A moderately critical security issue has just been fixed in CiviCRM. We recommend you immediately upgrade to one of the following newly released versions:

Read the following security announcement for details:

A critical security issue has just been fixed in CiviCRM. For the safety of your CiviCRM data you should immediately upgrade to one of the following newly released versions:

About 4.2.10 LTS


The community of developers and implementers is proud to announce the 4.2.10 LTS release of CiviCRM.  LTS stands for "long term support" and the purpose of this release is three fold:

1. To provide bug and security fixes to those who are not ready to upgrade to CiviCRM 4.3 just yet

2. To increase the reliability of an existing CiviCRM release

Announcing the 6th stable release of CiviCRM 4.3, containing small bug fixes and two minor security updates to make your CRM more stable and secure.

This is a security release. You should upgrade your site immediately. If you are unable to do so, read the following security bulletins for alternate instructions for securing your site:

SECURITY Fixes in 4.3.5:

Today marks the 5th stable release of CiviCRM 4.3. The CiviCRM community has truly rallied to make 4.3 the most reliable and feature-rich version yet - over 60 people contributed patches and testing to 4.3.4 alone.

This is a security release. You should upgrade your site immediately. If you are unable to do so, read the following security bulletins for alternate instructions for securing your site:

SECURITY Fixes in 4.3.4:

Recently I was asked to compile a list of all CiviCRM releases since 3.1.0, identifying which were security releases so that we could make sure clients' sites were secure. The organization I work for (Freeform Solutions) is focused on doing sites for other non-profit organizations, many of whom are still running older versions of CiviCRM due to budgetary or other constraints, so we wanted to be sure that no one was running a version known to contain security vulnerabilities.

IMPORTANT: You do NOT need to upgrade CiviCRM to remove this vulnerability. See "Prevent Attacks: Delete the Vulnerable File" below.

The team is excited to announce the seventh release of 4.2 stable with support for Drupal 7, Joomla 2.5 and WordPress 3.3.

We strongly recommend that all sites upgrade their CiviCRM code to this release if you are using previous version of 4.2. There have been significant (75+) bug fixes, including two security fixes, since the last stable release of 4.2. You can download the release from SourceForge, and you can also test drive the release on each platform using the public demos:

The team is excited to announce the fifth release of 4.2 stable with support for Drupal 7, Joomla 2.5 and WordPress 3.x

CiviCRM 3.4.4 and 4.0.4 has just been released and both are available for download. This release fixes security vulnerabilities in the 3.4.3 / 4.0.3 release, helping to harden your system. We recommend you upgrade immediately to realize these improvements. You can also try them out on the public demos: Drupal 6 / Drupal 7 and Joomla 1.5 / Joomla 1.6 sites. The newest CiviCRM versions are:

  • 4.0.4 for Drupal 7 and Joomla 1.6
  • 3.4.4 for Drupal 6 and Joomla 1.5