Joomla 3.8.8 bugfix en security update

Zojuist is er een security en bugfix update verschenen voor Joomla, versie 3.8.8. Alle klanten zijn weer direct geupdate. 

Wilt u ook een onderhouds- en updatecontract zodat u er geen omkijken naar heeft? Neem dan contact op met Marc.

Wat is er aangepast in Joomla 3.8.8?

Joomla! 3.8.8 adresseert diverse bugs & een aantal security updates.

Joomla 3.8.8 SECURITY & BUGFIXES UPDATE:

Security Issues Fixed

  • Low Priority  - Core - ACL violation in access levels (affecting Joomla 2.5.0 through 3.8.7)
  • Low Priority -  Core - Add phar files to the upload blacklist (affecting Joomla 2.5.0 through 3.8.7)
  • Moderate Priority -  Core - Information Disclosure about unpublished tags (affecting Joomla 3.1.0 through 3.8.7)
  • Low Priority -  Core - Installer leaks plain text password to local user (affecting Joomla 3.0.0 through 3.8.7)
  • Moderate Priority -  Core - XSS Vulnerabilities & additional hardening (affecting Joomla 3.0.0 through 3.8.7)
  • Low Priority - Core - Filter field in com_fields allows remote code execution (affecting Joomla 3.7.0 through 3.8.7)
  • Low Priority - Core - Session deletion race condition (affecting Joomla 3.0.0 through 3.8.7)
  • Low Priority - Core - Possible XSS attack in the redirect method (affecting Joomla 3.2.1 through 3.8.7) 
  • Low Priority - Core - XSS vulnerability in the media manager (affecting Joomla 1.5.0 through 3.8.7)

Bug Fixes and Improvements

  •  Miscellaneous accessibility improvements for the Backend
  • Updated CodeMirror to 5.37 and various improvements
  • Improved handling of numeric user group names
  • [com_content] Filter by no author
  • Added support for PHP 7.3’s is_countable function
  • Sending passwords by email disabled by default for new installs

Bezoek de Joomla documentation wiki voor  FAQ’s aangaande de Joomla 3.8.8 releaseZie link onderaan dit artikel.