Security

CiviCRM Security Release (5.19.2, 5.13.7 ESR)

Published
2019-11-21 02:41
Written by

There has been a security release for CiviCRM. We recommend you immediately upgrade to one of the following versions:

  • CiviCRM v5.19.2
  • CiviCRM v5.13.7 ESR

In addition to the security fixes, this release includes several bug fixes. 

Below are the security advisories details:

CiviCRM Security Release (5.10.3, 5.7.4 ESR)

Published
2019-02-21 04:01
Written by

There has been a security release for CiviCRM. We recommend you immediately upgrade to one of the following versions:

 

  • CiviCRM v5.10.3
  • CiviCRM v5.7.4 ESR

In addition to the security fixes, this release includes two regression fixes. 

Below are the security advisories details:

Why CiviCRM Long Term Support (LTS) is important

Published
2018-04-26 12:26
Written by

Long Term Support (LTS) releases of CiviCRM are versions that are maintained for use by organizations for multi-year periods of time. The first official version of CiviCRM released as a LTS was version 4.4 and announced in October of 2014. 4.4 was the official LTS version until CiviCRM 4.7 was released, at which point version 4.6 was officially designated as the new LTS.

Custom Permission Access Module For Multi-Level Organization

Published
2017-09-22 07:03
Written by

When implementing the constituent relationship management solution for one of the biggest political organizations, we had to find a way to tailor the CiviCRM security model to the needs of a country-wide hierarchically structured organization.

Email Authentication – SPF, DKIM, DMARC

Published
2017-01-27 04:30
Written by

email imageWhen email was first designed, security was not considered important and up until fairly recently it was still possible to send an email from any address and get away with it.

Announcing CiviCRM 4.6.16 and 4.7.7 Security Release

Published
2016-05-03 23:17
Written by

The latest release of CiviCRM 4.6 and 4.7 includes security fixes. We recommend upgrading to 4.7.7 or 4.6.16 to ensure the security of your site and data. The latest releases include 2 moderately critical fixes. A number of other non-security issues have also been fixed in the latest releases.

Release Policy and New Release Candidates

Published
2014-09-09 19:32
Written by

We’ve been having some discussions among the folks who triage security issues, who publish new releases, and who maintain backports. We'll update the policy beginning with the upcoming 4.4.7 release (and related 4.2.19 and 4.3.9 releases).