There is a new version of the 1.10 series, specifically the stable 1.10.4 Security Update. You can get this version via github or at https://osticket.com/download. It features some improvements/bug fixes, and an important security update.
This includes the not previously available for download bug fix versions on osticket.com. Here is a list of the changes:
v1.10.4
Enhancements
- issue: Auto-Assignment Log (#4316)
- issue: Language Pack Locale Mismatch (#4326)
- issue: CLI Deploy Missing Bootstrap (#4332)
- issue: User Import No Email (#4330)
- issue: Ticket Lock On Disable (#4335)
Performance and Security
v1.10.3
Enhancements
- issue: Org. User Account Status (#4219)
- upgrader: Flush Cache On Upgrade (#4227)
- issue: Outlook _MailEndCompose (#4206)
- issue: Files – deleteOrphans() (#4253)
- issue: Fix imap_open Disable Authenticator (#4195)
- Check permissions before displaying Close Task (#4177)
Performance and Security
- issue: Information Page Performance (#4275)
- issue: Prevent Click Jacking (#4266)
- orm: queryset: Fix circular reference error (#4247)
v1.10.2
Performance and Security
- Prevent Account Takeover (be0133b)
- Prevent Agent Directory XSS (36651b9)
- Httponly Cookies (5b2dfce)
- File Upload Bypass (3eb1614)
- Only allow image attachments to be opened in the browser window (4c79ff8)
- Fix randNumber() (5b8b95a)
- CSRF in users.inc.php URL (285a292)
- AJAX Reflected XSS (e919d8a)
The long awaited Release Candidate for 1.11 has also been released. 1.11rc-1 is available for download on the osticket.com site. This is not a Stable Release and should not be run in a production environment!
The Official Blog post about this is here: https://www.osticket.com/blog/126
Notice: osTicket 1.9 series has reached end of life, it's no longer being maintained. Users are highly encouraged to upgrade to the latest release of 1.10 series.