Security bulletins released
The 6.2.5 CE, PE and EE versions of DotNetNuke have been released.
These releases fix four security issues. Three of these are rated as “low” and one is rated as a "critical" security issue.
The bulletins can be read at
We would like to thank the following for responsibly disclosing issues to our security team, and allowing us the time to resolve them.
As always we recommend you upgrade as soon as possible, particularly as this release contains a “Critical” fix.
If you're new to upgrading I recommend you read the "detailed installation guide" found here , and the excellent blog entry from Erik here . For users who are running 4.6.2 or above, I recommend you read this blog entry which details how to use the upgrade package to easily merge any web.config changes.
You can read more details about these issues and our security policy here
The opinions expressed here are the opinions of Cathal Connolly, and do not necessarily represent the views and opinions of the DotNetNuke Corporation.