Installing security updates

Description

How to install security hotfixes.

Where to find the latest information

Every now and again, security updates (or 'hotfixes') are released. To keep your Plone site secure, you should install these when they come available.

Plone hotfixes are released after timely announcement from the Security Team.

To stay up to date, it is advisable when you are the administrator of a Plone site, to suscribe to the Plone Announce mailing list

This is a very low-volume list. Security updates are also announced via the plone.org website and other channels.

To see which Hotfixes should be applied against which Plone version, you can check the security matrix at plone.org/security/hotfixes

When a new maintenance release is brought out, the previous Hotfixes are incorporated. So if you run Plone 4.3.3 or later, there is no need to install hotfixes. (state: May 2015. Do check the link above if reading at a later date)

How to install

Each security hotfix comes with installation instructions, but in general it is no different than installing any other add-on