Published
Thursday, November 21, 2019 - 02:41
Written by

There has been a security release for CiviCRM. We recommend you immediately upgrade to one of the following versions:

  • CiviCRM v5.19.2
  • CiviCRM v5.13.7 ESR

In addition to the security fixes, this release includes several bug fixes. 

Below are the security advisories details:

 

Bugs resolved

  • Member Summary Report - Fix filtering by "Member Since" (dev/core#140615894)
  • Contribution Search - Fix issue with displaying cancellation date (dev/core#139115893)
  • Contribution Search - Fix issue where search criteria were applied inconsistently (dev/core#137415896)
  • Additional Payment Form, Payment API - Calculate "Net Amount" automatically. Remove error-prone field from UI. (dev/core#140915889)

 

Upgrade now for the most stable CiviCRM experience:

 

Note: If you use CiviCRM v5.13.7 ESR with the APIv4 extension ("org.civicrm.api4"), you should double-check that your system is running version 4.4.4. In v5.19+, no extra check is necessary.
 

CiviCRM security announcements are available from https://civicrm.org/advisory and via the CiviCRM Security Notifications email list.