Kirby 3 & 4 Security Releases

bastianallgeier · February 26, 2024, 11:08am

Hey everyone,

we received reports of three potential vulnerabilities in the Panel and decided to release fixes today in 4.1.1 https://github.com/getkirby/kirby/releases/tag/4.1.1

All three vulnerabilities are a risk if you cannot trust your group of Panel users.

We’ve also updated our docs on the Markdown safe mode after discovering a few problems there: https://getkirby.com/docs/guide/templates/escaping#escaping-data-in-templates-and-snippets__escaping-kirbytext

We are also providing patches for Kirby 3:

3.10.0.1: https://github.com/getkirby/kirby/releases/tag/3.10.0.1
3.9.8.1: https://github.com/getkirby/kirby/releases/tag/3.9.8.1
3.8.4.3: https://github.com/getkirby/kirby/releases/tag/3.8.4.3
3.7.5.4: https://github.com/getkirby/kirby/releases/tag/3.7.5.4
3.6.6.5: https://github.com/getkirby/kirby/releases/tag/3.6.6.5

chrtz · February 26, 2024, 11:58am

I might have noticed a little (not so important) bug in the latest 3.10.0.1 update – in panel/system it will show Free update 3.10.0 available, like it did on Kirby versions below 3.10.0.
AFAIK below v.4 is now in support updates only phase, this isn’t critical at all.

splorp · March 16, 2024, 8:59pm

Just noticed that neither 3.10.0 or 3.10.0.1 appear listed on the Kirby releases page.

texnixe · March 16, 2024, 9:35pm

Thanks, @splorp, added.

splorp · March 16, 2024, 10:03pm

Thanks, Sonja!

Topic		Replies	Views
Kirby 3.3.6 - security release Releases 🚀	2	533	May 29, 2020
Security announcement Kirby 3	4	590	August 24, 2022
Kirby 2.5.7 — Important Security Release	3	885	November 13, 2017
Kirby 3.3.0-rc.3 is here! Releases 🚀	4	454	October 29, 2019
Kirby 3.2.4 is here! Releases 🚀	1	558	September 3, 2019

Kirby 3 & 4 Security Releases

Related Topics