From 870c2a8f50e222287fc3ad03c78995440e2f0eba Mon Sep 17 00:00:00 2001 From: Eric - CAP-REL <1468823+rycks@users.noreply.github.com> Date: Thu, 11 Sep 2025 12:21:33 +0200 Subject: [PATCH 1/3] Prepare 18.0.8 (#35299) * Prepare 18.0.8 * Update filefunc.inc.php --------- Co-authored-by: Laurent Destailleur --- ChangeLog | 30 ++++++++++++++++++++++++++++++ htdocs/filefunc.inc.php | 2 +- 2 files changed, 31 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 5dd29b7d23f..c8c324bfd5f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,36 @@ English Dolibarr ChangeLog -------------------------------------------------------------- +***** ChangeLog for 18.0.8 compared to 18.0.7 ***** +35 files changed, 647 insertions(+), 298 deletions(-) + +FIX: #34746 - More complete fix for CVE-2024-40137 +FIX: Correct the calculation of the amount of the current period between the period provided (#35083) +FIX: Add security test for show terminal selection if no terminal selected when invoice.php is call (#34717) +FIX: Add security test for show terminal selection if no terminal selected when invoice.php is call +FIX: missing quick edit for extrafields (baclport commit 4fc66c6) (#35160) +FIX: Missing sentence part (#35144) +FIX: set global mysoc and load langs in API access (#35041) +FIX: set global mysoc and load langs in API access +FIX: reset mysoc and langs only if entity of API has changed +FIX: accountancy general ledger: bad handling of hook return (#34029) +FIX: accountancy general ledger: bad handling of hook return +FIX: accountancy balance: bad handling of hook return +FIX: - Fix missing token for disable custom group category for compta report (page /htdocs/accountancy/admin/categories_list.php) (#35084) +FIX: The combo of custom groups has disappeared (backport v19) (#35016) +FIX: #34893 (#34897) +FIX: #34893 +FIX: change error code to USERNOTALLOWEDTOCHANGEPASS +FIX: asset: could not select invoice in disposal pop-in (#34725) +FIX: 17.0 SQL syntax error and/or constraint error when calling Facture::update() after a clone (e.g. in a trigger) (#34778) +FIX: 17.0: when you clone an invoice that was created from a template invoice, the clone should not be linked to the template invoice (#34777) +FIX: pre-send mail mass action: keep __EMAIL__ substitution (#34522) +FIX: pre-send mail mass action: keep __EMAIL__ substitution +FIX: comment +FIX: massaction email tpl: keep preset +FIX: loop interrupt if an error occurs in sendEmailsRemindersOnInvoiceDueDate (#34657) +FIX: #34654 + ***** ChangeLog for 18.0.7 compared to 18.0.6 ***** 138 files changed, 1622 insertions(+), 530 deletions(-) diff --git a/htdocs/filefunc.inc.php b/htdocs/filefunc.inc.php index 28cbf4915b0..2880f95f814 100644 --- a/htdocs/filefunc.inc.php +++ b/htdocs/filefunc.inc.php @@ -34,7 +34,7 @@ if (!defined('DOL_APPLICATION_TITLE')) { define('DOL_APPLICATION_TITLE', 'Dolibarr'); } if (!defined('DOL_VERSION')) { - define('DOL_VERSION', '18.0.7'); // a.b.c-alpha, a.b.c-beta, a.b.c-rcX or a.b.c + define('DOL_VERSION', '18.0.8'); // a.b.c-alpha, a.b.c-beta, a.b.c-rcX or a.b.c } if (!defined('EURO')) { From 8efe6d477ee7a9e0450a2b02044104078c722477 Mon Sep 17 00:00:00 2001 From: Eric - CAP-REL <1468823+rycks@users.noreply.github.com> Date: Fri, 12 Sep 2025 02:15:56 +0200 Subject: [PATCH 2/3] exclude escpos-php/doc from filelist_xml (#35313) --- build/generate_filelist_xml.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/generate_filelist_xml.php b/build/generate_filelist_xml.php index 5614b5323bd..331cb8fc178 100755 --- a/build/generate_filelist_xml.php +++ b/build/generate_filelist_xml.php @@ -172,7 +172,7 @@ $files = new RegexIterator($iterator1, '#^(?:[A-Z]:)?(?:/(?!(?:'.($includecustom */ // Define qualified files (must be same than into generate_filelist_xml.php and in api_setup.class.php) $regextoinclude = '\.(php|php3|php4|php5|phtml|phps|phar|inc|css|scss|html|xml|js|json|tpl|jpg|jpeg|png|gif|ico|sql|lang|txt|yml|bak|md|mp3|mp4|wav|mkv|z|gz|zip|rar|tar|less|svg|eot|woff|woff2|ttf|manifest)$'; -$regextoexclude = '('.($includecustom?'':'custom|').'documents|conf|install|dejavu-fonts-ttf-.*|public\/test|sabre\/sabre\/.*\/tests|Shared\/PCLZip|nusoap\/lib\/Mail|php\/example|php\/test|geoip\/sample.*\.php|ckeditor\/samples|ckeditor\/adapters)$'; // Exclude dirs +$regextoexclude = '('.($includecustom?'':'custom|').'documents|escpos-php\/doc|conf|install|dejavu-fonts-ttf-.*|public\/test|sabre\/sabre\/.*\/tests|Shared\/PCLZip|nusoap\/lib\/Mail|php\/example|php\/test|geoip\/sample.*\.php|ckeditor\/samples|ckeditor\/adapters)$'; // Exclude dirs $files = dol_dir_list(DOL_DOCUMENT_ROOT, 'files', 1, $regextoinclude, $regextoexclude, 'fullname'); $dir=''; From 8e689c147944f137b995408cf60152ccc4df641a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 12 Sep 2025 02:26:21 +0200 Subject: [PATCH 3/3] Complete #35313 --- htdocs/api/class/api_setup.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/api/class/api_setup.class.php b/htdocs/api/class/api_setup.class.php index abb09397361..2010e41fbb4 100644 --- a/htdocs/api/class/api_setup.class.php +++ b/htdocs/api/class/api_setup.class.php @@ -2127,7 +2127,7 @@ class Setup extends DolibarrApi // Define qualified files (must be same than into generate_filelist_xml.php and in api_setup.class.php) $regextoinclude = '\.(php|php3|php4|php5|phtml|phps|phar|inc|css|scss|html|xml|js|json|tpl|jpg|jpeg|png|gif|ico|sql|lang|txt|yml|bak|md|mp3|mp4|wav|mkv|z|gz|zip|rar|tar|less|svg|eot|woff|woff2|ttf|manifest)$'; - $regextoexclude = '('.($includecustom ? '' : 'custom|').'documents|conf|install|dejavu-fonts-ttf-.*|public\/test|sabre\/sabre\/.*\/tests|Shared\/PCLZip|nusoap\/lib\/Mail|php\/example|php\/test|geoip\/sample.*\.php|ckeditor\/samples|ckeditor\/adapters)$'; // Exclude dirs + $regextoexclude = '('.($includecustom ? '' : 'custom|').'documents|escpos-php\/doc|conf|install|dejavu-fonts-ttf-.*|public\/test|sabre\/sabre\/.*\/tests|Shared\/PCLZip|nusoap\/lib\/Mail|php\/example|php\/test|geoip\/sample.*\.php|ckeditor\/samples|ckeditor\/adapters)$'; // Exclude dirs $scanfiles = dol_dir_list(DOL_DOCUMENT_ROOT, 'files', 1, $regextoinclude, $regextoexclude); // Fill file_list with files in signature, new files, modified files