7.13.x Releases

7.13.1

Released 25/01/2023

Assets

Release Notes

Documentation

  • SuiteCRM 7.13.1 now has an updated Email Compose From dropdown. This includes some styling and functionality changes. For more information see here.

Security

  • CVE: 2022-45185 - Improper Access Control

  • CVE: Pending - SQL Injection

  • CVE: Pending - Improper Access Control

  • CVE: Pending - Improper Access Control

  • CVE: Pending - Improper Access Control

  • CVE: Pending - Bypass Vulnerability

  • CVE: Pending - Vulnerability: Cross Site Scripting

Bug Fixes

  • PR: 9906 - Fix #9870 - Fix log level in ImapHandlerFactory

  • PR: 9905 - Close #9905 - Update email compose from dropdown

  • PR: 9904 - Fix 9879 - Fix inbound email errors on php 8

Community

Special thanks to everyone who reporting the security issues addressed in this release!

RIOUX Guilhem, Mark Hupperichs, Vautia, Benoit Luquet, crackcat

Special thanks to the following members for their contributions and participation in this release!

Please visit the official website to find the appropriate upgrade package.

To report any security issues please follow our Security Process and send them directly to us via email security@suitecrm.com

7.13.0

Released 20/12/2022

Assets

Enhancements

  • PR: 9839 - Close #9839 - Add OAuth connection to Inbound emails

  • PR: 9848 - Close #9848 - Add OAuth external providers module

  • PR: 9846 - Close #9846 - Add ACL Access Logic Hook

Bug Fixes

  • PR: 9802 - Close #9802 - Diagnostic Checkbox

  • PR: 9718 - Fix #9717 - Security Suite Group Selector doesn’t appear when duplicating records

  • PR: 9648 - Fix #9646 - Display TinyMCE in Campaigns Form Wizard

  • PR: 9643 - Fix #9574 - Update method to static for module renaming

  • PR: 9500 - Fix 9499 - Add View Survey Responses Menu item

  • PR: 9638 - Close #9683 - Elasticsearch indexing and searching using accented characters

  • PR: 9474 - Fix #9473 - Missing item "Survey" in campainglog_activity_type_dom

  • PR: 9844 - Close #9844 - ElasticSearch Indexing batch error handling

  • PR: 9770 - Fix #9568 - Ignore int len when comparing vardefs in newer MySQL versions

  • PR: 9786 - Close #9786 - Clear caches used by Inline Edition

  • PR: 9671 - Fix #9670 - Disabling the user profile option about notification of assignments does not work

In this release there has been an incredible update to Emails including the following;

Update External OAuth Connection Module

  • Add ExternalOAuthConnection module to allow getting access through OAuth from external providers.

  • Allow setting up Security groups for ExternalOuthConnections Emails.

  • Configure Microsoft connection provider using a configuration similar to the following:

OAuth Microsoft Connection

Updates to Inbound Emails Module

  • Update Inbound Email Views are now identical to other modules.

  • Allow the creation of Personal, Group and Bounce mail accounts through create/edit views.

  • Allow Security Groups to be set for Inbound Emails.

  • Allow the select between basic and oauth connection on Inbound Email create/edit views.

  • Allow selecting an external oauth connection as the connection to use for authenticating in Inbound Emails.

Inbound OAuth Configuration

  • Remove Inbound Email configuration from profile view.

Update Outbound Emails Module

  • Allow creating personal Outbound email accounts through Outbound Email module views.

  • Allow Security Groups to be set for Outbound Emails.

  • Remove Outbond Email configuration from profile view.

Update IMAP connection library | Allow connecting with xoauth

  • Add imap2 lib to handle in order to support xoauth login in imap.

  • Add Imap2Handler to be used to connect to IMAP for Oauth connections.

Documentation

  • Configure Security Groups for Inbound Email here.

  • Setup a Microsoft OAuth Provider here.

  • Configure Inbound Email with OAuth here.

  • External OAuth Provider Overview here.

Known Issues

  • Issue: #9852 - New "Move to trash" toggle causing Case Updates to not import

  • Issue: #9853 - Case Macro not populated on Upgrade

  • Issue: #9855 - When a personal oauth connection is used for a group inbound email, the emails break

  • Issue: #9856 - Email listview filtering shows blank result if a criteria with multiple words and spaces is added

  • Issue: #9857 - Email listview filtering shows blank result for IMAP keywords criteria

  • Issue: #9854 - Test settings issue after switching between OAuth and Basic Auth

  • Issue: #9858 - Group Inbound Emails distribution_method field is reset when Editing the record again

  • Issue: #9867 - Inbound Email’s "SSL" checkbox does not retain Checked status after Upgrade

Community

Special thanks to the following members for their contributions and participation in this release!

Please visit the official website to find the appropriate upgrade package.

To report any security issues please follow our Security Process and send them directly to us via email security@suitecrm.com

Content is available under GNU Free Documentation License 1.3 or later unless otherwise noted.