Blog

Important patch releases for your CKAN site

Please upgrade to CKAN 2.8.12 and CKAN 2.9.7 to patch important vulnerabilities

03-oct2022-new-patch-releases-BLOG.png

We are happy to announce that the new patch releases for CKAN 2.9.x and 2.8.x are now available to download and install. Note that following our revised release policy, this will be the last patch release on the 2.8.x line.

These patch releases are particularly important to apply as they address a vulnerability in user registration (CVE-2022-43685), so users should upgrade as soon as possible to the latest patch release for the CKAN version they are using.

Patch release upgrades are very straight-forward and do not contain any backwards incompatible changes or involve any change in the database or Solr schema.

For more details, check the CHANGELOG for the relevant version:

In case of doubt don't hesitate to ask for help. To discuss security related issues please email security@ckan.org. Otherwise you can ask your questions in the Discussions or the Gitter channel. As stated in the release policy, the latest patch release is the only one officially supported. For details on how to upgrade, see the following links depending on your install method:
More posts
CKAN featured photo
In Category on 10 Feb 2026

CKAN Turns 20: Two Decades of Open Data Infrastructure

CKAN turns 20. Explore how an open-source experiment became global data infrastructure, powering governments, research, and public-interest data worldwide.

POSE team
In Category on 26 Jan 2026

CKAN at 20: What the Community Says Matters Most Now (recap fom CKAN Monthly Live #39)

A recap of CKAN Monthly Live #39 covering POSE Phase II updates, the two upcoming storytelling workshops, a preview of the CKAN Ecosystem Catalog, and how the community can plug into CKAN@20 anniversary activities in 2026.

Connect with CKAN