# CiviCRM 5.19.4 Released December 4, 2019 - **[Synopsis](#synopsis)** - **[Bugs resolved](#bugs)** - **[Credits](#credits)** - **[Feedback](#feedback)** ## <a name="synopsis"></a>Synopsis | *Does this version...?* | | |:--------------------------------------------------------------- |:-------:| | **Fix security vulnerabilities?** | **yes** | | Change the database schema? | no | | Alter the API? | no | | Require attention to configuration options? | no | | Fix problems installing or upgrading to a previous version? | no | | Introduce features? | no | | **Fix bugs?** | **yes** | ## <a name="security"></a>Security advisories - **[CIVI-SA-2019-24](https://civicrm.org/advisory/civi-sa-2019-24-csrf-in-apiv4-ajax-end-point): Cross-site request forgery in APIv4 AJAX endpoint** ## <a name="bugs"></a>Bugs resolved * **_Event Search_: Fix name badge generation from Event Search ([dev/core#1422](https://lab.civicrm.org/dev/core/issues/1422): [#15984](https://github.com/civicrm/civicrm-core/pull/15984))** * **_Smart Groups_: Fix filtering on certain custom-fields (non-date fields) ([#15977](https://github.com/civicrm/civicrm-core/pull/15977))** * **_Membership/Participant Tabs_: Fix excessive display of related contributions ([dev/core#1435](https://lab.civicrm.org/dev/core/issues/1435): [#16013](https://github.com/civicrm/civicrm-core/pull/16013))** ## <a name="credits"></a>Credits This release was developed by the following authors and reviewers: Wikimedia Foundation - Eileen McNaughton; Squiffle Consulting - Aidan Saunders; Greenpeace CCE - Patrick Figel; Seamus Lee - Australian Greens; Tim Otten, Coleman Watts - CiviCRM ## <a name="feedback"></a>Feedback These release notes are edited by Tim Otten and Andrew Hunt. If you'd like to provide feedback on them, please login to https://chat.civicrm.org/civicrm and contact `@agh1`.