Joomla! 3.6.5 Released

Joomla! 3.6.5 is now available. This is a security release for the 3.x series of Joomla! which addresses three security vulnerabilities, miscellaneous security hardening and three bug fixes; no further changes have been made compared to the Joomla! 3.6.4 release. We strongly recommend that you update your sites. What’s in Continue Reading

The only Joomla! Downloads Hub you’ll ever need

The Joomla! Community proudly presents the centralised and localised Joomla! Downloads portal. It will be the only place you’ll ever need to visit for all Joomla! CMS core files. At https://downloads.joomla.org you will find the latest Joomla! Releases and Updates, direct linking to all the language packages and to the Continue Reading

Joomla – From No One to the Highest Privilege

Joomla, a popular free and open-source content management system, just released version 3.6.4 that fixed two critical vulnerabilities: [CVE-2016-8870] – Core – Account Creation: attackers can exploit this vulnerability to create any account in a Joomla system regardless of whether its registration has been disabled. [CVE-2016-8869] – Core – Elevated Continue Reading

Revised Assessment of 3.6.4 Security Release

As part of our post-release review process for the 3.6.4 release, the Joomla! Security Strike Team has identified and confirmed an additional side effect of the issue resolved in security advisory 20161002 (CVE-2016-8869) and as such we have revised our assessment of this issue. As stated in the advisory, the Continue Reading

Joomla! 3.6.4 Released

Joomla! 3.6.4 is now available. This is a security release for the 3.x series of Joomla! which addresses two critical security vulnerabilities and a bug fix for two-factor authentication. We strongly recommend that you update your sites immediately. This release only contains the security fixes and bug fix; no other Continue Reading

Joomla! 3.6.4 – Important Security Announcement – Patch Available Soon

A Joomla! 3.6.4 release containing a security fix will be published on Tuesday 25th October at approximately 14:00 UTC. The Joomla! Security Strike Team (JSST) has been informed of a critical security issue in the Joomla! core. Since this is a very important security fix, please be prepared to update your Joomla! Continue Reading

The Joomla! 3.6.1 Update

During the latest release of Joomla! 3.6.1 an issue emerged because of a security fix. 3.6.1 introduced a CSRF token check to the Joomla! Update component as an extra level of security to fix a Medium Level security issue. 3.6.0 down to 2.5.4 (every Joomla! release with the update component) Continue Reading