Sugar Sell 14.0.1 Release Notes
Overview
This document describes the changes and functionality available in Sugar 14.0.1. Sugar 14.0.1 is only available for customers on the annual upgrade path.
Note: This release is not available for SugarCloud customers.
Administrator and End User
Fixed Issues
Sugar 14.0.1 is a security update released to address certain security vulnerabilities identified during our routine QA checks.
For customers on the annual upgrade path, we strongly recommend that you install this update at the earliest opportunity. While we have not experienced any reported incidents relating to these vulnerabilities to date, failure to install this update could leave you exposed to malicious third-party attacks. For more information, please refer to the following Security Advisory announcements:
- Security Advisory sugarcrm-sa-2024-023: Any user may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-031: Authenticated administrators may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-032: Authenticated administrators may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-033: Authenticated users may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-034: Authenticated administrators may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-035: Authenticated administrators may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-036: Authenticated administrators may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-037: Authenticated administrators may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-038: Authenticated administrators may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-039: Authenticated administrators may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-040: Authenticated administrators may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-041: Authenticated administrators may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-042: Authenticated administrators may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-043: Authenticated administrators may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-044: Authenticated administrators may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-045: Authenticated administrators may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-046: Authenticated administrators may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-047: Any user may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-048: Authenticated administrators may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-049: Authenticated users may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-050: Authenticated users may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-051: Authenticated users may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-052: Authenticated users may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-053: Authenticated administrators may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-054: Authenticated users may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-055: Authenticated administrators may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-056: Authenticated users may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-057: Authenticated users may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-058: Any user may cause arbitrary code to be executed.
- Security Advisory sugarcrm-sa-2024-059: Any user may cause arbitrary code to be executed.
These vulnerabilities have been addressed in release 14.0.1, which is available for download from the Download Manager.
Administrators are strongly encouraged to upgrade their on-site Sugar instances running 14.0.0 or lower to version 14.0.1 to prevent potential exploitation of these weaknesses.
The following issues have been resolved in this release. Case portal users can use the following links for more details about each issue:
- 95386: When a large number of records (e.g., leads) are added to the target list using an existing report, the Date Modified value may not accurately reflect the exact date and time that each record was added.
- 94127: In certain circumstances, performing multiple inline edits in the Users list view may result in a 500 error.
- 93126: For instances that have Activity Stream enabled, toggling between the Data View and Activity Stream in a module record may cause unexpected issues to occur with the related-record subpanels and the Activity Stream button.
Known Issues
Click the link below to expand or collapse the 14.0.1 known issues list.
14.0.1 Known Issues
The following known issues are present in this release. Case Portal users can use the following links for more details about each issue:
- 94951: Sugar Actions that are configured to trigger a smart guide may not successfully be triggered if the action takes place in the mobile application.
- 94903: In certain circumstances, upgrading Sugar may fail with an error.
- 94749: The Comment Log dashlet incorrectly displays the username instead of the user's full name when the user is tagged in the comment log entry.
- 94746: Filtering the Leads list view using the My Leads filter does not return the correct results as expected.
- 94709: When creating a report, entering an incorrectly formatted date in the date field causes the report generation to fail with an unmeaningful error message.
- 94707: Modifying the dropdown field (e.g., Sales Stage) value's item name may cause unexpected issues to occur in the module's (e.g., Opportunities) tile view. For information on the workaround, refer to the issue's description in the case portal.
- 94665: When a user assigned to the SugarIdentity User Management role edits a regular user's record in Sugar, the message that appears on the screen does not direct the user to make certain changes in SugarIdentity as expected.
- 94562: In certain circumstances, upgrading an on-site instance may fail with an error.
- 94436: When a Group User is modified in Sugar, the changes do not save as expected.
- 94395: When a dashboard template with dashboard filters is duplicated, the dashboard filters do not control the Report dashlets as expected. As a workaround, re-create the dashboard filters on the duplicated dashboard.
- 94322: Users may encounter unexpected issues when PDF files contain images with spaces in the file names. For information on the workaround, refer to the issue's description in the case portal.
- 94245: Drilling through report charts may not work as expected and display "No data available" if the report is grouped by a relate field.
- 94194: The data tables in reports may appear blank and show no data.
- 94192: Double clicking on a record's row in a custom module's list view does not open the inline editing mode as expected.
- 94142: Attempting to delete a shared calendar from the Calendar module may not work as expected.
- 94136: Double clicking on a record's row in the subpanel of a custom module does not open the inline editing mode as expected.
- 94110: Merging a record containing a JPEG image using the "Doc Merge to PDF" option may not work as expected and result in an error.
- 93958: Matrix-type reports may improperly generate large amounts of messages in the sugarcrm.log file.
- 93906: User tags do not display properly with the correct border, font color, etc. in comment logs.
- 93792: When attempting to inline edit a multiselect or tag field in the related-record subpanel or list view, the input fieldmay not appear in the correct location.
- 93648: In certain circumstances, the Timeline dashlet may fail to load with a persistent Loading message causing unexpected issues with the navigation bar.
- 93631: When new panels are added to the record view layout while configuring the dropdown-field-based views in Studio, changing the panel label may improperly update the label of the other new panels.
- 93515: The mail server status continues to display "Authorized" in Admin > System Email Settings even though outbound emails may fail to send when the email settings is configured to use Google mail via OAuth2.
- 93359: In certain circumstances, installing packages via Admin > Module Loader may fail due to an Elasticsearch error.
- 93076: For instances that have Activity Stream enabled, attempting to access the Home page activity stream may not load as expected.
- 93055: Dropdown values with spaces in the display label cannot be moved into the Available Values column in Admin > Tile View Settings.
- 92477: DateTime fields may be calculated incorrectly in reports when accounting for daylight savings time (DST).
- 92217: The texts in the Product Catalog dashlet may not display properly making it hard to read.
- 92063: When campaign test emails are sent, users may notice unexpected issues with certain subpanels in the module (e.g., Accounts) that the campaign emails are related to.
- 91975: Unexpected issues may occur when designing new Process Business Rules for modules (e.g., Leads, Opportunities) that are disabled for Sugar Automate in Admin > Sugar Automate Settings.
- 91893: Adding a new filter to the list view dashlet does not apply the filter to the dashlet as expected.
- 91861: In certain circumstances, subpanels in Sugar may not behave as expected or not be configurable in Admin > Studio.
- 91283: Filtering the Emails list view using the From field does not return the appropriate results as expected.
- 90931: When role permissions are modified for a user, the changes do not get applied until the browser cache is cleared and the user logs out and back in to their account.
- 90615: When logged into Sugar using a non-English language (e.g., French), changing the classification value for the
sales_stage_dom
list in Admin > Dropdown Editor may improperly change the classification values for the other list items. As a workaround, log in to Sugar with the English (US) language and manually update the classification of the list items to the correct values. - 89878: The Forecast Bar Chart dashlet in the Forecasts module does not display any data for individual sellers.
- 89728: In certain circumstances, opening the list view Mass Actions menu does not display properly on the screen.
- 89542: For instances wth a very large number of SugarBPM processes, trying to view the list of processes in the Process Management's list view may result in performance issues and fail to load.
- 88957: In certain circumstances, performing a global search in Sugar may result in a 500 error.
- 88858: Unexpected email issues may occur in Sugar when using the Microsoft Exchange mail account as the authorized system email account.
- 88374: Attempting to reorder the columns in the Worksheet Columns Preview list view in Admin > Quotes Configuration does not work as expected. As a workaround, remove all the fields from the Worksheet Columns section then add the fields again to the section.
- 86285: In certain circumstances, users may experience unexpected behaviors when attempting to expand a subpanel or edit an empty Subpanel layout in Admin > Studio. For information on the workaround, refer to the issue's description in the case portal.
- 85246: Errors may get logged in the system after upgrading or installing Sugar when certain license data is missing.
- 84426: The Meeting Type field in the Meetings module does not reflect new values added to the Meeting Type dropdown list in Admin > Dropdown Editor.
- 83796: SugarBPM processes always run after module-level logic hooks and it is not possible to configure them to run before logic hooks.
- 82361: Emails sent from SugarBPM's processes may not include the link to new lead records generated from a Web-to-Lead form even though the process email template contains a link variable.
- 81382: Deleting a target list related to a large number of records may fail with an error.
- 80865: It is not possible to search by the Record Name column in Process Management.
- 80001: Email messages sent via SugarBPM may display HTML formatting when records are created using SOAP/REST v4.1. It is recommended to use the latest version of the API.
- 79009: When the targeted module contains a broken field, configuring an Action element in a process definition causes the Process Design canvas to time out.
- 77719: If a process definition contains a Wait event that is relative to a date field, the process does not adjust for changes that may occur to the date field after the Wait event's initiation.
- 77287: Performing certain actions (e.g., import, mass update) in Sugar may result in performance issues if there are numerous calculated fields to be updated in related records. As a workaround, add the following line to the
config_override.php
file to disable the related calculation field updates:$sugar_config['disable_related_calc_fields'] = true;
. But keep in mind that the affected calculated values will not be updated and running Recalculate Values on related records. - 77249: Guests may not get imported to call or meeting records as expected.
- 68112: Matrix-type reports may display incorrectly when exported to PDF.
Supported Platforms
For information on supported platform components, see Sugar 14.0.x Supported Platforms.