Safety vulnerability ID: 40130
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Nemo 3.6.0 updates its dependency 'cryptography' to v3.2 to include a security fix.
Latest version: 6.0.3
NEMO is a laboratory logistics web application. Use it to schedule reservations, control tool access, track maintenance issues, and more.
New Features
* Added a new setting in customization to display current time indicator in the calendar
* Added "dropdown" type for tool post usage questions
* Added "group" type post usage question. This allows to create groups of questions that can be repeated. For example when a user uses multiple processes on a tool, and we want to collect information about each one. More details can be found on the feature manual.
* Added "Usage Data History" tab in tool control, which displays the history of answers to post usage questions. The data can also be exported to CSV.
* Added Tool usage counters:
* They are counters linked to a "number" type post usage question and keep a running total of some user inputs.
* They can be added in the detailed administration and NEMO will check that the post usage question exists in the corresponding tool (with the correct type)
* Counters are displayed in the tool summary page.
* Counters can be reset by staff members. A comment will be added to the tool and an email will be sent to LAB_MANAGERS if that setting is enabled.
* For example you can use it to keep track of total etch time for maintenance purposes etc.
* Added Physical Access Exceptions which allows to set specific exceptions when access levels will be denied. This can be used for holiday closures, understaffed times etc.
Improvements
* Area reservations can now be extended even while user is logged in the area (but not moved or cancelled).
* Updated calendar area login/logout buttons to be shown only when relevant (instead of being grayed out if a tool is selected for instance)
* Updated billing/usage search to use Bootstrap date picker instead of pickadate
* Updated validation on post usage questions to check that consumable exists with the correct name, and that required attributes are provided
* Added management commands to run timed services. (you can now use manage.py or django-admin to run timed services actions)
* Added keypad for answering post usage questions of type number (only on Kiosk)
Bug Fixes
* Fixed a error when using the search feature in physical access log (in Detailed Administration)
* Fixed excessive load time when selecting a reservation in Detailed Administration
* Fixed 43 unique constraint violation in Postgres, thanks to bpedersen2
Security
* Updated dependency version of cryptography library (due to vulnerability in previous version)
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application