osTicket v1.10.1 Security Update Released!

There is a new version of the 1.10 series, specifically the stable 1.10.1 Security Update. You can get this version via github or at http://osticket.com/download. It features some improvements/bug fixes, and an important security update. Here is a list of the changes:

Enhancements

  • Users: Support search by phone number
  • i18n: Fix getPrimaryLanguage() on non-object (#3799)
  • Add TimezoneField (#3786)
  • Chunk long text body (#37577b68c99)
  • Spyc: convert hex strings to INTs under PHP 7 (#3621)
  • forms: Proper Field Deletion
  • Move orphaned tasks on department deletion to the default department (42e2c55)
  • List: Save List Item Abbreviation (8513f13)

Performance and Security

  • XSS: Encode html entities of advanced search title (#3919)
  • XSS: Encode html entities of cached form data (#3960bcd58e8)
  • ORM: Addresses an SQL injection vulnerability in ORM lookup function (#39591eaa691)

 

Those still using the 1,9 series will be happy to see that there is also a new 1.9.16 release also.