Blesta 5.12.1 Patch Released
We are pleased to announce the released of Blesta 5.12.1, which addresses bugs discovered in the 5.12 branch. A big thanks to everyone who participated in helping to make Blesta better by reporting and confirming bugs on our forums and discord chat, we appreciate your help!
The release notes are available at https://docs.blesta.com/support/releases/5/5121/.
Always run /admin/upgrade in your browser or via CLI after updating the files for your installation. Patch releases may only be applied to the minor release to which it belongs. Only apply this patch if you are running 5.12.0. If you are running an earlier version, you must download the full release.
Download 5.12.1 Patch Download 5.12.1 Full
SHA256 Sum
% blesta-5.12.1.zip
710d579f08d6821c720b2e15f22b18c798d83fc326a1c455fc2e97f8205efbfe
% blesta-5.12.0-5.12.1.zip
7888fe4f149e941b87aa7768ffc92ba095ce8c6d2bf39bae3dbc9772e289d4bf
To patch your installation, please follow the instructions for Patching an Existing Install from our user manual.
Related Tags:
Blesta 5.12 Released
Blesta 5.12 is now available!
Blesta includes more Domain Manager improvements including a new Realtime Register module. We also added a VirtFusion module, Oauth2 support for outgoing mail through Google and Microsoft. Cancelled services can be re-activated by staff, invoices can be copied/cloned, and the renew date clients see reflects whether their invoices have been paid or not. Improvements for importing from WHMCS, and much more!
Download 5.12SHA256 Sum
2be6b72e2788e8b4f9ffccd4b87edc55c516e647961ceb802fd7760bffde5484
ALWAYS BACKUP YOUR FILES + DATABASE PRIOR TO UPGRADING. Don’t forget to run /admin/upgrade in your browser or via CLI. If you need assistance upgrading, we can perform the upgrade for $35 just open a ticket from your account.
See the documentation for details on how to install or upgrade.
What’s new in 5.12?
- Added an option to copy/clone invoices.
- Added support for OAuth2 for outgoing email for Google and Microsoft.
- Added the ability to re-activate cancelled services.
- Added a new registrar module for Realtime Register.
- Added a module for VirtFusion, based on the original.
- Added a site builder plugin for Site.pro that integrates with many panels.
- Added many events for the Order plugin and Support Manager. (See docs)
- Added Single Sign On (SSO) support for DirectAdmin.
- Added an additional Single Sign On (SSO) link when managing a cPanel service.
- Added a new report for clients with credits.
- Updated credit card forms to allow auto-complete for those storing cards in the browser.
- Updated invoices to ignore currency precision if a value exceeds precision.
- Updated the renew date shown to clients to reflect whether their invoices are paid.
- Updated the Support Manager to add an option to select a service when opening a ticket.
- Updated the Support Manager to add an option for clients to escalate to emergency.
- Updated the Domain Manager to sync expiration dates more quickly.
- Updated the Domain Manager to convert currency during price sync if possible.
- Updated the Import Manager to improve importing of invoices and clients from WHMCS.
- Updated the BTCPay Server gateway to use the BTCPay settings for payment selection.
- Updated the Mass Mailer plugin to add a rate limit option.
- Updated the IP Unblocker plugin to work for reseller users.
- Updated the Braintree payment gateway API library.
- Updated the Coinbase Commerce payment gateway API library.
- Updated the resend welcome email option to include any signatures.
- Updated the blacklist to prevent clients from updating their email address if on the list.
- Removed the Payza payment gateway.
See our beta announcement for more and the release notes for everything.
Developers
- Added new events for Order plugin and Support Manager.
- Reminder: If you are a developer, we recommend updating your extensions to support PHP 8, including PHP 8.2 if they don’t already.
Sponsored Development
A big shout out to the following companies for sponsoring development for one or more items in this release. Show them some love.
Sponsored development is a good way to support Blesta and get a shout out for your company! Interested? Reach out and say hello.
Stay Connected!
Like our Facebook page, join our Facebook group and Subreddit, follow us on Twitter, and join us in Discord.
Related Tags:
Security Advisory
A security issue affecting Blesta versions 4.0.0 through 5.11.3 has been identified.
A path traversal vulnerability has been discovered, though the vulnerability does not allow the disclosure of Blesta configuration files. We recommend applying the appropriate patch for your release, or upgrading to version 5.11.4 as soon as possible. We give this an impact rating of High.
More information about how we rate vulnerabilities can be found on our Security Advisories page.
Always back up your files and database prior to upgrading and be sure to run /admin/upgrade in your browser after uploading either a patch or full release. Patch releases may only be applied to the minor release to which it belongs, so download the appropriate patch for your minor version. If you are running a version of Blesta between 4.0 and 5.11, upgrade to 5.11.4.
Downloads
Download 5.11.4 Patch Download 5.11.4 Full
% blesta-5.11.4.zip
6003fcf0caadc255b7b43e0a504b130e0a0f8751e22d270e9fd126299e018548
% blesta-5.11.0-5.11.4.zip
353996300dd83ceb91b887691aa1956b2be97dd5c481cd5acf290db51d5078f2
% blesta-5.10.0-5.10.4.zip
37c102ac7f539a039d2b39354f60c5e504c617e32037a228a15b84009a097018
To patch your installation, please follow the instructions for Patching an Existing Install from our user manual.
Resolution
- If you are running version 5.11.x, apply the 5.11.4 patch above.
- If you are running version 5.10.x, apply the 5.10.4 patch above.
- If you are running version 4.0.x through 5.11.x, upgrade to 5.11.4 Full.
Mitigation
It is best to upgrade to 5.11.4 or apply the appropriate patch. However, if you are running an affected unsupported version of Blesta (version 4.0 through 5.9), and you need more time to upgrade, it is possible to mitigate. We are not publishing mitigation steps now due to nature of the vulnerability. For mitigation steps, open a ticket from within your account and provide your license key as well as the version of Blesta you are running along with the reason you are not able to upgrade.
Credits
This issue was reported by a customer in accordance with our Responsible Disclosure Policy.
Blesta 5.11.3 Patch Released
We are pleased to announce the released of Blesta 5.11.3, which addresses bugs discovered in the 5.11 branch. A big thanks to everyone who participated in helping to make Blesta better by reporting and confirming bugs on our forums and discord chat, we appreciate your help!
The release notes are available at https://docs.blesta.com/display/support/5.11.3.
Always run /admin/upgrade in your browser or via CLI after updating the files for your installation. Patch releases may only be applied to the minor release to which it belongs. Only apply this patch if you are running 5.11.0, 5.11.1, or 5.11.2. If you are running an earlier version, you must download the full release.
Download 5.11.3 Patch Download 5.11.3 Full
SHA256 Sum
% blesta-5.11.3.zip
3dcd9e67e43ff9df563dc5a099f8436d5b03aa4d60bff1a3975c030f0bb8b498
% blesta-5.11.0-5.11.3.zip
4a275432739d9b92e1f1c066d089518e69f9a3cf212d4ac2c6d2f7944f708811
To patch your installation, please follow the instructions for Patching an Existing Install from our user manual.
Related Tags:
Blesta 5.11.2 Patch Released
We are pleased to announce the released of Blesta 5.11.2, which addresses bugs discovered in the 5.11 branch. A big thanks to everyone who participated in helping to make Blesta better by reporting and confirming bugs on our forums and discord chat, we appreciate your help!
The release notes are available at https://docs.blesta.com/display/support/5.11.2.
Always run /admin/upgrade in your browser or via CLI after updating the files for your installation. Patch releases may only be applied to the minor release to which it belongs. Only apply this patch if you are running 5.11.0, or 5.11.1. If you are running an earlier version, you must download the full release.
Download 5.11.2 Patch Download 5.11.2 Full
SHA256 Sum
% blesta-5.11.2.zip
968a4720f07c73e4d38ff5fd28afb9e493ec23161f85a06f013d0d4c6b40d647
% blesta-5.11.0-5.11.2.zip
1f2457a8d73c631ff1599d01154b65a82ca3244f360216c2de91cdbad8520fc1
To patch your installation, please follow the instructions for Patching an Existing Install from our user manual.