Skip to content

v5.1.7 - Security Release
Compare
Choose a tag to compare
@snipe snipe released this 24 Jun 00:11
· 7098 commits to master since this release
v5.1.7
5b5b70e

⚠️ IMPORTANT: Later versions of Snipe-IT will require PHP 7.4 or greater. It is highly recommended you upgrade your version of PHP NOW.

(This is a requirement in order for us to be able to pull forward the dependencies that will allow us to support PHP8 and beyond moving forward.)

This is a security release that fixes a Time-of-check Time-of-use (TOCTOU) Race Condition in league/flysystem. While we do not believe this particular security issue impacts Snipe-IT due to the way we implement this package, we also take security very seriously and always try to make security fixes available ASAP.

More information is available here.

Fixed

  • Fixed an issue when tried to upload a file to an user without actually selecting a file. [ch16471] #9640
  • Fixed #9680: Use Eloquent’s withCount() method to count Statuslabel assets
  • Fixed #9705 Prevent syntax error in startup.sh
  • Allow to bulk update min_amt in Accessory API
  • Disable company select if full company support is activated #9720
  • Fixed #9666 Asset checkin via api doesn't send notification. #9676
  • Updated league/flysystem to 1.1.4 for critical security update

For a full list of changes, see the complete changelog.

Upgrading

For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

Assets 2