Logo
 Get Started

Blesta 3.1: Now Available

January 16, 2014
Paul

We’re excited to announce the release of Blesta 3.1. Thanks to everyone who participated in the beta!

Download 3.1 Now

Then, check out the docs to install or upgrade.

This release is packed with many new features, but perhaps the most prominent is configurable options. For a quick overview of configurable options, please watch the following short video:

What else is new in 3.1?

Modules

  • Proxmox
  • VPS.NET
  • Enom
  • GoGetSSL
  • TheSSLStore

Gateways

  • BitPay
  • CCAvenue
  • Payza

Plugins

  • Shared Login

Core features include configurable options, package sorting, support staff signatures, cancel end of term package option, and many more. Please see the changelog for a full list.

So what’s next?

Development on 3.2 is in full swing. Rumor has it, a responsive bootstrap client interface is on the way.. among other things.

Related Tags:

New for Developers in 3.1

January 15, 2014
Cody

Blesta 3.1 is loaded with great new features, but we didn’t forget about developers either. Here are a few new items developers can take advantage of in 3.1.

Improved CLI Installer

The command line installer gets non-interactive mode support in 3.1. This allows integration services to automate installation of Blesta. Read more about CLI installation.

Extensions Simplified

Plugins, Modules, and Gateways now support a config.json file that defines basic details such as author, name, version, and more. This greatly reduces the redundancy and maintenance across extensions, simplifying the development process. See configuration for Plugins, configuration for Modules, and configuration for Gateways for more details.

New Events

Almost a dozen new events have been added in 3.1. Of course, every event added opens up endless possibilities for new Plugins. See all events here.

Updated API

New features equals new and updated API commands (including Plugins). Check out the source code documentation.

Version 3.1 is currently in beta with a final release due out this week.

Related Tags:

Blesta 3.0.7 Patch Released

December 20, 2013
Paul

A patch has been released for Blesta that addresses bugs discovered since 3.0.6 was released. It also includes three security fixes, two of which were discovered as part of our internal review process. While these issues have a low to moderate impact rating, we strongly recommend upgrading to 3.0.7.

You can read more information about this patch, including the release notes, on our forums at http://www.blesta.com/forums/index.php?/topic/1660-release-307/ A patch has been released for Blesta that addresses bugs discovered since 3.0.6 was released. It also includes three security fixes, two of which were discovered as part of our internal review process. While these issues have a low to moderate impact rating, we strongly recommend upgrading to 3.0.7.

You can read more information about this patch, including the release notes, on our forums at http://www.blesta.com/forums/index.php?/topic/1660-release-307/

Download Link

blesta-3.0.0-3.0.7.zip

To patch your installation, please follow the instructions for Patching an Existing Install from our user manual.

Related Tags:

Blesta 3.1: Beta Released

December 20, 2013
Paul

We’re excited to announce that Blesta 3.1 beta 1 has been released. If you didn’t receive the announcement email, you can view it online here. The release notes are also available here.

 

header-short-v3.1-beta

We’ve been working on 3.1 for a while now, and it’s time for a beta! Betas are open to direct customers, and the download is available now within the client area. Login at https://account.blesta.com/client/login/, click “Downloads”, then “Betas”, then 3.1.0-b1 download.

During installation, select to start a 30-day free trial unless you have another license available, such as a development license. If you need help, please open a ticket.

If you don’t have a Blesta license yet, you can still get into the Beta. Now’s a good time to buy!

Once you get the beta installed, head on over to the forums and let us know what you think. Your feedback is very important to us, and will help us get to a final release as quickly as possible.

Related Tags:

Security Advisory - Cross-site scripting vulnerabilities

December 20, 2013
Cody

Affected Versions

Versions 3.0.0 through 3.0.6 are affected.

Description

Some content may be rendered in the client and admin interfaces, as well as through the Support plugin without proper sanitization, possibly making them vulnerable to cross-site scripting (XSS) attacks. Patch release 3.0.7 corrects these vulnerabilities.

Resolution

Upgrade to version 3.0.7, or uninstall the affected plugins. Related tasks:

  1. CORE-877
  2. CORE-931
  3. CORE-932

Credits

CORE-931 was discovered by Clifford Trigo (@mrtrizaeron) and Evan Ricafort (@robinhood0x00). CORE-877 and CORE-932 were discovered by the Blesta Development Team.

Related Tags:
Top