OpenEMR 6.0.0 Patch

The 1st patch for OpenEMR 6.0.0 has been released:
https://www.open-emr.org/wiki/index.php/OpenEMR_Patches

The patch includes:

  • Security fixes (reported by Hagai Wechsler at whitesourcesoftware.com, fixes by Brady Miller)
  • Eye form fixes (fixes by Ray Magauran)
  • Patient portal registration fix (fix by Jerry Padgett)
  • WENO Exchange ePrescribing (by Sherwin Gaddis)
  • UUID creation optimizations (by Brady Miller)
  • Billing fixes (fixes by Stephen Waite)
  • sql upgrade optimizations (by Stephen Waite)
  • Addition of Johnson & Johnson COVID-19 vaccine (by Stephen Waite)
2 Likes

https://www.open-emr.org/wiki/index.php/OpenEMR_Patches says “List of files (6.0.0)” where it should instead say “List of files (6.0.1)”.
I would change it but I don’t appear to have permission to change that page in particular.

1 Like

all set @PeteBoyd, thank you

edit: actually looks like 6.0.0.1 would be correct

Oops yes of-course @stephenwaite you call it “6.0.0 (Patch 1)” in prose and “6.0.0 (1)” in the About page.

The 2nd patch for OpenEMR 6.0.0 has been released:
https://www.open-emr.org/wiki/index.php/OpenEMR_Patches

The patch includes:

  • Security fix (reported by Hagai Wechsler at whitesourcesoftware.com, fix by Brady Miller)
  • WENO Exchange ePrescribing fixes (fixes by Sherwin Gaddis)
  • Session and timeout fixes (fixes by Rod Roark, Stephen Waite, Jerry Padgett and Brady Miller)
  • Patient portal improvements (by Jerry Padgett)
  • Eye form fixes (fixes by Ray Magauran)
  • Billing fixes (fixes by Stephen Waite)
  • New GAD-7 form (by Ruth Moulton)
  • Layout Based Form fix (fix by Rod Roark)
  • Backup fixes (fixes by Rod Roark)
  • Demographics fix (fix by Ken Chapple)
  • Messaging improvement (by Stephen Waite)
  • PHP 8 fixes (fixes by Stephen Waite)
  • MySQL 8 fix (fix by Rod Roark)
1 Like

Released patch 3; see here for details:

:wave:

Are these (or will these be) ported as docker images on dockerhub?

Hi @daurrutia , they’re there.

Thanks Stephen.

On dockerhub I see:

I guess I’m assuming if they are there I’d see them tagged like the 5.0.x patches were tagged (e.g., 6.0.1, 6.0.2, 6.0.3). Am I going about this round the wrong way?

hi @daurrutia , it’s 6.0.0, latest which will grab patch 3.

Thanks.
Anyone know if there’s a way to tell what patch level the container is running in v6?
I’ve looked within the app’s About page, that seems not to display patch level in v6.
Also version.php doesn’t seem to have it.
Or maybe I’m pulling the wrong image.

Some screenshots attached from image: openemr/openemr:latest


Hi @daurrutia , if there was a patch it would appear there like this in the demo with the latest patch:

Screenshot from 2022-01-20 08-20-20

  • Based on the 6.0.0 Dockerfile a build of the file will pull in the branch rel-600 which indeed includes the patch commits.

  • However, it looks like the tagged 6.0.0/latest images in the DockerHub repo were pushed up on Jan 16, 2021.

  • The 6.0.0 patches 1,2, and 3 were released Mar, Jun, and Oct 2021, respectively.

  • When anyone pulls openemr/openemr:6.0.0 or openemr:latest from DockerHub, based on what’s in the repo now, they are pulling an image pushed up in Jan of 2021, 6.0.0 patch 0 essentially.

  • We need to re-build the image at the time of each patch release and push up that fresh image to DockerHub in order to ensure folks pulling 6.0.0/6.0.0-3/latest are getting the latest patches.

  • For now, a build and push with the 6.0.0 tag ASAP would be recommended for the community’s security posture.

This is what I’m seeing from my end. Please review, and apologies if I am mistaken.


1 Like

Hi @daurrutia
I should of chimed in here sooner. As you’ve noted, haven’t updated docker (or the main packages) with each patch. Would recommend getting in habit of installing most recent patch after any install (we make this clear on than standard packages, for example OpenEMR 6.0.0 Linux Installation - OpenEMR Project Wiki, but we should also make this clear somewhere in documentation for the dockers). Would be good to update official docker after each patch to make things easier, but the problem is docker builds can break over time (especially since we do multiarch builds) or bring in untested stuff, so it requires resources/time to do that.

1 Like