Read the official Contao announcements.
Contao 4.4.52, 4.9.6 and 4.10.1 are available
by Leo Feyer – Announcements
Contao 4.4.52, 4.9.6 and 4.10.1 are available. The releases fix the security vulnerability CVE-2020-25768.
In Contao 4.10.1, you have to explicitly choose if a website uses http:// or https://. In prior versions, it was possible to use both protocols for a website, however, the URLs in the sitemaps and in the search index were generated without https:// in this case. Therefore this is not only a technically necessary change but also a reasonable one.