VIVO 1.11.1 is a point release containing two patches to the previous 1.11.0 release:
- Security patch that now prevents users with self-edit privileges from editing other user profiles [1]
- Minor security patch to underlying puppycrawl dependency (CVE-2019-9658) [2]
Upgrading from 1.11.0 to 1.11.1 should be a trivial drop-in replacement. If you are upgrading from 1.10 or before, see the VIVO 1.11.0 Release Announcement [3].
VIVO 1.11.1 can be downloaded now from https://github.com/vivo-project/VIVO/releases/tag/vivo-1.11.1
Release Manager
– Ralph O’Flinn
Developers / Testers
– Huda Khan
– Benjamin Gross
– Brian Lowe
– Ralph O’Flinn
– Andrew Woods
[1] https://github.com/vivo-project/Vitro/pull/106
[2] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9658
[3] https://wiki.lyrasis.org/display/VIVO/VIVO+1.11.0+Release+Announcement