ibexa · julitafalcondusza · Mar 5, 2025 · Mar 3, 2025 · Mar 4, 2025 · Mar 5, 2025
diff --git a/docs/update_and_migration/from_4.6/update_from_4.6.md b/docs/update_and_migration/from_4.6/update_from_4.6.md
@@ -249,3 +249,27 @@
 ## v4.6.16
 
 No additional steps needed.
+
+## v4.6.17
+
+### Security
+
+This release contains security fixes.
+For more information, see [the published security advisory](https://developers.ibexa.co/security-advisories/ibexa-sa-2025-001-vulnerabilities-in-shopping-cart-and-publish-unscheduling).
+For each of the following fixes, evaluate the vulnerability to determine whether you might have been affected.
+If so, take appropriate action.
+
+#### CartOwner permission limitation exposes carts
+
+This fixes a critical vulnerability in the REST API regarding shopping carts.
+There are no additional update steps to execute.
+
+#### Unauthorized user can cancel scheduled publish events
+
+It fixes vulnerability in publish scheduling, ensures that `edit/create` policies are correctly checked.
+There are no additional update steps to execute.
+
+#### Dependency upgrades
+
+This release upgrades the requirements for [Twig to v3.19](https://github.com/twigphp/Twig/security/advisories/GHSA-3xg3-cgvq-2xwr) and [PHPSpreadsheet to v1.29.9](https://github.com/PHPOffice/PhpSpreadsheet/security), resolving several vulnerabilities of varying severity in those dependencies.
+There are no additional update steps to execute.
diff --git a/mkdocs.yml b/mkdocs.yml
@@ -933,7 +933,7 @@ extra:
   latest_tag_4_3: '4.3.5'
   latest_tag_4_4: '4.4.4'
   latest_tag_4_5: '4.5.7'
-  latest_tag_4_6: '4.6.16'
+  latest_tag_4_6: '4.6.17'
 
   symfony_doc: 'https://symfony.com/doc/5.x'
   user_doc: 'https://doc.ibexa.co/projects/userguide/en/master'