it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: "CiviCRM" <info AT civicrm.org>
- To: <it-securitynotifies AT lists.piratenpartei.de>
- Subject: [IT-SecNots] CiviCRM Security Release (5.65, 5.64, 5.63-ESR)
- Date: Wed, 06 Sep 2023 18:25:43 -0700
- Authentication-results: mail.piratenpartei.de; dkim=pass header.d=civicrm.org header.s=scph1222 header.b=fpttVtM4; spf=pass (mail.piratenpartei.de: domain of "msprvs1=19614cTstljZB=bounces-14158 AT notification.civimail.org" designates 147.253.222.182 as permitted sender) smtp.mailfrom="msprvs1=19614cTstljZB=bounces-14158 AT notification.civimail.org"; dmarc=pass (policy=quarantine) header.from=civicrm.org
- Job_id: 13682
- List-id: <spceu.14158.0.sparkpostmail.com>
There has been a security release for CiviCRM (announcement). Upgrades are available for:
- CiviCRM v5.65.0 (download, release notes)
- CiviCRM v5.64.4 (download, release notes)
- CiviCRM v5.63.4 ESR (info, download, release notes)
These upgrades address the following security issue:
- CIVI-SA-2023-07: Smarty Math (Remote Code Execution)
- CIVI-SA-2023-08: KCFinder (Cross-Site Scripting)
- CIVI-SA-2023-09: GetFields (SQL Injection)
- CIVI-SA-2023-10: Multiple Potential (SQL Injections)
- CIVI-SA-2023-11: Select2 (Cross-Site Scripting)
- CIVI-SA-2023-12: jQuery Validation (Denial of Service)
- CIVI-SA-2023-13: Survey (Cross-Site Scripting)
- CIVI-SA-2023-14: Contact Image (Cross-Site Request forgery)
- CIVI-SA-2023-15: CiviEvent (Cross-Site Scripting)
Click this link to unsubscribe from this mailing list.
Click this link to opt out of all mail from CiviCRM.org.
Our mailing address is:
1350 Ortega St
San Francisco, California 94122
United States
San Francisco, California 94122
United States
- [IT-SecNots] CiviCRM Security Release (5.65, 5.64, 5.63-ESR), CiviCRM, 07.09.2023
Archiv bereitgestellt durch MHonArc 2.6.24.