14 February 2015
Contao version 3.2.19 is now available (security release).Upgrading to Contao 3.2.19
Contao 3.2.19 can be upgraded to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply Contao updates as new versions are released, or use Installatron's Clone feature to duplicate an existing Contao install to test the 3.2.19 upgrade prior to applying it live. Get started managing your Contao installations with InstallatronWhat's New in Contao 3.2.19
This bugfix release fixes a directory traversal vulnerability discovered by Arnaud Buchoux of Orange Consulting (see CVE-2015-0269).
The vulnerability allows logged in back end users to view files which are outside their file mounts or the document root. It is, however, not possible to edit these files or to view their content. Upgrading is still highly recommended.
Changelog