Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
C
Core
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
914
Issues
914
List
Boards
Labels
Service Desk
Milestones
Operations
Operations
Incidents
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Development
Core
Commits
08eb0a2b
Commit
08eb0a2b
authored
Apr 16, 2020
by
Seamus Lee
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add in release notes for 5.24.3
parent
bc4b5233
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
46 additions
and
0 deletions
+46
-0
release-notes.md
release-notes.md
+6
-0
release-notes/5.24.3.md
release-notes/5.24.3.md
+40
-0
No files found.
release-notes.md
View file @
08eb0a2b
...
...
@@ -15,6 +15,12 @@ Other resources for identifying changes are:
*
https://github.com/civicrm/civicrm-joomla
*
https://github.com/civicrm/civicrm-wordpress
## CiviCRM 5.24.3
Released April 15, 2020
-
**[Security advisories](release-notes/5.23.3.md#security)**
## CiviCRM 5.24.2
Released April 9, 2020
...
...
release-notes/5.24.3.md
0 → 100644
View file @
08eb0a2b
# CiviCRM 5.24.3
Released April 15, 2020
-
**[Security advisories](#security)**
-
**[Credits](#credits)**
## <a name="synopsis"></a>Synopsis
|
*Does this version...?*
| |
|:--------------------------------------------------------------- |:-------:|
|
**Fix security vulnerabilities?**
|
**yes**
|
| Change the database schema? | no |
| Alter the API? | no |
| Require attention to configuration options? | no |
| Fix problems installing or upgrading to a previous version? | no |
| Introduce features? | no |
| Fix bugs? | no |
## <a name="security"></a>Security advisories
-
**[CIVI-SA-2020-01](https://d8.civicrm.org/advisory/civi-sa-2020-01): Improve Entity Name sanitisation when used as part of API**
-
**[CIVI-SA-2020-02](https://d8.civicrm.org/advisory/civi-sa-2020-02): API Key Disclosure**
-
**[CIVI-SA-2020-03](https://d8.civicrm.org/advisory/civi-sa-2020-03): PHP Code Execution via Phar Deserialization**
-
**[CIVI-SA-2020-04](https://d8.civicrm.org/advisory/civi-sa-2020-04): Cross Site Scripting within CiviCase Reports**
-
**[CIVI-SA-2020-05](https://d8.civicrm.org/advisory/civi-sa-2020-05): SQL Injection in Campaign Summary and Delete Activity**
-
**[CIVI-SA-2020-06](https://d8.civicrm.org/advisory/civi-sa-2020-06): SQLI in Query Builder**
-
**[CIVI-SA-2020-07](https://d8.civicrm.org/advisory/civi-sa-2020-07): CSRF in Scheduled Jobs**
-
**[CIVI-SA-2020-08](https://d8.civicrm.org/advisory/civi-sa-2020-08): XSS via JS libraries**
## <a name="credits"></a>Credits
This release was developed by the following people, who participated in
various stages of reporting, analysis, development, review, and testing:
Cure53; Mozilla Open Source Support (MOSS); Dennis Brinkrolf - RIPS Technologies-;
Kevin Cristiano - Tadpole Collective; Rich Lott - Artful Robot;
Eileen McNaughton - Wikipedia Foundation; Sean Colsen - Left Join Labs;
Mark Burdett - Electronic Frontier Foundation; Patrick Figel - Greenpeace CEE;
Seamus Lee - CiviCRM and JMA Consulting; Tim Otten - CiviCRM;
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment