Download Latest Version 0.8.4 source code.zip (10.7 MB)
Email in envelope

Get an email when there's a new version of FOSSBilling

Home / 0.8.1
Name Modified Size InfoDownloads / Week
Parent folder
FOSSBilling-0.8.1.zip 2026-05-30 31.1 MB
0.8.1 source code.tar.gz 2026-05-30 10.0 MB
0.8.1 source code.zip 2026-05-30 10.6 MB
README.md 2026-05-30 3.4 kB
Totals: 4 Items   51.7 MB 0

0.8.1 (2026-05-30)

FOSSBilling 0.8.0 included fixes for multiple security vulnerabilities, including higher-impact issues. We are continuing to provide a short upgrade window before publishing the full advisory set.

Alongside 0.8.1, we are publishing a small early batch of low-impact advisories where practical exploitability is limited. The remaining advisories fixed in 0.8.0 are still scheduled for publication after a short upgrade window.

Users should upgrade to 0.8.1 where practical. Installations that have not yet upgraded from older releases should treat 0.8.0 or newer as a priority security baseline.

🔐 Security

  • Sanitized admin support ticket reply content to prevent potential injection. (#3669)
  • Validated stored filenames for downloadable products to restrict unauthorized file access. (#3676)
  • Refreshed OPcache after preserving the config cache during updates to avoid stale configuration exposure. (#3662)
  • Hardened UpdatePatcher SQL safety to prevent unsafe database operations during updates, along with Antispam and Massmailer correctness fixes. (#3685)

📈 Enhancements

  • Added a free subdomain option for hosting products. (#3667)
  • Implemented reCAPTCHA v3 for score-based bot detection on public forms. (#3655)
  • Clients are now automatically logged in after successful registration. (#3664)
  • Added active menu highlighting in both the Admin and Huraga client themes. (#3654)
  • Introduced an update finalization process that prevents issues during database patches. (#3639)
  • Signup forms now display a separate last name field. (#3653)
  • Added pre-configuration proxy detection so forwarded headers are handled before the application fully boots. (#3663)
  • Added a proxy candidate settings UI and system URL support to improve reverse proxy compatibility. (#3674)
  • The admin Massmailer test client selector now uses autocomplete search and displays the client email. (#3681)

🐛 Bug Fixes

  • Fixed a checkout crash caused by a type mismatch on support ticket counts. (#3643)
  • Fixed license order details crashing when pinged_at was null. (#3644)
  • Improved the admin dashboard alert layout for better readability. (#3646)
  • Fixed the installer page not applying dark mode correctly. (#3647)
  • Redirecting to the correct tab after creating product categories and after API form submissions. (#3648, [#3649])
  • Stopped displaying service-specific configuration partials for inactive orders. (#3650)
  • Restored the domain check button when domain input changes after an initial check. (#3645)
  • Prevented deleting a domain registrar that is assigned to active TLDs. (#3660)
  • Port values are now validated and normalized across the configuration to prevent connection errors. (#3659)
  • Applied template correctness, internationalization, and accessibility fixes across multiple modules. (#3661)
  • Fixed downloadable file replacement cleanup so orphaned stored files are properly removed, and corrected streamed download behavior. (#3678)
  • Fixed UpdatePatcher table handling and Massmailer admin filtering. (#3686)

📝 Changes

  • Added a stored_filename attribute for downloadable files to enable safer file reference tracking and orphan cleanup. (#3670)
  • Improved license validation form accessibility and consistency. (#3673)
  • Added in-app links to Anti-Spam and License documentation. (#3657, [#3668])
Source: README.md, updated 2026-05-30