it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: "CiviCRM" <info AT civicrm.org>
- To: <it-securitynotifies AT lists.piratenpartei.de>
- Subject: [IT-SecNots] CiviCRM Security Release (4.6.24, 4.7.14) - Multiple advisories
- Date: Wed, 07 Dec 2016 14:01:09 -0800
- Job_id: 7383
There has been a security release for CiviCRM. We recommend you immediately upgrade to one of the following versions:
- CiviCRM v4.6.24
- CiviCRM v4.7.14
Read the security advisories for details:
- CIVI-SA-2016-19 Order By clause in API not properly being validated
- CIVI-SA-2016-20 Lack of validation on contact ids when using apiQuery function
- CIVI-SA-2016-21 Incorrect Escaping of custom group name in CiviCase
- CIVI-SA-2016-22 Profile Permission check by-passes in Wordpress
- CIVI-SA-2016-23 Unescaped html in entity reference fields
A number of other issues have been fixed in these releases, as described in the official announcement. Upgrade now for the most stable CiviCRM experience (https://civicrm.org/download).
CiviCRM security announcements are available from https://civicrm.org/advisory and via the CiviCRM Security Notifications email list.
Click this link to unsubscribe from this mailing list.
Click this link to opt out of all mail from CiviCRM.org.
Our mailing address is:
San Francisco, California 94117
United States
United States
- [IT-SecNots] CiviCRM Security Release (4.6.24, 4.7.14) - Multiple advisories, CiviCRM, 07.12.2016
Archiv bereitgestellt durch MHonArc 2.6.19.