Release of OMERO 5.4.7 including SECURITY FIX

The OME team is pleased to announce the release of OMERO 5.4.7.

back to Announcements

Today we are releasing OMERO 5.4.7, a bug-fix release which also introduces some new functionality.

It includes security fixes for 2018-SV1 POST password, 2018-SV2 Script Name UUID and 2018-SV3 Modify User Password. It is highly recommended that you upgrade.

Impacts of the security vulnerability fixes include:

Improvements include:

Sysadmin improvements include:

Developer updates include:

This release also upgrades the version of Bio-Formats which OMERO uses to 5.9.0. Note: this is a significant upgrade and will invalidate the Bio-Formats Memoizer cache. Please see the upgrade guide for further information.

OME policy is that security releases should not invalidate the Bio-Formats Memoizer cache. However, our previous OMERO 5.4.6 release accidentally included a Bio-Formats merge artifact that did not receive the quality assurance we require of release versions. We have now updated the version of Bio-Formats included in OMERO 5.4.7 and this will cause a refresh of the Memoizer cache. We apologize for this unfortunate mistake and for the extra work required by our users. We have adjusted the internal processes that caused it.

Upgrade information is on the server upgrade page.

The software is also available at archived downloads.

Any problems or comments, please use the OME Forums or mailing lists.

back to top