Subscribe to Syndicate

Apache 2.4.9/Open SSL 1.0.1h released (along with with TM 10.00.12)

We have made both mac and windows installers for apache 2.4.9 with open ssl 1.0.1h to address the latest open ssl vulnerability.

Please follow the update and download instructions in this link. For a quick summary, if you are already at Apache 2.4.9 (which most venues are due to the recent heartbleed issue), the instructions should be as simple as:

  • shut down any classic web listeners
  • save the htdocs and conf folder per the instructions in the update notes
  • download and run the appropriate installer
  • put back the original htdocs folder and conf folder into the correct places (there are no changes inside them)

Apache 2.4.9 servers released to address Heartbleed Vulnerability

A important vulnerability has been identified in OPENSSL version 1.0.x called Heartbleed.

It is very serious and much has been written about it on the web as it potentially affects many many many web sites. The main impact is that your SSL certificates may have been compromised. If somebody has gained access to your sites SSL certificate through this surreptitious mean, it could mean some of your clients passwords have been taken through watching traffic to/from your web site.

NOTE: if you are still using a version of apache with openSSL 0.9.x, you are not vulnerable to this issue.

The suggested course of action is

  1. Upgrade Apache to 2.4.9 using the process to Upgrade Apache.
    • This contains OpenSSL 1.0.1g to address the specific 'Heartbleed' problem.
    • It removes the vulnerability completely from this point forward
    • This means that you should do it right away and then move on to step 2
  2. Get a revised SSL certificate from GEOTRUST.
    • Artsman will contact GEOTRUST on your behalf and working on a process to get a replacement SSL certificate reissued.
    • This will occur in conjunction with us updating your server or on the near future.
  3. Given the nature of the vulnerability, it has been suggested on some web sites that you inform your patrons about the issue. The reason is simple:
    • Many people use the same password on may sites like facebook, amazon, their bank web site, theatre manager, etc.
    • If *ANOTHER* web site like their bank is compromised by this vulnerability, they represent a high value target.
    • If the *Bad Guys* get a password from a high value site, then they may assume its valid at other places your patron may visit
    • Hence why even if there has not been a compromise at your web site, it could be another web site that leads your patrons to have issues, and safety is of utmost importance.

This vulnerability has been in existence for over a year -- and has only recently been exposed. In other words, nobody knew it existed or could be exploited. This is why it is important to close it up as soon as possible.

Note: If you are still using Apache 2.2.x as part of your Theatre Manager setup, you DO NOT HAVE THIS VULNERABILITY. Unfortunately, you would not be PCI compliant and we'd suggest updating anyway.

Theatre Manager 9.25 Released

TM Scanner - Arts Management Systems Ltd. Theatre Manager Version 9.25 contains significant functionality enhancements as part of our twice a year plan to deliver major features and other improvements garnered from users. The major focus on this particular version has been requested improvements to the internet sales process and reduction of IT support time.

This means:

  • More features are available online (gift certificate/pass redemption, recurring payments, viewing volunteer/staff activities, promoting events not yet on sale online, etc)
  • A number of web pages were tweaked (particularly template files) to support the new web features
  • Implemented a far better 'forgotten password scheme' where the user actually resets their password instead of having the actual password emailed.
  • Addition of IOS based bar code scanners that can scan linear and QR barcodes. Depending on the IOS device you pick, it is possible to scan tickets in the middle of a field.
  • The eblast process now tracks when a customer has opened the eblast and records the open date within Theatre Manager - providing an improved life cycle history of the communication with the patron. TM has always supported recording how a customer purchased online and this augments the overall process by tracking complete life cycle from the delivery of marketing material prior to the purchase decision.
  • The classic listener and second generation listener have been redesigned to self update. This is an exciting new approach to help eliminate as much time as possible to do an update - it will just happen.
  • And much more...

Theatre Manager 9.22 Released

Theatre Manager Version 9.22 has been released. Since 9.15, there has been a concentrated effort on performance improvement of the web services and e-blast capabilities as well as feature enhancements. The suggestion is to upgrade at some convenient point in your current season - it doesn't have to occur right away.

The key list of changes since Version 9.15 are:

  • The second generation server is working very well at venues that are using it. It has addressed the vast majority of issues with email servers - (which have been changing rapidly recently in an attempt to combat spam and viruses). It has also improved performance of the web server significantly.
  • Dynamic pricing and changing of Venue Maps on the fly is now possible.

Year End Rollover and Extended Break Settlements

Fiscal Year End Roll Over
If your offices will be closed during the time of your Fiscal Year End (such as over December 31, for example), you may want to make Year End Roll Over (YERO) preparations before you close for the season that need to occur prior to transacting any business in the new fiscal year.

Theatre Manager 9.15.00 Released

Theatre Manager Version 9.15 has been released containing mostly feature enhancements. The suggestion is to upgrade at some convenient point in your current season - it doesn't have to occur right away.

The key list of changes are:

Theatre Manager 9.12.08 Released

Version 9.12 has been released as part of the support agreement. Please refer to the full release notes about version 9.12. All venues are encouraged to upgrade to this version due to some important fixes, especially if you are using windows XP.

Theatre Manager 9.11.05 Released

Ticket Trove - Arts Management Systems Ltd. Version 9.11 has been released as part of the support agreement. Please refer to the full release notes about version 9.11. The release is minor - but since it fixes an important web issue, all venues are encouraged to upgrade.

Key Changes in Version 9.11.05

This key list of changes are:

  1. Ticket Trove 1.02 is released on the app store with native iPad support and a feature that allows patrons to save their favourite venue.
  2. There is a new feature to help identify and automatically merge duplicate patrons
  3. There is very important web listener change to better handle patrons who might use the back button on a browser to look at old offerings
  4. The process of updating web pages has been improved to help manage future updates (there are no required changes for this version)
  5. Ongoing changes to facility management based on customer feedback.

Theatre Manager 9.10 released

Ticket Trove - Arts Management Systems Ltd. Version 9.10 has been released for all current users of Version 9. Please refer to the full release notes about version 9.10.

This release is a minor release.

Theatre Manager 9.07 Released

Version 9.07 has been released for all current users of Version 9. Please refer to the full release notes about version 9.07 and what it takes to install it

Pages

Subscribe to Arts Management Systems RSS