<div dir="ltr">
<p>Hello colleagues,<br></p><p>The Evergreen community is pleased to announce the release of Evergreen 3.6.3 and 3.5.4, both available from the <a href="https://evergreen-ils.org/egdownloads/" target="_blank">downloads page</a>.</p><p><b>THESE RELEASES CONTAIN A SECURITY UPDATE. All Evergreen sites should upgrade as soon as possible.</b></p><p>These releases fix a <a href="https://bugs.launchpad.net/evergreen/+bug/1902965" target="_blank">critical cross-site scripting (XSS) vulnerability</a>.
A very special thanks to James Fournie for identifying the issue; Jeff
Davis, Jason Boyer, and Galen Charlton for creating the patch; and Jason
Stephenson for testing and other work on this bug.<br></p><p>All of
these new releases contain additional bug fixes unrelated to the
security issue. For more information on the changes in these releases,
please consult their release notes:</p><ul><li><a href="https://evergreen-ils.org/documentation/release/RELEASE_NOTES_3_5.html" target="_blank">3.5.4</a></li><li><a href="https://evergreen-ils.org/documentation/release/RELEASE_NOTES_3_6.html" target="_blank">3.6.3</a></li></ul> -The 3.5.4 and 3.6.3 release teams<font color="#888888"><br clear="all"></font>
<br clear="all"><br>-- <br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr">Jane Sandberg<br>Electronic Resources Librarian<br>Linn-Benton Community College<br><a href="mailto:sandbej@linnbenton.edu" target="_blank">sandbej@linnbenton.edu</a> / 541-917-4655<br><div>Pronouns: she/her/hers</div><div><br></div><div>Library instagram: <a href="https://www.instagram.com/lbcc_library/" target="_blank">@lbcc_library</a><br></div></div></div></div>