We're Hiring!

[SECURITY] Release of OMERO and Bio-Formats 5.0.5 and 4.4.12

See the OME website announcements for the latest. Questions can be asked at https://forum.image.sc/tags/ome
Please note:
Since August 2017, all OME announcements are no longer posted on this forum. Refer to the OME website announcements instead.

Questions can be asked under https://forum.image.sc/tags/ome

[SECURITY] Release of OMERO and Bio-Formats 5.0.5 and 4.4.12

Postby jmoore » Wed Sep 24, 2014 2:45 pm

Two security vulnerabilities have been discovered in versions of OMERO up to and including 4.4.11 and up to and including 5.0.4. System administrators should review the "Security Vulnerabilities" pages on the OME website. The more critical of the two, 2014-SV2, provides a workaround which can and should be applied immediately.

An upgrade of all installations is highly recommended. The new versions are available from the respective downloads page, 5.0.5 and 4.4.12.

For information on the upgrade from 4.4.x or 5.0.x to 5.0.5, see the OMERO5 instructions.

For information on the upgrade from 4.4.x to 4.4.12, see the OMERO4 instructions, but upgrading directly to 5.0.5 would be preferred.

Note that version 4.4.12 introduces the same password salting that is used in the 5.0 series. The implications of this improvement to server security are described in a warning among the server upgrade instructions.

Bio-Formats 5.0.5 is also being released, although not due to a security vulnerability. Changes include:

  • Documentation improvements
  • Support for non-spectral Prairie 5.2 datasets

The new version is available from the 5.0.5 download page.

Kind regards,
The OME team
User avatar
jmoore
Site Admin
 
Posts: 1591
Joined: Fri May 22, 2009 1:29 pm
Location: Germany

Return to OME Announcements [legacy]

Who is online

Users browsing this forum: No registered users and 0 guests