it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: "CiviCRM" <info AT civicrm.org>
- To: <it-securitynotifies AT lists.piratenpartei.de>
- Subject: [IT-SecNots] CiviCRM Security Release (4.6.29, 4.7.21) - Multiple advisories
- Date: Thu, 06 Jul 2017 18:14:02 -0700
- Job_id: 8511
There has been a security release for CiviCRM. We recommend you immediately upgrade to one of the following versions:
- CiviCRM v4.6.29
- CiviCRM v4.7.21
Read the security advisories for details:
- CIVI-SA-2017-01 Pingback URL not encrypted
- CIVI-SA-2017-02 Privilage escalation via leaked key
- CIVI-SA-2017-03 Cross site scripting in the recently viewed block
- CIVI-SA-2017-04 Incorrect escaping for "On Behalf Of" block
- CIVI-SA-2017-05 Incorrect escaping for "Search Results" column
- CIVI-SA-2017-06 Incorrect escaping in Drupal Views integration
- CIVI-SA-2017-07 Insufficient permission-check in mailing report
- CIVI-SA-2017-08 Upgrade multiple JS libraries
A number of other issues have been fixed in these releases, as described in the official announcement. Upgrade now for the most stable CiviCRM experience (https://civicrm.org/download).
CiviCRM security announcements are available from https://civicrm.org/advisory and via the CiviCRM Security Notifications email list.
Click this link to unsubscribe from this mailing list.
Click this link to opt out of all mail from CiviCRM.org.
Our mailing address is:
San Francisco, California 94117
United States
United States
- [IT-SecNots] CiviCRM Security Release (4.6.29, 4.7.21) - Multiple advisories, CiviCRM, 07.07.2017
Archiv bereitgestellt durch MHonArc 2.6.19.