Joomla mobilizes for its community

20200331-Joomla-mobilizes-for-its-community

While we have been in an unprecedented situation that is changing our way of life for several days, we would like to assure you of the support of the whole Joomla Project throughout this period.

The confinement weeks in a large part of the world. We should more than ever maintain and consolidate our links with our loved ones so that this isolation does not make us forget what unites us and makes us a community. In a few words: talk to each other, exchange and continue to share.

The Joomla community is adapting to the pandemic and if many events have been postponed, some will be held online! Our Social Media Team promotes these events as soon as they are informed. If you are organizing a webinar or an online session, do not hesitate to contact us so that we can spread this information to the entire community.

During this confinement period, you can also take the time to discover and rediscover Joomla projects or give a hand to our current projects. Here are some suggestions below:

Learn Joomla

To start with our favorite CMS, you have many possibilities.

Continue reading
  1499 Hits

Joomla partners with Report URI for real time Application Security and Health Monitoring

Joomla, one of the world’s most popular Content Management Systems (CMS), announced today its partnership with Report URI, the Application Security and Health Monitoring leader.

Report URI and Joomla are pleased to announce a new partnership where Joomla will be using the industry leading solution to continuously monitor the multitude of joomla.org websites, analyze the results and improve security for website visitors. For Report URI this partnership means helping build a more secure open internet by serving one of the world’s most prominent open source organizations and further helping to enhance the security of open source projects.

Joomla’s HTTP Security Headers journey for the joomla.org network of sites started back in March 2018 and since then we have constantly improved that to now set most of the available headers which result in an A grade on SecurityHeaders.com for joomla.org. A key part of a successful implementation is a reporting endpoint and back in 2018 we built our own solution, but over the time we realized that this solution does not scale and there are so many invalid reports that have to be ignored – so we disabled the reporting endpoint after the successful implementation and an initial test run. Today we are really excited to start enabling reporting via the Report URI service across our sites and fill that gap so we can constantly monitor and collect not just the Content Security Policy reports, but also all sorts of other reports in one central place.

Says Tobias Zulauf, Security Member Joomla CMS and Websites.


Scott Helme, Founder of Report URI, also shared his excitement:

Continue reading

Copyright

© Joomla.org

  1459 Hits

Github Sponsored Organization Program: support Joomla!

Ever wished you could support the developers who devote themselves to making Joomla one of the leading Open Source CMS? Now you can! Joomla has joined the GitHub Sponsored Organization Program. GitHub has launched GitHub Sponsors, a way to give financial support to Open Source contributors on all kinds of projects. Joomla is one of those projects. ...

Continue reading
  1393 Hits

Github Sponsored Organization Program: support Joomla!

Ever wished you could support the developers who devote themselves to making Joomla one of the leading Open Source CMS? Now you can! Joomla has joined the GitHub Sponsored Organization Program.

GitHub has launched GitHub Sponsors, a way to give financial support to Open Source contributors on all kinds of projects. Joomla is one of those projects.

As you probably know, Joomla’s developers are working hard on our best Joomla ever: Joomla 4. The amazing new features in Joomla 4 make it a CMS everybody will want to use. Every Joomla user is looking forward to this new version.
Your sponsorship can speed up the availability of Joomla 4. 

It will also allow us to improve and better maintain our official websites and the Joomla Issue Tracker as well. 

Funding our developers helps them to keep doing their great work.

Continue reading
  1356 Hits

Joomla 3.9.16 Release

Joomla 3.9.16 is now available. This is a security release for the 3.x series of Joomla which addresses six security vulnerabilities and contains over 20 bug fixes and improvements.

Don't forget to backup your site first

What's in 3.9.16?

Joomla 3.9.16 includes 6 security vulnerability fixes and addresses several bugs, including:

Security Issues Fixed

  • Low Priority - Core - SQL injection in Featured Articles menu parameters (affecting Joomla 1.7.0 through 3.9.15) More information »
  • Low Priority - Core - CSRF in com_templates image actions (affecting Joomla 3.2.0 through 3.9.15) More information »
  • Low Priority - Core - XSS in Protostar and Beez3 (affecting Joomla 3.0.0 through 3.9.15) More information »
  • Low Priority - Core - Incorrect Access Control in com_templates (affecting Joomla 2.5.0 through 3.9.15) More information »
  • Low Priority - Core - Identifier collisions in com_users (affecting Joomla 3.0.0 through 3.9.15) More information »
  • Low Priority - Core - Incorrect Access Control in com_fields SQL field (affecting Joomla 3.7.0 through 3.9.15) More information »

Bug fixes and Improvements

  • Link rel attributes: ‘noopener’ attributes #28005, ‘sponsored’ and ‘ugc’ attributes #28055 
  • Fields - Imagelist: Correct the display of the folder structure #16708
  • Popular Tags Module fix #27745
  • User - Contact Creator plugin: catid fixed #27949

Visit GitHub for the full list of bug fixes.

Download

Continue reading

Copyright

© Joomla.org

  1624 Hits

Joomla 3.9.15 Release

Joomla 3.9.15 is now available. This is a security release for the 3.x series of Joomla which addresses three low security vulnerabilities and contains over 20 bug fixes and improvements.

What's in 3.9.15?

Joomla 3.9.15 includes three security vulnerability fixes and addresses several bugs, including:

Security Issues Fixed

  • Low Priority - Core - CSRF in batch actions (affecting Joomla 3.0.0 through 3.9.14) More information »
  • Low Priority - Core - CSRF com_templates LESS compiler (affecting Joomla 3.0.0 through 3.9.14) More information »
  • Low Priority - Core - XSS in com_actionlogs (affecting Joomla 3.9.0 through 3.9.14) More information »

Bug fixes and Improvements

  • Beez Template: Fix the consent field modal #23205
  • Action Log emails: Use of absolute URLs #27432
  • TinyMCE fixes: #27498 #27519
  • User email addresses: Case insensitive management #24117
  • Prevent library extensions to overwrite core files #27300

Visit GitHub for the full list of bug fixes.

Download

Upgrade Packages

Upgrade Packages
Joomla 3 upgrade packages

Note: Please read the update instructions before updating.
Remember… Please clear your browser's cache after updating.
Found a bug? Report it on the Joomla Issue Tracker.
Questions? See the documentation wiki for FAQ’s regarding the 3.9.15 release.

Continue reading

Copyright

© Joomla.org

  1697 Hits

Joomla 3.9.14 Release

Joomla 3.9.14 is now available. This is a security fix release for the 3.x series of Joomla which addresses two security vulnerabilities and contains over 35 bug fixes and improvements.

What's in 3.9.14?

Joomla 3.9.14 includes two security vulnerability fixes and several bugs and improvements, including:

Security Issues Fixed

  • Low Priority - Core - Path Disclosure in framework files (affecting Joomla 3.8.0 through 3.9.13) More information »
  • Low Priority - Core - Various SQL injections through configuration parameters (affecting Joomla 2.5.0 through 3.9.13) More information »

Bug fixes and Improvements

  • Improve PHP 7.4 compatibility #27190 #27219 
  • Fix incorrect id generated for input fields in repetable subform #27081
  • Fix Sample Data Learn #27100 #27101 #27102
  • Allow JSON Document caching #27161
  • Avoid errors when Joomla! gets outdated #27197
  • Show full video filename and preview icon in Media Manager #27230

Visit GitHub for the full list of bug fixes.

Download

Upgrade Packages

Upgrade Packages
Joomla 3 upgrade packages

Note: Please read the update instructions before updating.
Remember… Please clear your browser's cache after updating.
Found a bug? Report it on the Joomla Issue Tracker.
Questions? See the documentation wiki for FAQ’s regarding the 3.9.14 release.

Continue reading

Copyright

© Joomla.org

  1800 Hits

JoomlaShack Conference Videos Now Available

js-conference-2019

 A few weeks ago was the JoomlaShack Conference.  This 3-day online event featured speakers from around the world.  The JoomlaShack team led by Steve Burge, worked with presenters to provide Joomlers with tips and tricks to help them on their Joomla Journey.  As if planning and moderating were not enough, they hav...

Continue reading
  1791 Hits

Pizza Bugs and Fun October 2019 was a roaring success!

Saturday the 19th october 2019 saw Pizza, Bugs and Fun sessions all around the world.  It was amazing, truly amazing!

25 countries were present for this edition, starting with our Australian friends and ending on the American West Coast with Asia, Africa, Europe filling in the middle of the day. Hundreds of Joomlers worked together with one single goal: Make Joomla 4 our best version yet!

More Joomlers than we can count joined together to smash bugs, eat pizzas and have a truly fun time together. It was really a fantastic success, as you can see from the statistics below.

With over 230 people from 25 countries, 250 pull request tests, 2000 documentation changes, 54 merged PR and around 50 found bugs, it was a huge success.

The board is very proud of the hard work done by the Global Community and would like to wholeheartedly thank all involved. The commitment was outstanding and the work done has been priceless in helping our Production Department to take a big leap forward towards releasing the first Beta of Joomla 4.

Continue reading
  1568 Hits

Joomla 3.9.13 Release

Joomla 3.9.13 is now available. This is a security fix release for the 3.x series of Joomla which addresses two security vulnerabilities and contains over 15 bug fixes and improvements.

What's in 3.9.13?

Joomla 3.9.13 includes two security vulnerability fixes and several bugs and improvements, including:

Security Issues Fixed

  • Low Priority - Core - CSRF in com_template overrides view (affecting Joomla 3.2.0 through 3.9.12) More information »
  • Low Priority - Core - Path Disclosure in phpuft8 mapping files (affecting Joomla 3.6.0 through 3.9.12) More information »

Bug fixes and Improvements

Visit GitHub for the full list of bug fixes.

Download

Upgrade Packages

Upgrade Packages
Joomla 3 upgrade packages

Note: Please read the update instructions before updating.
Remember… Please clear your browser's cache after updating.
Found a bug? Report it on the Joomla Issue Tracker.
Questions? See the documentation wiki for FAQ’s regarding the 3.9.13 release.

Continue reading

Copyright

© Joomla.org

  1959 Hits

Joomla 3.9.12 Release

Joomla 3.9.12 is now available. This is a security fix release for the 3.x series of Joomla which addresses one security vulnerability and contains over 30 bug fixes and improvements.

What's in 3.9.12?

Joomla 3.9.12 includes one security vulnerability fix and several bugs and improvements, including:

Security Issues Fixed

  • Low Priority - Core - XSS in logo parameter of default templates (affecting Joomla 3.0.0 through 3.9.11) More information »

Bug fixes and Improvements

  • Fix for minyear and maxyear in the calendar #26119
  • Handle Google Font weights and styles in Protostar #25976
  • Fix user session on mssql server #23213
  • Protect SQL servers by adding pause mechanism to cli finder indexer #13502
  • Fix Imagelist custom field default image #26352

Visit GitHub for the full list of bug fixes.

Download

Upgrade Packages

Upgrade Packages
Joomla 3 upgrade packages

Note: Please read the update instructions before updating.
Remember… Please clear your browser's cache after updating.
Found a bug? Report it on the Joomla Issue Tracker.
Questions? See the documentation wiki for FAQ’s regarding the 3.9.12 release.

Continue reading

Copyright

© Joomla.org

  2055 Hits

Joomla 3.9.11 Release

joomla-3911-sr

Joomla 3.9.11 is now available. This is a security fix release for the 3.x series of Joomla which addresses one security vulnerability and contains over 25 bug fixes and improvements. What's in 3.9.11? Joomla 3.9.11 includes one security vulnerability fix and several bugs and improvements, including: Security Issues Fixed Low Priority - Core - Hard...

Continue reading
  2154 Hits

Important Information Regarding JWC 2019

jwc19

 After a year without a JWC in 2018, the board were eager to bring together the Joomla! Community with a World Conference in 2019. London was chosen as a venue and the dates were announced for November 2019. Planning for this event was at an advanced stage and tickets were being sold. Then the deadline for Brexit was extended to 31st October 2...

Continue reading
  2102 Hits

Joomla 3.9.10 Release

Joomla 3.9.10 is now available. This is a bug fix release for the 3.x series of Joomla which addresses one bug introduced into 3.9.9, affecting template styles of multilingual web sites.

What's in 3.9.10?

Joomla 3.9.10 is fixing one bug introduced into Joomla 3.9.9 which affects the template styles of multilingual sites and results in lost data.

Please read this JDocs FAQ page to learn more about this issue and its fix.

IMPORTANT information for users who have already updated to 3.9.9 and faced this issue.
Due to a bad sql update, the template style mapping to content languages has been lost. Unfortunately, this is an unrecoverable error.
You must either:

  • Restore the data manually by upgrading to Joomla 3.9.10 and then manually editing each template style and using the "Default" Field to the language required 
  • Or restore a 3.9.8 backup of your sites to recover the data before updating to Joomla 3.9.10.


We would like to take a moment to apologise to our users. 
Whilst we understand that a release which introduces a major bug is always serious - in this case the bug involved actual data lost from sites. This is a red line for us. We are going to go away and look at how we can improve our release and testing strategies and report back to our users when this is complete, detailing how we aim to improve in the future.

Continue reading

Copyright

© Joomla.org

  2122 Hits

Joomla 3.9.9 Release

Joomla 3.9.9 is now available. This is a security fix release for the 3.x series of Joomla which addresses one security vulnerability and contains over 30 bug fixes and improvements.

What's in 3.9.9?

Joomla 3.9.9 includes one security vulnerability fix and several bugs and improvements, including:

Security Issues Fixed

  • Low Priority - Core - Filter attribute in subform fields allows remote code execution (affecting Joomla 3.9.7 through 3.9.8) More information »

Bug fixes and Improvements

  • Repeatable Custom Fields: fix to keep HTML tags #25189
  • Media Manager: Modal layout improved #22475
  • Voting: Cache cleaned after voting #25201
  • Article ordering: Items grouped by category first #25295
  • Batch system: Improvements for Contact and Newsfeed #25259

Visit GitHub for the full list of bug fixes.

Download

Upgrade Packages

Upgrade Packages
Joomla 3 upgrade packages

Note: Please read the update instructions before updating.
Remember… Please clear your browser's cache after updating.
Found a bug? Report it on the Joomla Issue Tracker.
Questions? See the documentation wiki for FAQ’s regarding the 3.9.9 release.

Continue reading

Copyright

© Joomla.org

  2091 Hits

The Single Sign On, Identity and Consent Management on Joomla.org

Privacy Laws like GDPR introduced several new requirements that changed the way we think the data management and the pathway to the privacy compliance.

Read More ...

  1808 Hits

Joomla 3.9.8 Release

Joomla 3.9.8 is now available. This is a bug fix release for the 3.x series of Joomla which addresses one bug introduced into 3.9.7 which affects web sites using the French Help Server.

What's in 3.9.8?

Joomla 3.9.8 is fixing one bug introduced into Joomla 3.9.7, due to the removal of the French Help Server.

Visit GitHub for more information about this issue.

Download

Upgrade Packages

Upgrade Packages
Joomla 3 upgrade packages

Note: Please read the update instructions before updating.
Remember… Please clear your browser's cache after updating.
Found a bug? Report it on the Joomla Issue Tracker.
Questions? See the documentation wiki for FAQ’s regarding the 3.9.8 release.

Copyright

© Joomla.org

  1951 Hits

Joomla 3.9.7 Release

Joomla 3.9.7 is now available. This is a security fix release for the 3.x series of Joomla which addresses three security vulnerabilities and contains over 40 bug fixes and improvements.

What's in 3.9.7?

Joomla 3.9.7 includes three security vulnerability fixes and several bugs and improvements, including:

Security Issues Fixed

  • Low Priority - Core - CSV injection in com_actionlogs (affecting Joomla 3.9.0 through 3.9.6) More information »
  • Low Priority - Core - XSS in subform field (affecting Joomla 3.6.0 through 3.9.6) More information »
  • Low Priority - Core - ACL hardening of com_joomlaupdate (affecting Joomla 3.8.13 through 3.9.6) More information »

Bug fixes and Improvements

  • Batch system: Copy permissions of modules #24737 and categories #24730
  • Progessive cache improvements #20310
  • Fix to avoid duplicated custom fields in com_content #24516
  • RTL improvements #23107 #24722
  • Removal of the unofficial French Help Server #24927
  • TinyMCE improvements: #24978 #25037
  • RSS: Fix to display the right category #24932
  • Media Manager: Fix directory traversal for symlinked folders #24924
  • User registration: Correct http schema used #24089

Visit GitHub for the full list of bug fixes.

Note to users using the French Help Server: Please do not update to 3.9.7 and wait for 3.9.8

Download

Upgrade Packages

Upgrade Packages
Joomla 3 upgrade packages

Note: Please read the update instructions before updating.
Remember… Please clear your browser's cache after updating.
Found a bug? Report it on the Joomla Issue Tracker.
Questions? See the documentation wiki for FAQ’s regarding the 3.9.7 release.

Continue reading

Copyright

© Joomla.org

  1990 Hits

Joomla 3.9.6 Release

joomla-396

 Joomla 3.9.6 is now available. This is a security fix release for the 3.x series of Joomla which addresses one security vulnerability and contains over 25 bug fixes and improvements. What's in 3.9.6? Joomla 3.9.6 includes one security vulnerability fix and several bugs and improvements, including: Security Issues FixedLow Priority - Core - XS...

Continue reading

Copyright

© Joomla.org

  2065 Hits

Joomla 3.9.5 Release

Joomla 3.9.5 is now available. This is a security fix release for the 3.x series of Joomla which addresses three security vulnerabilities and contains over 20 bug fixes and improvements.

What's in 3.9.5?

Joomla 3.9.5 includes three security vulnerabilities fixes and several bugs and improvements, including:

Security Issues Fixed

  • Low Priority - Core - Directory Traversal in com_media (affecting Joomla 1.5.0 through 3.9.4) More information »
  • High Priority - Core - Helpsites refresh endpoint callable for unauthenticated users (affecting Joomla 3.2.0 through 3.9.4) More information »
  • Moderate Priority - Core - Object.prototype pollution in JQuery $.extend (affecting Joomla 3.0.0 through 3.9.4) More information »

Bug fixes and Improvements

  • User Password: Add minimum lowercase rule for password validation #24230
  • Associations tab: Fix wrong behaviour of Indonesian language #24244
  • Debug language: Fix User Actions Log Manager #24178
  • New installation language: Kazakh #24233
  • Google Authenticator plugin (2FA): QR-code generator implemented #24255

Visit GitHub for the full list of bug fixes.

Download

Upgrade Packages

Upgrade Packages
Joomla 3 upgrade packages

Note: Please read the update instructions before updating.
Remember… Please clear your browser's cache after updating.
Found a bug? Report it on the Joomla Issue Tracker.
Questions? See the documentation wiki for FAQ’s regarding the 3.9.5 release.

Continue reading

Copyright

© Joomla.org

  2202 Hits