Updating osTicket 1.10.x to 1.10.4

I have just upgraded a clone of one of my production sites and there is no database update beween 1.10.x when upgrading to 1.10.4.  You should be able to follow any of my previous upgrade guides and do not expect the database upgrader to run.  This means that upgrading is as easy as dropping the new files over the old ones.   Please keep in mind that you should really back up the site and your database first just in case.

osTicket 1.9.x reaches end of life

There were two very important pieces of information in yesterdays Blog post over on osticket.com above and beyond the normal "Hey these new versions have been released".  If you haven't read the Blog post yet it is here: http://www.osticket.com/blog/126

First and foremost is that the 1.9 tree has reached it's end of life and is no longer being supported or maintained.  The devs highly recomnend that you upgrade immediately.  Historically osTicket has only supported two versions at a time so this tells me they expect 1.11 to be made stable quite quickly.

Secondly the tired and old wiki has been retired and been replaced with a brand new re-written Documentation Site.  You can get to the new site by clicking Docs on the osTicket site, or go there directly at: https://docs.osticket.com/

The release schedule slowed down for a while there, but things seem to have finally gotten back on track.  I'm really looking forward to some of the things that I have heard about in the pipeline and will share them as soon as I can!

osTicket v1.10.4 Security Update and 1.11-rc1 Released!

There is a new version of the 1.10 series, specifically the stable 1.10.4 Security Update. You can get this version via github or at http://osticket.com/download. It features some improvements/bug fixes, and an important security update.

This includes the not previously available for download bug fix versions on osticket.com. Here is a list of the changes:

v1.10.4

Enhancements

  • issue: Auto-Assignment Log (#4316)
  • issue: Language Pack Locale Mismatch (#4326)
  • issue: CLI Deploy Missing Bootstrap (#4332)
  • issue: User Import No Email (#4330)
  • issue: Ticket Lock On Disable (#4335)

Performance and Security

  • security: Fix Multiple XSS Vulnerabilities (#4331)
  • department: Error Feedback (#4331)

v1.10.3

Enhancements

  • issue: Org. User Account Status (#4219)
  • upgrader: Flush Cache On Upgrade (#4227)
  • issue: Outlook _MailEndCompose (#4206)
  • issue: Files – deleteOrphans() (#4253)
  • issue: Fix imap_open Disable Authenticator (#4195)
  • Check permissions before displaying Close Task (#4177)

Performance and Security

  • issue: Information Page Performance (#4275)
  • issue: Prevent Click Jacking (#4266)
  • orm: queryset: Fix circular reference error (#4247)

v1.10.2

Performance and Security

  • Prevent Account Takeover (be0133b)
  • Prevent Agent Directory XSS (36651b9)
  • Httponly Cookies (5b2dfce)
  • File Upload Bypass (3eb1614)
  • Only allow image attachments to be opened in the browser window (4c79ff8)
  • Fix randNumber() (5b8b95a)
  • CSRF in users.inc.php URL (285a292)
  • AJAX Reflected XSS (e919d8a)
 
The long awaited Release Candidate for 1.11 has also been released.  1.11rc-1 is available for download on the osticket.com site.  This is not a Stable Release and should not be run in a production environment!
 
The Official Blog post about this is here: http://www.osticket.com/blog/126
 
Notice: osTicket 1.9 series has reached end of life, it's no longer being maintained. Users are highly encouraged to upgrade to the latest release of 1.10 series.