Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] CiviCRM 4.6.12/4.7.1/4.4.21 Security Release Announcement - Multiple vulnerabilities

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] CiviCRM 4.6.12/4.7.1/4.4.21 Security Release Announcement - Multiple vulnerabilities


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: "CiviCRM" <info AT civicrm.org>
  • To: <it-securitynotifies AT lists.piratenpartei.de>
  • Subject: [IT-SecNots] CiviCRM 4.6.12/4.7.1/4.4.21 Security Release Announcement - Multiple vulnerabilities
  • Date: Thu, 04 Feb 2016 07:50:06 -0800
  • Job_id: 4834
  • List-archive: <https://service.piratenpartei.de/pipermail/it-securitynotifies>
  • List-id: Sicherheitsankündigungen <it-securitynotifies.lists.piratenpartei.de>
 
 
 
 
 
 
 CiviCRM CiviCRM logo
 
 
 
 
 
 
 
 
 
 
 

This is a notification of a security release for CiviCRM. We recommend you immediately upgrade to a secure version of CiviCRM.

The most recent releases are CiviCRM 4.7.1 or CiviCRM 4.6.12. 4.4.21 LTS has been released also.

Some fixes affecting security were included in CiviCRM 4.6.10 and 4.6.11, but the email announcements which should accompany such releases was omitted. So, we're releasing 4.6.12 to time with a security release window and ensure subscribers get notified.

Read the security advisories for details of the various fixes included in the latest CiviCRM builds:

  • https://civicrm.org/advisory/civi-sa-2015-010-version-information-disclosure
  • https://civicrm.org/advisory/civi-sa-2015-011-reflected-xss-in-error-message
  • https://civicrm.org/advisory/civi-sa-2016-01-path-disclosure
  • https://civicrm.org/advisory/civi-sa-2016-02-access-bypass
  • https://civicrm.org/advisory/civi-sa-2016-03-multiple-vulnerabilties-in-dompdf

A number of other non-security issues have also been fixed in the latest releases. Upgrade now for the most stable CiviCRM experience.

CiviCRM security announcements are available from https://civicrm.org/advisory and via the CiviCRM Security Notifications email list.

CiviCRM.org,

San Francisco, CA 94117
United States

https://civicrm.org/civicrm/mailing/optout?reset=1&jid=4834&qid=644345&h=c0159d882b065c6a


  • [IT-SecNots] CiviCRM 4.6.12/4.7.1/4.4.21 Security Release Announcement - Multiple vulnerabilities, CiviCRM, 04.02.2016

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang