Results 1 to 4 of 4

Thread: Secunia is reporting Sugar vulnerabilities

  1. 2009-11-27, 12:45 PM #1
    salesagility's Avatar
    salesagility
    salesagility is offline Sugar Community Member
    Send a message via Skype™ to salesagility
    Join Date
    Aug 2006
    Location
    UK
    Posts
    2,379

    Default Secunia is reporting Sugar vulnerabilities

    http://secunia.com/advisories/37464/

    Anyone have any thoughts on these ... were they closed in 5.2(h)?
    Apache/2.2.3 (Debian) PHP/5.2.0-8+etch11 MySQL 5.0.32

    SalesAgility.com - SugarCRM Experts (UK)

    Authors of Advanced OpenSales - Open Source Quotations, Invoices, Products and Contracts modules for SugarCRM Community Edition - Download here
    Reply With Quote Reply With Quote
  2. 2009-11-27, 01:13 PM #2
    mikesolomon
    mikesolomon is offline Sugar Community Member
    Join Date
    Feb 2008
    Location
    UK
    Posts
    1,467

    Default Re: Secunia is reporting Sugar vulnerabilities

    According to the report
    The vulnerabilities are reported in versions 5.2.0j and 5.5.0.RC2. Other versions may also be affected
    I tried to reproduce it on my dev site which is 5.2j with no success

    reading the report again I see they say it is fixed in k - looks like I'd better upgrade
    Last edited by mikesolomon; 2009-11-27 at 01:20 PM.
    Mike Solomon
    Development Manager
    Ivy Ltd
    www.ivy.ltd.uk]www.ivy.ltd.uk

    php version 5.2.6
    MySql 5.1.59
    Reply With Quote Reply With Quote
  3. 2009-11-28, 04:48 PM #3
    clint's Avatar
    clint
    clint is offline Sugar Team Member | Forums Lead Moderator
    Join Date
    Aug 2004
    Location
    Silicon Valley
    Posts
    2,120

    Default Re: Secunia is reporting Sugar vulnerabilities

    The security vulnerabilities reported by Secunia found in Sugar 5.x are fixed in Sugar 5.2.0k and later and in Sugar 5.5 RC4 and later. We recommend all Sugar system be upgraded to the latest release to protect against any security vulnerabilities.
    Sugar Developer Zone - developer resources | Sugar University - user and admin training
    Sugar Docs - user and admin documentation |     Sugar Bug Tracker - Enter or view bugs
    SugarForge- open source modules, themes, lang packs | SugarExchange - commercial extensions

    Clint Oram
    Chief Technology Officer and Co-founder
    SugarCRM
    Reply With Quote Reply With Quote
  4. 2009-11-29, 04:56 AM #4
    salesagility's Avatar
    salesagility
    salesagility is offline Sugar Community Member
    Send a message via Skype™ to salesagility
    Join Date
    Aug 2006
    Location
    UK
    Posts
    2,379

    Default Re: Secunia is reporting Sugar vulnerabilities

    Quote Originally Posted by clint View Post
    The security vulnerabilities reported by Secunia found in Sugar 5.x are fixed in Sugar 5.2.0k and later and in Sugar 5.5 RC4 and later. We recommend all Sugar system be upgraded to the latest release to protect against any security vulnerabilities.
    Thank you for the fast response and good to know that you're ahead of the game!
    Apache/2.2.3 (Debian) PHP/5.2.0-8+etch11 MySQL 5.0.32

    SalesAgility.com - SugarCRM Experts (UK)

    Authors of Advanced OpenSales - Open Source Quotations, Invoices, Products and Contracts modules for SugarCRM Community Edition - Download here
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Warning: JotPad Vulnerabilities
    By chad.hutchins in forum Developer Help
    Replies: 3
    Last Post: 2008-10-27, 06:37 PM
  2. more information on vulnerabilities?
    By niels in forum Help
    Replies: 1
    Last Post: 2006-09-18, 10:53 AM
  3. Is there any reporting on Sugar Open source??
    By baydreamer in forum General Discussion
    Replies: 12
    Last Post: 2006-08-17, 08:40 PM
  4. Sugar Pro - Reporting module - Feedback to Sugar
    By cbierwerth in forum General Discussion
    Replies: 2
    Last Post: 2006-08-13, 07:13 AM
  5. SugarSales Multiple Remote Vulnerabilities
    By erSitzt in forum Help
    Replies: 0
    Last Post: 2004-12-28, 10:15 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules