Revive Adserver v3.2.2 Released – Security Fix

Revive Adserver logoRevive Adserver v3.2.2 is now available.

This release fixes a number of medium security issues, which were recently discovered and reported to the Revive Adserver Project team, some via direct community feedback, but mostly via the Revive Adserver HackerOne project (which is the reason for the relatively large number of security issues resolved in this release).

We strongly advise users to upgrade to the most recent version 3.2.2 of Revive Adserver. This also includes any user running any version of OpenX Source or older versions of the application, which may also be vulnerable to the security issues fixed in this release. Please review our Security Advisory for the details.

Download, install and upgrade

Revive Adserver v3.2.2 is available for download now.

Once downloaded, please refer to the instructions for Installations of Revive Adserver or for Upgrading Revive Adserver. Make sure that the server(s) being used meet(s) the minimum technical requirements.

Community contribution

The Revive Adserver Project Team wish to thank all community & HackerOne members for their contributions – the details can be found in the Security Advisory.

If you come across any other security issues, or suspects that a vulnerability exists, please see our page on reporting security issues.

Written by

Revive Adserver is an open source project, dedicated to building and supporting the open source ad server software and the community of users around the world.

4 thoughts on “Revive Adserver v3.2.2 Released – Security Fix

    • Hi Francesco,

      Since this was a security release, it is best for it to only contain security related changes to avoid unexpected and potentially undesired regressions when rushing to upgrade a vulnerable instance.

      Best regards, Matteo

Comments are closed.