Add release-notes/5.64.4.md

diff --git a/release-notes.md b/release-notes.md
index cebc970059e6c2651f17fb28e5fae50d3459e91b..ed44a51e58279a579579702499a715cea8648920 100644 (file)
--- a/release-notes.md
+++ b/release-notes.md
@@ -48,6 +48,16 @@ Released September 6, 2023
 - **[Credits](release-notes/5.65.0.md#credits)**
 - **[Feedback](release-notes/5.65.0.md#feedback)**
 
+## CiviCRM 5.64.4
+
+Released September 6, 2023
+
+- **[Synopsis](release-notes/5.64.4.md#synopsis)**
+- **[Security advisories](release-notes/5.64.4.md#security)**
+- **[Bugs resolved](release-notes/5.64.4.md#bugs)**
+- **[Credits](release-notes/5.64.4.md#credits)**
+- **[Feedback](release-notes/5.64.4.md#feedback)**
+
 ## CiviCRM 5.64.3
 
 Released September 1, 2023

diff --git a/release-notes/5.64.4.md b/release-notes/5.64.4.md
new file mode 100644 (file)
index 0000000..20e9d84
--- /dev/null
+++ b/release-notes/5.64.4.md
@@ -0,0 +1,53 @@
+# CiviCRM 5.64.4
+
+Released September 6, 2023
+
+- **[Synopsis](#synopsis)**
+- **[Security advisories](#security)**
+- **[Bugs resolved](#bugs)**
+- **[Credits](#credits)**
+- **[Feedback](#feedback)**
+
+## <a name="synopsis"></a>Synopsis
+
+| *Does this version...?*                                         |          |
+| --------------------------------------------------------------- | -------- |
+| Change the database schema?                                     | no       |
+| Alter the API?                                                  | no       |
+| Require attention to configuration options?                     | no       |
+| **Fix problems installing or upgrading to a previous version?** | **yes**  |
+| Introduce features?                                             | no       |
+| **Fix bugs?**                                                   | **yes**  |
+| **Fix security vulnerabilities?**                               | **yes**  |
+
+## <a name="security"></a>Security advisories
+
+* **[CIVI-SA-2023-07](https://civicrm.org/advisory/civi-sa-2023-07-smarty-math-rce): Smarty Math RCE**
+* **[CIVI-SA-2023-08](https://civicrm.org/advisory/civi-sa-2023-08-kcfinder-xss): KCFinder XSS**
+* **[CIVI-SA-2023-09](https://civicrm.org/advisory/civi-sa-2023-09-getfields-sqli): GetFields SQLI**
+* **[CIVI-SA-2023-10](https://civicrm.org/advisory/civi-sa-2023-10-multiple-potential-sqli): Multiple Potential SQLI**
+* **[CIVI-SA-2023-11](https://civicrm.org/advisory/civi-sa-2023-11-select2-xss): Select2 XSS**
+* **[CIVI-SA-2023-12](https://civicrm.org/advisory/civi-sa-2023-12-jquery-validation-dos): jQuery Validation DoS**
+* **[CIVI-SA-2023-13](https://civicrm.org/advisory/civi-sa-2023-13-survey-xss): Survey XSS**
+* **[CIVI-SA-2023-14](https://civicrm.org/advisory/civi-sa-2023-14-contact-image-csrf): Contact Image CSRF**
+* **[CIVI-SA-2023-15](https://civicrm.org/advisory/civi-sa-2023-15-civievent-xss): CiviEvent XSS**
+
+## <a name="bugs"></a>Bugs resolved
+
+* **_Custom Data_: Failure processing "File" field ([#27290](https://github.com/civicrm/civicrm-core/pull/27290))**
+* **_Upgrader_: Failure handling "civicrm_job_log" if there are orphaned records ([#27310](https://github.com/civicrm/civicrm-core/pull/27310))**
+
+## <a name="credits"></a>Credits
+
+This release was developed by the following authors and reviewers:
+
+Uepal - Jean-Marie Heitz; Third Sector Design - Kurund Jalmi, William Mortada; RIPS
+Technologies - Dennis Brinkrolf; Ranjit Pahan; JMA Consulting - Seamus Lee; Dave D;
+CiviCRM - Coleman Watts, Tim Otten; BrightMinded Ltd - Bradley Taylor; Artful Robot - Rich
+Lott
+
+## <a name="feedback"></a>Feedback
+
+These release notes are edited by Tim Otten and Andie Hunt.  If you'd like to
+provide feedback on them, please login to https://chat.civicrm.org/civicrm and
+contact `@agh1`.