14 October 2008
Crowd 1.2.4 is a recommended upgrade which fixes a parameter injection vulnerability, as described in the security advisory. Please refer to the advisory for details of the security vulnerability, risk assessment and mitigation strategies.
The latest version of Crowd, at the time of these release notes, is Crowd 1.5.1. The previous public release of Crowd 1.2.x was version 1.2.2. Version 1.2.3 was an internal release. We are supplying version 1.2.4 as an upgrade for versions 1.2.x, to fix the security vulnerability.
Don't have Crowd 1.5 yet?
Take a look at the new features and other highlights in the Crowd 1.5 Release Notes. And of course, Crowd 1.5.1 also includes the features of Crowd 1.3 and Crowd 1.4.