14 October 2008
Crowd 1.4.7 is a recommended upgrade which fixes a parameter injection vulnerability, as described in the security advisory. Please refer to the advisory for details of the security vulnerability, risk assessment and mitigation strategies.
The latest version of Crowd, at the time of these release notes, is Crowd 1.5.1. The previous public release of Crowd 1.4.x was version 1.4.4. Versions 1.4.5 and 1.4.6 were internal releases. We are supplying version 1.4.7 as an upgrade for versions 1.4.x, to fix the security vulnerability.
Don't have Crowd 1.5 yet?
Take a look at the new features and other highlights in the Crowd 1.5 Release Notes.