VIVO 1.11.1 is a point release containing two patches to the previous 1.11.0 release:

  • Security patch that now prevents users with self-edit privileges from editing other user profiles [1]
  • Minor security patch to underlying puppycrawl dependency (CVE-2019-9658) [2]

Upgrading from 1.11.0 to 1.11.1 should be a trivial drop-in replacement. If you are upgrading from 1.10 or before, see the VIVO 1.11.0 Release Announcement [3].

VIVO 1.11.1 can be downloaded now from https://github.com/vivo-project/VIVO/releases/tag/vivo-1.11.1

Release Manager
– Ralph O’Flinn

Developers / Testers
– Huda Khan
– Benjamin Gross
– Brian Lowe
– Ralph O’Flinn
– Andrew Woods

[1] https://github.com/vivo-project/Vitro/pull/106

[2] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9658

[3] https://wiki.lyrasis.org/display/VIVO/VIVO+1.11.0+Release+Announcement

Leave a Reply

Your email address will not be published. Required fields are marked *