We know that many Crowd customers plan upgrades carefully and may not be able to move to every feature release as soon as it becomes available. Staying on older versions for longer can increase security risk, because today Crowd security fixes are provided for the latest feature release only. To give customers a more predictable and secure upgrade path, we’re making Crowd 7.2 a Long Term Support (LTS) release.
This means Crowd 7.2 will continue to receive eligible security fixes for two years from its release, giving you a stable version to standardize on while you plan your next upgrade.
Our current security bugfix policy says we will provide a bug fix release only for the latest feature release.
With Crowd 7.2 designated as an LTS release, we will continue fixing security vulnerabilities in that version until May 15, 2028, even if a newer feature version is released.
For example, if a new vulnerability is discovered after Crowd 8.0 is released, we will fix it in both Crowd 8.x and Crowd 7.2.
At the same time, we won’t be changing the support status of older Crowd versions or expanding security fixes to every previous feature release. If you’re on an earlier version, we recommend planning an upgrade to Crowd 7.2 LTS to stay on a version that will continue receiving eligible security fixes.
We hope this change helps you plan upgrades with more confidence, align Crowd updates with your internal change windows, and keep your Crowd environments secure for longer.
Feel free to share any questions or comments below.
Best,
The Crowd team
Michal Samujlo
1 comment