Tryton News: Newsletter October 2025
Please update your systems to take care of a security related bug we found last month.
During the last month we focused on fixing bugs, improving the behaviour of things, speeding-up performance issues - building on the changes fromour last release. We also added some new features which we would like to introduce to you in this newsletter.
For an in depth overview of theTryton issues please take a look at our issue trackeror see the issues and merge requestsfiltered by label.
Changes for the User
Sales, Purchases and Projects
We nowuse theguest-partyfor a Shopify order without a known customerwhich can be updated with the proper party in the admin-panel at a later time.
Now wesupport theorders/editedandorders/cancelledweb-hooks from Shopify.
New Releases
We released bug fixes for the currently maintainedlong term support series
7.0and6.0, and for the penultimate series7.4.
Security
Luis Falconhas found thattrytondmaylog sensitive data like passwordswhen the logging level is set to INFO.ImpactCVSS v3.0 Base Score: 4.2Attack Vector: Network Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: NoneWorkaround Increasing the logging level above INFO prevents logging of the sensitive data.Resolution All affected users should upgrade trytond to the latest version. Affected vers…
1 post - 1 participant
