The latest release of CiviCRM 4.6 and 4.7 includes security fixes. We recommend upgrading to 4.7.11 or 4.6.21 to ensure the security of your site and data. The latest releases include 9 security fixes and improvements. A number of other non-security issues have also been fixed in the latest releases.
To determine the impact of security fixes and improvements on your system, please review these advisories:
The September 7th release includes a few changes which may be particular notable for upgrades:
Community support and engagement is the force that sustains and drives CiviCRM forward. This release would not have been possible without the incredible contributions of many people. For the September 7th release, special thanks go to:
For a list of other contributors who have participated in the 4.7 cycle, see the previous release announcements.
Along with this and other exciting new features, this release includes 50+ fixes and minor improvements.
If you are installing CiviCRM 4.7 from scratch, please use the corresponding automated installer instructions:
Authorize.net users:: Prior to 4.7, CiviCRM forced Authorize.net to send out receipt emails regardless of Authorize.net configuration. From 4.7 onwards this will not happen and you should log into your Authorize.net interface and configure whether you want Authorize.net to send out receipts (in addition to those sent by CiviCRM).
Lybunt report users:: Some fields that were previously mandatory on Lybunt are now optional. On new reports they are on by default but you might need to check the fields you want are selected for existing reports.
If your site is highly customized with special code or theming for CiviCRM you will want to upgrade a test copy first and test your customizations. For everyone else, follow these simple steps to get yourself up and running with 4.7.