CQ 5.4 hot fix recommendations

Adobe recommends that you have the following hot fixes or feature packs for CQ 5.4 (author and publish).

Install them in the following order (based on dependencies and creation/wrapped timestamp of the packages):

1. Hot fix 39881: Resolves an Apache Sling Installer issue. It is not on Package Share. (It is attached below. This ZIP file contains a bundle to install via Apache Felix console and a package to install with Package Manager.)
2. Feature Pack 34789: Improves overall page rendering time
   
3. Hot fix 37521: XSS in default HtmlResponse (sling.API)
   
4. Hot fix 38166: XSS in /content/geometrixx_mobile/en/products.touch.html
   
5. Public Security Update: ("Security Update for CQ 5.4"), available in public section on Package Share public
   
6. Public Security Update (hot fix 41690), available in public section on Package Share public
7. Public Security Update (hot fix 42632), available in public section on Package Share public
8. Hot fix 41135-CUMULATIVE: resolves multiple replication issues
   
9. Hot fix 41136: resolves multiple MSM issues
10. Hot fix 2834: latest replication hot fix
11. Hot fix 8364: Java deserialization issues mitigation agent
    

Also, check the recommendations for tuning CRX here.

Open a Daycare ticket to have access to the non-public hot fixes.