CiviCRM 5.48.0, 5.47.4, 5.45.5 ESR Security Release
Published
2022-04-07 06:30
There has been a security release for CiviCRM. Upgrades are available for:
Security Releases
CiviCRM 5.47.2, 5.46.3, 5.45.4 ESR Security Release
Published
2022-03-17 04:00
There has been a security release for CiviCRM. Upgrades are available for:
CiviCRM 5.35.2, 5.36.1 Security Release (and ESR 5.33.5)
Published
2021-04-21 16:12
CiviCRM 5.35.1 Security Release (and ESR 5.33.3)
Published
2021-03-17 23:11
CiviCRM 5.28.1 Security Release (and ESR 5.27.5)
Published
2020-08-19 16:00
CiviCRM 5.24.3 Security Release (and ESR 5.21.3)
Published
2020-04-15 15:00
CiviCRM 5.20 Security Release (and 5.19.4, 5.13.8 ESR)
Published
2019-12-04 13:38
CiviCRM version 5.20.0 is now out and ready to download.
Important Notice: This is a security release. We recommend you immediately upgrade to one of the following versions:
- CiviCRM v5.20.0
- CiviCRM v5.19.4
- CiviCRM v5.13.8 ESR
Below are the security advisories details:
- CIVI-SA-2019-24: CSRF in APIv4 AJAX end point
Bugs resolved in 5.19.4:
CiviCRM Security Release (5.19.2, 5.13.7 ESR)
Published
2019-11-21 02:41
There has been a security release for CiviCRM. We recommend you immediately upgrade to one of the following versions:
- CiviCRM v5.19.2
- CiviCRM v5.13.7 ESR
In addition to the security fixes, this release includes several bug fixes.
Below are the security advisories details:
CiviCRM Security Release (5.13.4, 5.7.6 ESR, API v.4)
Published
2019-05-16 04:17
There has been a security release for CiviCRM. We recommend you immediately upgrade to one of the following versions:
- CiviCRM v5.13.4
- CiviCRM v5.7.6 ESR
Below are the security advisories details:
CiviCRM Security Release (5.10.3, 5.7.4 ESR)
Published
2019-02-21 04:01
There has been a security release for CiviCRM. We recommend you immediately upgrade to one of the following versions:
- CiviCRM v5.10.3
- CiviCRM v5.7.4 ESR
In addition to the security fixes, this release includes two regression fixes.
Below are the security advisories details:
Announcing CiviCRM 5.3.1 and 4.6.38 Security Release
Published
2018-07-19 06:16
The latest release of CiviCRM 5.3.1 and 4.6.38 includes security fixes. This is a critical security release, we recommend upgrading to 5.3.1 and 4.6.38 to ensure the security of your site and data as soon as possible.
Security release: CiviCRM 4.7.26 and 4.6.33. Monthly release 4.7.27
Published
2017-11-01 11:34
CiviCRM 4.7.26, 4.6.33 and 4.7.27
Please note that 4.6.33, 4.7.26, and 4.7.27 are security releases. All releases include the latest security fixes, and 4.7.27 includes additional bug fixes and enhancements (as a typical monthly release).
Please see below links to the security advisories:
Security release: CiviCRM 4.7.21 and 4.6.29
Published
2017-07-06 09:39
CiviCRM 4.7.21 and 4.6.29
Please note that release 4.7.21 and 4.6.29 are security releases. Please see below links to the security advisories:
Security releases: 4.7.14 and 4.6.24
Published
2016-12-07 12:59
All sites are strongly encouraged to upgrade to the latest secure versions of CiviCRM: v4.7.14 and v4.6.24.
Announcing CiviCRM 4.6.16 and 4.7.7 Security Release
Published
2016-05-03 23:17
The latest release of CiviCRM 4.6 and 4.7 includes security fixes. We recommend upgrading to 4.7.7 or 4.6.16 to ensure the security of your site and data. The latest releases include 2 moderately critical fixes. A number of other non-security issues have also been fixed in the latest releases.
Announcing CiviCRM 4.6.9 Security Release
Published
2015-10-07 03:34
The team is super excited to announce that CiviCRM 4.6.9 is now available for downloading AND you can try it out on the 4.6 demo site.
The latest release of CiviCRM 4.6 includes security fixes. While this issue is unlikely to affect the average CiviCRM site, it is recommended to upgrade to the latest version to keep your site as secure as possible.
CiviCRM 4.6.8 Released with Important ACL bugfix
Published
2015-08-25 18:36
If you are currently using 4.6.7 and your site uses ACLs to segment access to contacts you are strongly encouraged to upgrade. The 4.6.7 release included a regression in the ACL system which caused certain contact access permissions to behave improperly. The 4.4 LTS branch was unaffected.
Security Releases 4.4.19, 4.6.7
Published
2015-08-19 12:06
The latest releases of CiviCRM 4.6 and 4.4 LTS include 2 moderately critical security fixes. While these issues are unlikely to affect the average CiviCRM site, it is recommended to upgrade to the latest version to keep your site as secure as possible.
Have you been using IATS with CiviCRM for a loooong time? If so read this
Published
2015-07-28 15:56
IATS has been a payment processor extension with CiviCRM for quite a while and has been actively developed & supported. If you are using the IATS extension you can say a quiet thank you to Alan, Karin & Stephen & stop reading.
Security Releases 4.4.13, 4.5.7
Published
2015-03-04 11:45
An important security update is being released for both the latest version of CiviCRM and the long-term-support version. We recommend you upgrade immediately to maintain the security of your site.
For more information on the security issues see:
Security Releases 4.4.11, 4.5.5
Published
2014-12-17 10:19
The team is pleased to announce the fifth stable release of the incredible CiviCRM 4.5 series. These release include a security fix and a number of other improvements.
The security issue only affects sites using the CiviCase component. Read the security announcement for details.
Security Releases: 4.4.7, 4.3.9, 4.2.19
Published
2014-09-17 12:27
There has been a security advisory for CiviCRM. We recommend you immediately upgrade to one of the following versions:
Read the security advisories for details:
Security Releases: 4.4.6, 4.2.17(LTS)
Published
2014-07-01 17:14
There has been a security advisory for CiviCRM. We recommend you immediately upgrade to one of the following versions:
Read the security advisories for details:
SECURITY Release 4.4.4, 4.2.15 (LTS)
Published
2014-02-06 11:57
There has just been a security advisory for CiviCRM. We recommend you immediately upgrade to one of the following newly released versions:
SECURITY Releases: CiviCRM 4.2.13, 4.3.8, 4.4.1
Published
2013-11-06 15:12
A moderately critical security issue has just been fixed in CiviCRM. We recommend you immediately upgrade to one of the following newly released versions:
Read the following security announcement for details:
SECURITY Releases: CiviCRM 4.2.12, 4.3.7, 4.4.beta4
Published
2013-10-02 06:07
A critical security issue has just been fixed in CiviCRM. For the safety of your CiviCRM data you should immediately upgrade to one of the following newly released versions:
4.2.10 LTS release
Published
2013-07-29 15:10
About 4.2.10 LTS
The community of developers and implementers is proud to announce the 4.2.10 LTS release of CiviCRM. LTS stands for "long term support" and the purpose of this release is three fold:
1. To provide bug and security fixes to those who are not ready to upgrade to CiviCRM 4.3 just yet
2. To increase the reliability of an existing CiviCRM release
SECURITY Release: CiviCRM 4.3.5
Published
2013-07-08 12:56
Announcing the 6th stable release of CiviCRM 4.3, containing small bug fixes and two minor security updates to make your CRM more stable and secure.
This is a security release. You should upgrade your site immediately. If you are unable to do so, read the following security bulletins for alternate instructions for securing your site:
SECURITY Fixes in 4.3.5:
SECURITY Release: CiviCRM 4.3.4
Published
2013-06-10 09:57
Today marks the 5th stable release of CiviCRM 4.3. The CiviCRM community has truly rallied to make 4.3 the most reliable and feature-rich version yet - over 60 people contributed patches and testing to 4.3.4 alone.
This is a security release. You should upgrade your site immediately. If you are unable to do so, read the following security bulletins for alternate instructions for securing your site:
SECURITY Fixes in 4.3.4:
CiviCRM security releases since 3.1 - quick reference list
Published
2013-06-05 10:04
Recently I was asked to compile a list of all CiviCRM releases since 3.1.0, identifying which were security releases so that we could make sure clients' sites were secure. The organization I work for (Freeform Solutions) is focused on doing sites for other non-profit organizations, many of whom are still running older versions of CiviCRM due to budgetary or other constraints, so we wanted to be sure that no one was running a version known to contain security vulnerabilities.
