Joomla News

Joomla! Announcements

Joomla! Official News

11 December 2018

Joomla! - the dynamic portal engine and content management system
  • Joomla 3.9.1 Release

    Joomla 3.9.1 is now available. This is a bug fix release for the 3.x series of Joomla including over 40 bug fixes and improvements.

  • Joomla 3.9 is live!

    It’s a good day for the Joomla Project, as today we proudly announce the release of Joomla 3.9 – ‘The Privacy Tool Suite’ - marking the tenth minor release in the 3.x series.

  • Joomla 3.8.13 Release

    Joomla 3.8.13 is now available. This is a security release for the 3.x series of Joomla which addresses 5 security vulnerabilities.


Joomla! Wiki

Joomla! Documentation - Recent changes [en]

11 December 2018

Track the most recent changes to the wiki in this feed.
  • File:User-status-example-fr.png

    Lorangerart uploaded File:User-status-example-fr.png

    New page

    == Licensing ==
    {{JEDL}}
  • Chunk30:Extensions Module Manager Admin Module Types/fr

    Created page with "fr"

    ← Older revision Revision as of 11:32, 11 December 2018
    Line 90: Line 90:
     
    ===Barre de statuts===
     
    ===Barre de statuts===
     
    {{Chunk30:Extensions_Module_Manager_Admin_User_Status_Description/fr}} Voici un exemple d'affichage :
     
    {{Chunk30:Extensions_Module_Manager_Admin_User_Status_Description/fr}} Voici un exemple d'affichage :
    [[Image:User-status-example-en.png]]{{-}}
    +
    [[Image:User-status-example-fr.png]]{{-}}
    {{Chunk30:Extensions Module Manager Type/en|mod_status}} The [[S:MyLanguage/{{RVer|help}}:Extensions_Module_Manager_Admin_Status|Help Screen]] for this Module.
    +
    {{Chunk30:Extensions Module Manager Type/fr|mod_status}} The [[S:MyLanguage/{{RVer|help}}:Extensions_Module_Manager_Admin_Status|Help Screen]] for this Module.
  • User:Burriana

    User account Burriana was created


Joomla! Security

Security Announcements

11 December 2018

  • [20181005] - Core - CSRF hardening in com_installer
    • Project: Joomla!
    • SubProject: CMS
    • Impact:Moderate
    • Severity: Low
    • Versions: 2.5.0 through 3.8.12
    • Exploit type: CSRF
    • Reported Date: 2018-September-26
    • Fixed Date: 2018-October-02
    • CVE Number: CVE-2018-17858

    Description

    Added additional CSRF hardening in com_installer actions in the backend.

    Affected Installs

    Joomla! CMS versions 2.5.0 through 3.8.12

    Solution

    Upgrade to version 3.8.13

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:Raviraj A. Powar
  • [20181004] - Core - ACL Violation in com_users for the admin verification
    • Project: Joomla!
    • SubProject: CMS
    • Impact:Moderate
    • Severity: Low
    • Versions: 1.5.0 through 3.8.12
    • Exploit type: ACL Violation
    • Reported Date: 2017-December-27
    • Fixed Date: 2018-October-02
    • CVE Number: CVE-2018-17855

    Description

    In case that an attacker gets access to the mail account of an user who can approve admin verifications in the registration process he can activate himself.

    Affected Installs

    Joomla! CMS versions 1.5.0 through 3.8.12

    Solution

    Upgrade to version 3.8.13

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:Paul Freeman
  • [20181003] - Core - Access level Violation in com_tags
    • Project: Joomla!
    • SubProject: CMS
    • Impact:Moderate
    • Severity: Low
    • Versions: 3.1.0 through 3.8.12
    • Exploit type: ACL Violation
    • Reported Date: 2018-June-20
    • Fixed Date: 2018-October-02
    • CVE Number: CVE-2018-17857

    Description

    Inadequate checks on the tags search fields can lead to an access level violation.

    Affected Installs

    Joomla! CMS versions 3.1.0 through 3.8.12

    Solution

    Upgrade to version 3.8.13

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:Андрей Капитанов
Follow expmedia1 on Twitter
Web Hosting
Joomla!