Security Releases
CiviCRM version 5.20.0 is now out and ready to download.
Important Notice: This is a security release. We recommend you immediately upgrade to one of the following versions:
- CiviCRM v5.20.0
- CiviCRM v5.19.4
- CiviCRM v5.13.8 ESR
Below are the security advisories details:
- CIVI-SA-2019-24: CSRF in APIv4 AJAX end point
Bugs resolved in 5.19.4:
There has been a security release for CiviCRM. We recommend you immediately upgrade to one of the following versions:
- CiviCRM v5.19.2
- CiviCRM v5.13.7 ESR
In addition to the security fixes, this release includes several bug fixes.
Below are the security advisories details:
There has been a security release for CiviCRM. We recommend you immediately upgrade to one of the following versions:
- CiviCRM v5.13.4
- CiviCRM v5.7.6 ESR
Below are the security advisories details:
There has been a security release for CiviCRM. We recommend you immediately upgrade to one of the following versions:
- CiviCRM v5.10.3
- CiviCRM v5.7.4 ESR
In addition to the security fixes, this release includes two regression fixes.
Below are the security advisories details:
The latest release of CiviCRM 5.3.1 and 4.6.38 includes security fixes. This is a critical security release, we recommend upgrading to 5.3.1 and 4.6.38 to ensure the security of your site and data as soon as possible.
Please note that 4.6.33, 4.7.26, and 4.7.27 are security releases. All releases include the latest security fixes, and 4.7.27 includes additional bug fixes and enhancements (as a typical monthly release).
Please see below links to the security advisories:
Please note that release 4.7.21 and 4.6.29 are security releases. Please see below links to the security advisories:
All sites are strongly encouraged to upgrade to the latest secure versions of CiviCRM: v4.7.14 and v4.6.24.
