[ome-devel] [SECURITY] Release of OMERO 5.2.8

Helen Flynn (Staff) h.flynn at dundee.ac.uk
Thu Mar 23 11:24:16 GMT 2017


Dear All,

Today we are releasing OMERO 5.2.8. This is a security release to prevent users from deleting or editing official scripts and from accessing other people's data by adjusting the file path of their OriginalFiles so it points to other people's data in the repository.

Full details of the issues are available on:

https://www.openmicroscopy.org/site/products/omero/secvuln/2017-SV1-filename
https://www.openmicroscopy.org/site/products/omero/secvuln/2017-SV2-edit-rw
https://www.openmicroscopy.org/site/products/omero/secvuln/2017-SV3-delete-script

This release does not upgrade the version of Bio-Formats which OMERO uses.

The software is available at:
http://downloads.openmicroscopy.org/omero/5.2.8

Upgrade information is at http://www.openmicroscopy.org/site/support/omero5.2/sysadmins/server-upgrade.html

We highly recommend that all sysadmins upgrade their installations asap.

Regards,

The OME Team


Dr Helen Flynn
OME Technical Writer
Centre for Gene Regulation & Expression
Open Microscopy Environment
University of Dundee
http://openmicroscopy.org<http://openmicroscopy.org/>


The University of Dundee is a registered Scottish Charity, No: SC015096
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openmicroscopy.org.uk/pipermail/ome-devel/attachments/20170323/c779380b/attachment.html>


More information about the ome-devel mailing list