Skip to content

Apache CloudStack 4.20.1.0 (LTS)

Latest
Latest
Compare
Choose a tag to compare
@Pearl1594 Pearl1594 released this 10 Jun 14:51
· 174 commits to main since this release
4.20.1.0
c61a5eb

Apache CloudStack 4.20 maintenance release

Release notes: https://docs.cloudstack.apache.org/en/4.20.1.0/releasenotes
Installation docs: https://docs.cloudstack.apache.org/en/4.20.1.0/installguide
Upgrade docs: https://docs.cloudstack.apache.org/en/4.20.1.0/upgrading
Admin docs: https://docs.cloudstack.apache.org/en/4.20.1.0/adminguide
API docs: https://cloudstack.apache.org/api/apidocs-4.20

This LTS release includes fixes for the following security issues:

  • CVE-2025-26521: CKS cluster in project exposes user API keys
  • CVE-2025-30675: Unauthorised template/ISO list access to the domain/resource admins
  • CVE-2025-47713: Domain Admin can reset Admin password in Root Domain
  • CVE-2025-47849: Insecure access of user's API/Secret Keys in the same domain
  • CVE-2025-22829: Unauthorised access to dedicated resources in Quota plugin

Advisory: https://cloudstack.apache.org/blog/cve-advisories-4.19.3.0-4.20.1.0

Assets 2
Loading