5.4, obviously)?

I’m anxious for version 6.0, but as they say, everything is good and cheap it is time consuming.

Thanks if you can help me.

Guest
Tom
6 years 3 months ago

I installed the patch yesterday and afterwards I recognized that vtiger is now very slow in loading the pages. In this way it isn’t usable and I’ve to do a rollback. Anyone who discovered the same behaviour?

Bye
Tom

Guest
Pablo
6 years 3 months ago

Yes, same problem here, it slowed down the site.

Guest
Mitch
6 years 3 months ago

Yes, way to slow to be a productive application….

Guest
Nicolas
6 years 3 months ago

Yes, I have exactly the same problem !

Guest
Kieran Kay
6 years 3 months ago

My most sincere apologies for the delay – and thank you all for chiming in and leaving feedback. In our initial testing we didn’t run into the problems that you faced and apologize for pushing the security patch out without catching that. We were recently able to replicate the issues being seen and have released a performance patch here:

http://sourceforge.net/projects/vtigercrm/files/vtiger%20CRM%205.4.0/Core%20Product/VtigerCRM-5.4.0-Performance_Patch.zip/download

If you still experiencing any problems after applying the patch, please leave a comment and we’ll dive in even deeper to see what’s wrong. Alternatively, if the patch does solve the issue please do also leave a comment. We try to test as many scenarios as we can but unfortunately can’t replicate every instance. Thank you all very much for your patience!

Guest
Pablo
6 years 3 months ago

Hi, I’ve just tried to download the file but i get the following message:
“The “/vtiger CRM 5.4.0/Co..erformance_Patch.zip” file could not be found or is not available. Please select another file”
Please help, it is really slow

Guest
Tom
6 years 3 months ago

@Kay: Thanks for providing the performance patch. I applied the pach succesfully resulting in a little faster behaviour. But compared to the initial speed of the fresh and probably insecure installation of vtiger this is a big difference, because it was much faster at the beginning. I guess I’ve to wait at vtiger 6.
But thanks again for the very fast developing of the improvement patch.

Tom

Guest

[…] April 2nd, 2012 UPDATE: Some users may experience performance issues after applying the security patch below. If you do experience performance issues, please download and apply this patch after applying the security patch.  […]

Guest
Naresh
6 years 3 months ago

@Kay: Am not able to download Performance Patch, but i noticed Security Patch Updated 7 Hours ago, does it means Security Patch merged with Performance Patch.

Guest
Pablo
6 years 3 months ago

Ok, finally got this working, the new security release has the performance integrated,
Thanks for fixing this.

Guest
Przemysław Staniszewski
6 years 2 months ago

Hey

After unpack security patch javascript stop working. Nothing happens after clicking icons in the top right corner or clicking More on toolbar.

Do I need reload some cache or what?

Best Regards

wpDiscuz
GMQ

Vtiger recognized as a Niche player in Gartner 2019 Magic Quadrant for Sales Force Automation

Gartner has released its June 2019 report, “Magic Quadrant for Sales Force Automation” and we are happy to announce that Vtiger has been recognized amongst ...
Getting_ready_for_AI

How can you be prepared to ride the AI wave

Artificial intelligence(AI) is here to stay and it will transform the way you sell. From managing online conversations on websites to analysing massive amount of ...
AI_replace_salesrep

Will Artificial Intelligence replace sales reps

Artificial intelligence(AI) is here to stay and it will transform the way you sell. From managing online conversations on websites to analysing massive amount of ...
May6-AI-blog

Why is Artificial Intelligence becoming indispensable in sales

Sales teams cannot afford delayed response times, context-agnostic recommendations, or time spent on administrative activities. This is where AI becomes critical in sales. According to ...
Vtiger_Enrich_FI

Vtiger Enrich: a nifty tool to boost your social prospecting efforts and enrich customer data

If social prospecting is a part of your lead generation tactic (if it’s not, you should start now!), then we have good news. You can now ...
Gartner_peer_insights_2019

Vtiger recognized as a 2019 Gartner Peer Insights Customers’ Choice for Sales Force Automation

We are excited to announce that we have been named a Gartner’s 2019 Peer Insights Customers’ Choice for Sales Force Automation. This is the second ...
Vtiger_grid_leader

Vtiger recognized as a Leader in G2 Crowd Grid® for All-in-one CRM

We are proud to announce that G2 Crowd, a trusted review site for business technology, has named Vtiger a leader in the All-In-One CRM category ...
AI in sales FI1

AI in Sales: What you need to know to ride the coming wave

Artificial intelligence(AI) is here to stay and it will transform the way you sell. From managing online conversations on websites to analysing massive amount of ...
Building-CRM-business-case

How to build a successful business case for CRM

Let’s face it—sometimes you have the solution to a business problem, but your management just won’t listen. Perhaps, you’re using spreadsheets to keep track of ...
Apr8th-Explore-CRM

How to choose the best CRM for your business

There are hundreds of CRMs in the market today. While a few CRMs are designed to work in any industry, the others are designed for ...
loading
Copyright 2018 Vtiger | Privacy Policy