CiviCRM Security Release (5.19.2, 5.13.7 ESR)

2019-11-21 02:41
Written by

There has been a security release for CiviCRM. We recommend you immediately upgrade to one of the following versions:

  • CiviCRM v5.19.2
  • CiviCRM v5.13.7 ESR

In addition to the security fixes, this release includes several bug fixes. 

Below are the security advisories details:


Bugs resolved

  • Member Summary Report - Fix filtering by "Member Since" (dev/core#140615894)
  • Contribution Search - Fix issue with displaying cancellation date (dev/core#139115893)
  • Contribution Search - Fix issue where search criteria were applied inconsistently (dev/core#137415896)
  • Additional Payment Form, Payment API - Calculate "Net Amount" automatically. Remove error-prone field from UI. (dev/core#140915889)


Upgrade now for the most stable CiviCRM experience:


Note: If you use CiviCRM v5.13.7 ESR with the APIv4 extension ("org.civicrm.api4"), you should double-check that your system is running version 4.4.4. In v5.19+, no extra check is necessary.

CiviCRM security announcements are available from and via the CiviCRM Security Notifications email list.


Click thumbs up if you thought this blog post was useful (login to vote or to comment)