JUGCN BLOG

For many companies and roles, COVID-19 has brought unexpected closure and job loss. However, for others, it’s been a way to get creative on how to keep their doors open, including moving to a virtual model of business. 

For others, work has actually increased, such as those that already worked remotely like content writers, online marketers, and developers. Now, website creators, many of whom already work as freelancers from home, see a significant opportunity to do more. Here’s why and how to tap into the growth potential as an in-demand service during COVID-19. 

Open For Business (Online)

Although many businesses already had a presence online through a business website, they may not have updated it or relied on it as much as they need to now. Some even had their website just serve as a placeholder with little content. Those businesses are now scrambling to refresh their websites because it is the only storefront they have during this pandemic. 

As a lifeline to their customer base and target audience, these companies seek website creators that can help them expand their presence through a more engaging design with additional content, an online scheduling system, and additional ways to shop and order. They may need to revamp their website to have a digital storefront.  

Joomla 3.9.18 is now available. This is a bugfix release for the 3.x series of Joomla which addresses one bug.

What's in 3.9.18?

Joomla 3.9.18 addresses one bug:

Bug fixes and Improvements

• Fixes the single tag view incorrectly showing a 404 page #28746

Visit GitHub for the full list of bug fixes.

Download

Joomla 3.9.17 is now available. This is a security release for the 3.x series of Joomla which addresses three security vulnerabilities and contains over 40 bug fixes and improvements.

What's in 3.9.17?

Joomla 3.9.17 includes 3 security vulnerability fixes and addresses several bugs, including:

Security Issues Fixed

• Low Priority - Core - Incorrect access control in com_users access level editing function (affecting Joomla 3.8.8 through 3.9.16) More information »
• Low Priority - Core - Missing checks for the root usergroup in usergroup table (affecting Joomla 2.5.0 through 3.9.16) More information »
• Low Priority - Core - Incorrect access control in com_users access level deletion function (affecting Joomla 2.5.0 through 3.9.16)More information »

Bug fixes and Improvements

• Removal of an unneeded file added to 3.9.16 #28307
• Multilingual Associations: Fix for the Edit Associations buttons in Menu Items #28339 and in Category #28678
• PHPMailer upgraded to its latest version #28398
• 'New' MVC classes depreciation notice for 4.0 instead of 5.0 #28366
• Facilitate the usage of help system by third parties #13286
• PostgreSQL: Fix for module loading #28278

Visit GitHub for the full list of bug fixes.

Download

We are living in a weird period, in which we are obliged to practice “social distancing” and we cannot crowd together to meet or get things done. We saw many local and international events cancelled due to the pandemic emergency. And in this period, everyone spends more time to reflect and re-evaluate the importance of many things that we claimed were “normal” for so long.

In this edition of the Community Magazine, we wanted to put people first, remembering that Joomla exists only thanks to “its people” and we wanted to take a moment to appreciate them and their contributions.

This issue will include several interviews with Community Members, from the newly elected (or re-elected) Board members to the “hidden gems”, those volunteers who contribute to Joomla but are not really visible or enough exposed. 

Joomla is entirely run by volunteers and their work is precious to keep the project and all its operations running smoothly.

Together we are stronger and we will succeed! #stayhome and #contributetojoomla 

Joomla, one of the world’s most popular Content Management Systems (CMS), announced today its partnership with Report URI, the Application Security and Health Monitoring leader.

Report URI and Joomla are pleased to announce a new partnership where Joomla will be using the industry leading solution to continuously monitor the multitude of joomla.org websites, analyze the results and improve security for website visitors. For Report URI this partnership means helping build a more secure open internet by serving one of the world’s most prominent open source organizations and further helping to enhance the security of open source projects.

Joomla’s HTTP Security Headers journey for the joomla.org network of sites started back in March 2018 and since then we have constantly improved that to now set most of the available headers which result in an A grade on SecurityHeaders.com for joomla.org. A key part of a successful implementation is a reporting endpoint and back in 2018 we built our own solution, but over the time we realized that this solution does not scale and there are so many invalid reports that have to be ignored – so we disabled the reporting endpoint after the successful implementation and an initial test run. Today we are really excited to start enabling reporting via the Report URI service across our sites and fill that gap so we can constantly monitor and collect not just the Content Security Policy reports, but also all sorts of other reports in one central place.

Says Tobias Zulauf, Security Member Joomla CMS and Websites.

Scott Helme, Founder of Report URI, also shared his excitement:

Joomla 3.9.16 is now available. This is a security release for the 3.x series of Joomla which addresses six security vulnerabilities and contains over 20 bug fixes and improvements.

Don't forget to backup your site first

What's in 3.9.16?

Joomla 3.9.16 includes 6 security vulnerability fixes and addresses several bugs, including:

Security Issues Fixed

• Low Priority - Core - SQL injection in Featured Articles menu parameters (affecting Joomla 1.7.0 through 3.9.15) More information »
• Low Priority - Core - CSRF in com_templates image actions (affecting Joomla 3.2.0 through 3.9.15) More information »
• Low Priority - Core - XSS in Protostar and Beez3 (affecting Joomla 3.0.0 through 3.9.15) More information »
• Low Priority - Core - Incorrect Access Control in com_templates (affecting Joomla 2.5.0 through 3.9.15) More information »
• Low Priority - Core - Identifier collisions in com_users (affecting Joomla 3.0.0 through 3.9.15) More information »
• Low Priority - Core - Incorrect Access Control in com_fields SQL field (affecting Joomla 3.7.0 through 3.9.15) More information »

Bug fixes and Improvements

• Link rel attributes: ‘noopener’ attributes #28005, ‘sponsored’ and ‘ugc’ attributes #28055 
• Fields - Imagelist: Correct the display of the folder structure #16708
• Popular Tags Module fix #27745
• User - Contact Creator plugin: catid fixed #27949

Visit GitHub for the full list of bug fixes.

Download

Joomla 3.9.15 is now available. This is a security release for the 3.x series of Joomla which addresses three low security vulnerabilities and contains over 20 bug fixes and improvements.

What's in 3.9.15?

Joomla 3.9.15 includes three security vulnerability fixes and addresses several bugs, including:

Security Issues Fixed

• Low Priority - Core - CSRF in batch actions (affecting Joomla 3.0.0 through 3.9.14) More information »
• Low Priority - Core - CSRF com_templates LESS compiler (affecting Joomla 3.0.0 through 3.9.14) More information »
• Low Priority - Core - XSS in com_actionlogs (affecting Joomla 3.9.0 through 3.9.14) More information »

Bug fixes and Improvements

• Beez Template: Fix the consent field modal #23205
• Action Log emails: Use of absolute URLs #27432
• TinyMCE fixes: #27498 #27519
• User email addresses: Case insensitive management #24117
• Prevent library extensions to overwrite core files #27300

Visit GitHub for the full list of bug fixes.

Download

Joomla 3.9.14 is now available. This is a security fix release for the 3.x series of Joomla which addresses two security vulnerabilities and contains over 35 bug fixes and improvements.

What's in 3.9.14?

Joomla 3.9.14 includes two security vulnerability fixes and several bugs and improvements, including:

Security Issues Fixed

• Low Priority - Core - Path Disclosure in framework files (affecting Joomla 3.8.0 through 3.9.13) More information »
• Low Priority - Core - Various SQL injections through configuration parameters (affecting Joomla 2.5.0 through 3.9.13) More information »

Bug fixes and Improvements

• Improve PHP 7.4 compatibility #27190 #27219 
• Fix incorrect id generated for input fields in repetable subform #27081
• Fix Sample Data Learn #27100 #27101 #27102
• Allow JSON Document caching #27161
• Avoid errors when Joomla! gets outdated #27197
• Show full video filename and preview icon in Media Manager #27230

Visit GitHub for the full list of bug fixes.

Download

Joomla 3.9.13 is now available. This is a security fix release for the 3.x series of Joomla which addresses two security vulnerabilities and contains over 15 bug fixes and improvements.

What's in 3.9.13?

Joomla 3.9.13 includes two security vulnerability fixes and several bugs and improvements, including:

Security Issues Fixed

• Low Priority - Core - CSRF in com_template overrides view (affecting Joomla 3.2.0 through 3.9.12) More information »
• Low Priority - Core - Path Disclosure in phpuft8 mapping files (affecting Joomla 3.6.0 through 3.9.12) More information »

Bug fixes and Improvements

• Improve PHP 7.4 compatibility #25801 #25782 #26615 #26865
• Improve reverse proxy support #25520
• Fix active category detection #26330
• Fix message filtering #26065
• Improve sending mass mail #26844

Visit GitHub for the full list of bug fixes.

Download

Joomla 3.9.12 is now available. This is a security fix release for the 3.x series of Joomla which addresses one security vulnerability and contains over 30 bug fixes and improvements.

What's in 3.9.12?

Joomla 3.9.12 includes one security vulnerability fix and several bugs and improvements, including:

Security Issues Fixed

• Low Priority - Core - XSS in logo parameter of default templates (affecting Joomla 3.0.0 through 3.9.11) More information »

Bug fixes and Improvements

• Fix for minyear and maxyear in the calendar #26119
• Handle Google Font weights and styles in Protostar #25976
• Fix user session on mssql server #23213
• Protect SQL servers by adding pause mechanism to cli finder indexer #13502
• Fix Imagelist custom field default image #26352

Visit GitHub for the full list of bug fixes.

Download

Joomla 3.9.10 is now available. This is a bug fix release for the 3.x series of Joomla which addresses one bug introduced into 3.9.9, affecting template styles of multilingual web sites.

What's in 3.9.10?

Joomla 3.9.10 is fixing one bug introduced into Joomla 3.9.9 which affects the template styles of multilingual sites and results in lost data.

Please read this JDocs FAQ page to learn more about this issue and its fix.

IMPORTANT information for users who have already updated to 3.9.9 and faced this issue.
Due to a bad sql update, the template style mapping to content languages has been lost. Unfortunately, this is an unrecoverable error.
You must either:

• Restore the data manually by upgrading to Joomla 3.9.10 and then manually editing each template style and using the "Default" Field to the language required 
• Or restore a 3.9.8 backup of your sites to recover the data before updating to Joomla 3.9.10.

We would like to take a moment to apologise to our users. 
Whilst we understand that a release which introduces a major bug is always serious - in this case the bug involved actual data lost from sites. This is a red line for us. We are going to go away and look at how we can improve our release and testing strategies and report back to our users when this is complete, detailing how we aim to improve in the future.