Mautic - Package Updates

girish

[4.2.0]

nebulon

[4.3.0]

girish

[4.3.1]

Package Updates

[4.3.2]

Update Mautic to 5.1.1
Full changelog
CVE-2022-25768 - Improper access control in UI upgrade process - Reported by @mollux, fixed by @mollux and tested/reviewed by @escopecz and @patrykgruszka in GHSA-x3jx-5w6m-q2fc.
CVE-2024-47058 - Cross-site Scripting (XSS) - stored (edit form) - reported by @MatisAct, fixed by @lenonleite and tested/reviewed by @escopecz and @avikarshasha in GHSA-xv68-rrmw-9xwf.
CVE-2024-47050 - Cross-site Scripting (XSS) in contact/company tracking - reported by @mqrtin, fixed by @patrykgruszka and tested/reviewed by @escopecz in GHSA-73gr-32wg-qhh7.
CVE-2021-27917 - Cross-site Scripting (XSS) in contact tracking and page hits report - reported by @patrykgruszka, fixed by @lenonleite and tested/reviewed by @escopecz and @lenonleite in GHSA-xpc5-rr39-v8v2.
CVE-2024-47059 - User enumeration through weak password login prompt - reported and fixed by @tomekkowalczyk and tested/reviewed by @escopecz and @patrykgruszka in GHSA-8vff-35qm-qjvv.
CVE-2022-25770 - Removal of upgrade.php file which can have insufficient authentication - reported and fixed by @mollux, tested/reviewed by @kuzmany, @escopecz and @patrykgruzska in GHSA-qf6m-6m4g-rmrc.

Package Updates

[4.4.0]

Update mautic to 5.2.0
Full Changelog
Optimizing contacts activity API (refactoring of MR-10237 for Mautic v5) by @Moongazer in https://github.com/mautic/mautic/pull/12305
Refactor DBAL execute method to executeQuery. by @biozshock in https://github.com/mautic/mautic/pull/14139
Using "anonymous: lazy" to make the firewall lazy is deprecated, use "anonymous: true" and "lazy: true" instead. by @biozshock in https://github.com/mautic/mautic/pull/14124
The "security.encoder_factory.generic" service is deprecated, use "scurity.password_hasher_factory" instead. by @biozshock in https://github.com/mautic/mautic/pull/14125
[UI] Refactor hardcoded buttons using Twig template by @andersonjeccel in https://github.com/mautic/mautic/pull/14233
[UX] Updating Blank theme to MJML by @andersonjeccel in https://github.com/mautic/mautic/pull/14255
Referencing controllers with a single colon is deprecated. by @biozshock in https://github.com/mautic/mautic/pull/14130
Update readme and devdocs link by @laurielim in https://github.com/mautic/mautic/pull/14207

Package Updates

[4.4.1]

Package Updates

[4.4.2]

Update mautic to 5.2.2
Full Changelog
Add missing "isIndexed" and "charLegthLimit" fields to the API response of Contact Fields. by @biozshock in https://github.com/mautic/mautic/pull/14442
fix: Creating or updating a contact via the Rest API discards seconds for date time fields by @driskell in https://github.com/mautic/mautic/pull/14484
Fix FormSubscriberTest by @fedys in https://github.com/mautic/mautic/pull/14474
Update decision/action panel colors in campaign's builder by @Hugo-Prossaird in https://github.com/mautic/mautic/pull/14404
Fix template for Campaign Editor by @bastolen in https://github.com/mautic/mautic/pull/14491
DPMMA-3048 Fix campaign execution stuck due to incorrect lead detachment in membership change action by @patrykgruszka in https://github.com/mautic/mautic/pull/14497
Add allowed protocols for links in CK5, so people can add phone links by @LordRembo in ht
...

Package Updates

[4.4.3]

Update mautic to 5.2.3
Full Changelog
CVE-2024-47053 - Improper Authorization in Reporting API - Reported by @putzwasser, fixed by @lenonleite and tested/reviwed by @escopecz and @patrykgruszka in https://github.com/mautic/mautic/security/advisories/GHSA-8xv7-g2q3-fqgc
CVE-2022-25773 - Relative Path Traversal in assets file upload - Reported by @majkelstick and @patrykgruszka, fixed by @patrykgruszka and tested/reviewed by @escopecz and @lenonleite in https://github.com/mautic/mautic/security/advisories/GHSA-4w2w-36vm-c8hf
CVE-2024-47051 - Remote Code Execution & File Deletion in Asset Uploads - Reported by @mallo-m, fixed by @lenonleite and tested/reviewed by @patrykgruszka in https://github.com/mautic/mautic/security/advisories/GHSA-73gx-x7r9-77x2
DPMMA-3031 Configurable email address length limit to prevent delivery issues by @patrykgruszka in https://github.com/mautic/mautic/pull/14577
Fixing the audit log widget when a contact is deleted by @escopecz in https://github.com/mautic/mautic/pull/14541
Fixing segment building with default timezone by @escopecz in https://github.com/mautic/mautic/pull/14549
Email click tracking fix, PHP warning fix by @escopecz in https://github.com/mautic/mautic/pull/14540
fix: Fix font selection in CKEditor not including fallback fonts in output by @driskell in https://github.com/mautic/mautic/pull/14539

Package Updates

[4.4.4]

Update mautic to 5.2.4
Full Changelog
Fixing a 500 error when an asset was not found by @escopecz in https://github.com/mautic/mautic/pull/14663
DPMMA-3039 Company lookup limit by @patrykgruszka in https://github.com/mautic/mautic/pull/14461
Change behaviour of group elements for lookup field type by @npracht in https://github.com/mautic/mautic/pull/14716
Fix of disabling the Dashboard widget cache by @JonasLudwig1998 in https://github.com/mautic/mautic/pull/14467
DPMMA-3033 Correct focus item script response codes and fix undefined Focus.iframe by @patrykgruszka in https://github.com/mautic/mautic/pull/14521
Fix wording and encoding issue in notifications by @npracht in https://github.com/mautic/mautic/pull/14711
Salesforce campaign segment filter select fixed by @npracht in https://github.com/mautic/mautic/pull/14712
DPMMA-3096 Fix report boolean fields by @patrykgruszka in https://github.com/mautic/mautic/pull/14782
Fix #13570 - incorrect banner when multiple theme deletion by @johbuch in https://github.com/mautic/mautic/pull/14092
Fix issue #14338 Custom HTML Content hidden when creating email in Code Mode by @laurielim in https://github.com/mautic/mautic/pull/14638

Package Updates

[4.5.0]

Cloudron Forum