SuiteCRM 8.9.0
24 September 2025
SuiteCRM version 8.9.0 is now available (major release).
What's New in SuiteCRM 8.9.0
8.9.0
Campaigns
- Campaigns and Email Marketing have been redesigned in SuiteCRM 8!
- This release introduces the first phase of the redesign, with more features to come in future releases.
- You can see more information about Campaigns
Email Compose Redesign including:
- A configurable compose modal that can be collapsed and can remain open while navigating the app.
- To, CC, and BCC fields that support searching and selecting from SuiteCRM Accounts, Contacts, Leads, Users, or individual email addresses using the new Multi-Flex-Relate field.
- Attachments implemented using the new storage system.
- Ability to insert an Email Template which, when sending, will parse the variables based on the selected Related To record.
- The Body field now uses the lightweight Squire editor, offering consistent, rich text editing tailored for emails.
- Email address links in Suite 8 views open a new compose modal pre-addressed to that contact.
New File and Attachment Field Types: File type
- Designed for uploading files to a field. This field type is ideal for scenarios where only one file needs to be associated with a record, such as uploading a profile picture, a single contract, or a receipt. The uploaded file is stored using the new media storage system, supporting various backends like local storage, AWS S3, or Azure Blob Storage.
- For more information see File Field Type documentation.
New File and Attachment Field Types: Attachment type
- Built for attaching multiple items to a record. Unlike the file field, the attachment field, by default, always allows users to associate several files at once. Additionally, in future releases we plan to add support not only for file uploads but also linking existing documents from the Documents module, and potentially other types of attachments. This will make it suitable for use cases like attaching supporting documents, reference materials, or related files to a record.
- For more information see Attachment Field Type documentation.
New Media Storage System
- These field types leverage the media uploader system, which allows files to be stored in various backends: local storage, AWS S3 or Azure Blob Storage.
- A new concept of "storage types" has been introduced to define different storage backends and locations for different use cases. Each storage type can be linked to a different storage system, e.g. it is possible to have private_documents pointing to Azure blobs while private_images points to AWS S3. This should give system admins flexibility in how and where files are stored.
- To see more information about configuring external storage services, see File Storage Configuration documentation.
Multi-Relate
- Multi-Relate fields have been added to SuiteCRM 8.
- You can now relate multiple associated records at once (see below). For more information see Multi Relate documentation.
- For the moment this field is not available in the Studio. A future release will include Studio support.
New Schedulers Added
- SuiteCRM 8.9 introduces 3 new schedulers:
- Queue Email Marketing — Queues Email Marketing Records that are scheduled to be sent.
- Send Campaign Emails — Sends the queued emails for Email Marketing Records.
- Clean Up Temporary Files — Cleans up temporary files.
- Prune Database scheduler — Prune Database scheduler has been moved to symfony side and now also removes media objects from the new storage system.
Bug Fixes
- PR: 662 - Fix #540 - Two tooltips are displayed for listview icons to log call, schedule meeting, create task, compose email
- PR: 634 - Fix #625 - Opportunities list freeze when change Decimal Symbol and 1000s separator
- PR: 635 - Fix #584 - Difficult to assign user to role when pagination is over top of buttons
- PR: 636 - Fix #575 - Proceed button on installation page only submits user action when clicked outside of text
- PR: 655 - Fix #566 - DisplayLogic of Panel is not working
- PR: 417 - Fix #274, #503 - Call list shows Related to field incorrectly if containing letters with accents
- PR: 704 - Fix #607 - Enable relate field value clearing
- PR: 698 - Fix #678 - Enable checkbox filter retrieval in quick filters
8.8.1
Security
- CVE-2024-50335: XSS Vulnerability | GitHub Advisory | Reporter: shellkraft
- CVE-2024-49773: SQL Injection Vulnerability | GitHub Advisory | Reporter: dzentota
- CVE-2024-50332: SQL Injection Vulnerability | GitHub Advisory | Reporter: amame04
- CVE-2024-50333: RCE Vulnerability | GitHub Advisory | Reporter: dzentota
- CVE-2024-49772: SQL Injection Vulnerability | GitHub Advisory | Reporter: LongHair00
- CVE-2024-49774: RCE Vulnerability | GitHub Advisory | Reporter: dzentota
Highlights
- Minimum php version is now PHP 8.1
- SAML configuration has changed
- LDAP and SAML configuration improvements
- The Convert Target action has now been reimplemented
- Record Pagination has been re-implemented on record views, this was previously known as VCR
- Pre-install page has been redesigned
- Extra validations and checks have been added
- It is now possible to configure action buttons at the field level
Known issues
- Using SAML Authentication when there is no matching CRM account leads to a Login Loop
Backward Incompatible Changes
- APP_SECRET env property is now required
- Move to Symfony runtime
- Migration from annotations to attributes
- Data Providers and Data Persisters have been deprecated
- Graphql Record and RecordList API response structure updated
- Graphql resolver interfaces path has changed
- ExtensionAssetCacheWarmupDecorator has been replaced with an extra cache warmer
- Legacy Session swapping removed
- Symfony Commands now require the usage of AsCommand attribute
- Session injectable dependency replaced with RequestStack
- Authentication configuration has been updated
- SAML dependency replaced and configuration updated
- Usages of Doctrine DBAL execute method have been updated
- Log configurations updates
8.7.1
Bug Fixes
- Contact Email Address not showing in Subpanels
- Change secret field is too short
- Discount Calculation incorrect when changing Currency
- Add check for empty value before searching array
- Item label in dropdown list is not displayed if it contains '<' character
- Workflow action create record on CRON set incorrect date field values from related entity
- Calculated Fields - related field won’t show up as parameter
- change log level according it message
- issue with campaigns displaying a blank email template
- Calendar: Calls still show even using Settings: 'Show Calls' = NO
- Expand the number of filters in message queue views
- Add scrollbars for Toolbox and Layout | Studio
- Use decimal symbol configured in system and user
- Recipient Type [Language]
- Studio | Layout Editor CSS broken
- Users can no longer navigate from the change password screen
- Filter Styling Fixes
- Fix warning and error logging
8.7.0
Bug Fixes
- Fix #62 Add 'show_fullname' option
- Fix #473 Document filename(file) not showing in Subpanels
- Fix #436 - Update log configuration
- Fix #504 - Fix required validation in Email line items field
- Fix validation validation in multienum field
- Update cache config - Use cache.adapter.system for both app and system cache pools
- Fix Enums and MultiEnums on Mass Update
- Fix update logic on create mode
- Fix display logic when swapped between edit and detail
- Fix page refresh when entered on saved filter
- Fix - Close navbar dropdown menu when navigate
- Fix propagation on enter after click search and save
- Fix required validation after field touch
- Fix setting custom datetime
- Add portal enable/disable buttons to record view
Documentation
- LDAP Configuration documentation has been updated
- SAML Configuration documentation has been updated
- New docs: SAML configuration reference - 8.7.0+
- Old docs: SAML configuration reference - 8.2.0+
- 7.14.x to 8.7.0+ Migration documentation has been updated
- Adding Custom Field Actions documentation added