This release fixes a number of medium security issues, which were recently discovered and reported to the Revive Adserver Project team, some via direct community feedback, but mostly via the Revive Adserver HackerOne project (which is the reason for the relatively large number of security issues resolved in this release).
We strongly advise users to upgrade to the most recent version 3.2.2 of Revive Adserver. This also includes any user running any version of OpenX Source or older versions of the application, which may also be vulnerable to the security issues fixed in this release. Please review our Security Advisory for the details.
Download, install and upgrade
Once downloaded, please refer to the instructions for Installations of Revive Adserver or for Upgrading Revive Adserver. Make sure that the server(s) being used meet(s) the minimum technical requirements.
The Revive Adserver Project Team wish to thank all community & HackerOne members for their contributions – the details can be found in the Security Advisory.
If you come across any other security issues, or suspects that a vulnerability exists, please see our page on reporting security issues.