Alex Nassi

Version Released!

Blog Post created by Alex Nassi Employee on Jul 21, 2016

We have officially released version for all commercial editions. The release is available to download for On-Site customers and is being automatically applied to On-Demand instances running an earlier version of Sugar releases.


This release addresses bugs identified in prior releases and includes fixes for recently detected security vulnerabilities that have since been carefully investigated and addressed.


Security Advisories

As always, we take data security and the protection of your private information very seriously at SugarCRM. We strive to address security vulnerabilities that come to our attention and inform our customers of those vulnerabilities so they can take steps to safeguard their Sugar instances.


For more information regarding the specific advisories, please refer to the following Security Advisory announcements:


Following our investigations, we have no reason to believe that the vulnerabilities were exploited. However, we encourage you to take the following actions to remediate the vulnerabilities in your Sugar instances:


On-Demand Customers

If you are hosted in Sugar On-Demand, no action is required.


Starting tonight, Thursday, July 21, 2016, we will begin executing upgrades for all affected customers. If you would like to know when we have scheduled your instance upgrade or request that we expedite the upgrade, please open a case.


On-Site Customers

If you host your instance On-Site (in any environment outside of our Sugar On-Demand environment), please visit our Download Manager to download at the earliest opportunity, which address these vulnerabilities. Our Installation and Upgrade Guide contains the appropriate guidance to apply this patch to your instance. Failure to take these actions could leave you exposed to malicious attacks.


Customers hosting Sugar on their own servers can review the following installation and upgrade instructions:


For information about what is new in 7.7, please review Version 7.7 Released! in the community.


If upgrading now is not an option, and you are running a commercial version of Sugar, please open a case with our support team to request a hotfix for the security vulnerabilities. We will then supply a module loadable package that can be applied to your current version and edition of Sugar. Support tickets can be opened via our portal or by emailing If you are not familiar with the support process, please review our knowledge base article on Working With Sugar Support. Updates

Sugar addresses bugs identified in prior releases which are detailed in the Release Notes.


Sugar is compatible and supported for new installations and upgrades for customers running a MySQL, DB2, Oracle, or MSSQL stack. Please visit the Supported Platforms page for a complete list of supported configurations. Changes to supported platforms include:

  • Added support for PHP 5.6 New
  • Updated versions of Firefox, Safari, and Chrome  Updated Release Notes

The release notes for can be found at the following links: Development Changes

Developers should review the Development Changes sections of the Release Notes to learn more about changes that could affect integrations and custom development:


If you want to ensure you are up-to-date on all our latest releases, please click the ‘Follow’ button under the Releases space in the community.