Joomla 3.8.8 Security und Bugfix Release

Das Open-Source CMS, Joomla, ist heute in Version 3.8.8 erschienen. Das Security und Bugfix Release behebt 9 Sicherheitsprobleme und korrigiert über 50 Fehler.

Joomla 3.8.8 Update

Joomla 3.8.8 Update

Joomla 3.8.8 Security und Bugfix Release Notes

Security Issues Fixed

  • Low Priority  – Core – ACL violation in access levels (affecting Joomla 2.5.0 through 3.8.7) More information »
  • Low Priority –  Core – Add phar files to the upload blacklist (affecting Joomla 2.5.0 through 3.8.7) More information »
  • Moderate Priority –  Core – Information Disclosure about unpublished tags (affecting Joomla 3.1.0 through 3.8.7) More information »
  • Low Priority –  Core – Installer leaks plain text password to local user (affecting Joomla 3.0.0 through 3.8.7) More information »
  • Moderate Priority –  Core – XSS Vulnerabilities & additional hardening (affecting Joomla 3.0.0 through 3.8.7) More information »
  • Low Priority – Core – Filter field in com_fields allows remote code execution (affecting Joomla 3.7.0 through 3.8.7) More information »
  • Low Priority – Core – Session deletion race condition (affecting Joomla 3.0.0 through 3.8.7)  More information »
  • Low Priority – Core – Possible XSS attack in the redirect method (affecting Joomla 3.2.1 through 3.8.7)  More information »
  • Low Priority – Core – XSS vulnerability in the media manager (affecting Joomla 1.5.0 through 3.8.7)  More information »

Bug fixes and Improvements

  • Miscellaneous accessibility improvements for the Backend
  • Updated CodeMirror to 5.37 and various improvements #20269 #19833 #12542
  • Improved handling of numeric user group names #20091
  • [com_content] Filter by no author #20245
  • Added support for PHP 7.3’s is_countable function #20441
  • Sending passwords by email disabled by default for new installs #20247

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.

This site uses Akismet to reduce spam. Learn how your comment data is processed.