Released January 4, 2023
| Does this version...? | |
|---|---|
| Change the database schema? | no |
| Alter the API? | no |
| Require attention to configuration options? | no |
| Fix problems installing or upgrading to a previous version? | no |
| Introduce features? | no |
| Fix bugs? | no |
| Fix security vulnerabilities? | yes |
- CIVI-SA-2023-01: RCE via Help Subsystem
- CIVI-SA-2023-02: XSS via CiviEvent
- CIVI-SA-2023-03: XSS via Asset Builder
This release was developed by the following authors and reviewers:
Wikimedia Foundation - Eileen McNaughton; John Kingsnorth; JMA Consulting - Seamus Lee; CiviCRM - Tim Otten; Artful Robot - Rich Lott
These release notes are edited by Tim Otten and Andie Hunt. If you'd like to
provide feedback on them, please login to https://chat.civicrm.org/civicrm and
contact @agh1.