it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: "CiviCRM" <info AT civicrm.org>
- To: <it-securitynotifies AT lists.piratenpartei.de>
- Subject: [IT-SecNots] CiviCRM Security Release (5.3.1, 4.6.38) - Multiple advisories
- Date: Thu, 19 Jul 2018 14:27:23 -0700
- Job_id: 9859
There has been a security release for CiviCRM. We recommend you immediately upgrade to one of the following versions:
- CiviCRM v4.6.38
- CiviCRM v5.3.1
Read the security advisories for details:
- CIVI-SA-2018-06 Reflected XSS in context parameter
- CIVI-SA-2018-05 Reflected XSS in contact merge screen
- CIVI-SA-2018-03 Reflected XSS in error message
- CIVI-SA-2018-04 SQL injection in custom groups
- CIVI-SA-2018-02 Reflected XSS in reports
- CIVI-SA-2018-01 SQL injection in get-cases AJAX API
A number of other issues have been fixed in these releases, as described in the official announcement. Upgrade now for the most stable CiviCRM experience (https://civicrm.org/download).
CiviCRM security announcements are available from https://civicrm.org/advisory and via the CiviCRM Security Notifications email list.
Click this link to unsubscribe from this mailing list.
Click this link to opt out of all mail from CiviCRM.org.
Our mailing address is:
San Francisco, 94117
United States
United States
- [IT-SecNots] CiviCRM Security Release (5.3.1, 4.6.38) - Multiple advisories, CiviCRM, 19.07.2018
Archiv bereitgestellt durch MHonArc 2.6.19.