Joomla 3.9.7 is now available. This is a security fix release for the 3.x series of Joomla which addresses three security vulnerabilities and contains over 40 bug fixes and improvements.
What's in 3.9.7?
Joomla 3.9.7 includes three security vulnerability fixes and several bugs and improvements, including:
Security Issues Fixed
- Low Priority - Core - CSV injection in com_actionlogs (affecting Joomla 3.9.0 through 3.9.6) More information »
- Low Priority - Core - XSS in subform field (affecting Joomla 3.6.0 through 3.9.6) More information »
- Low Priority - Core - ACL hardening of com_joomlaupdate (affecting Joomla 3.8.13 through 3.9.6) More information »
Bug fixes and Improvements
- Batch system: Copy permissions of modules #24737 and categories #24730
- Progessive cache improvements #20310
- Fix to avoid duplicated custom fields in com_content #24516
- RTL improvements #23107 #24722
- Removal of the unofficial French Help Server #24927
- TinyMCE improvements: #24978 #25037
- RSS: Fix to display the right category #24932
- Media Manager: Fix directory traversal for symlinked folders #24924
- User registration: Correct http schema used #24089
Visit GitHub for the full list of bug fixes.
New InstallationsDownload Joomla 3.9.7
English (UK), 3.9.7 Full Package
Upgrade PackagesUpgrade Packages
Joomla 3 upgrade packages
Note: Please read the update instructions before updating.
Remember… Please clear your browser's cache after updating.
Found a bug? Report it on the Joomla Issue Tracker.
Questions? See the documentation wiki for FAQ’s regarding the 3.9.7 release.