Joomla 3.9.20 Security und Bugfix Release

Für das beliebte CMS Joomla, gibt es nun das Update 3.9.20. Dieses schließt 6 als Low Priority eingestufte Sicherheitslücken, und entfernt ca. 25 Fehler.

Joomla 3.9.20 Release Notes

Security Issues Fixed

• Low Priority – Core – CSRF in com_installer ajax_install endpoint (affecting Joomla! 3.7.0 through 3.9.19) More information »
• Moderate Priority – Core – Missing checks can lead to a broken usergroups table record (affecting Joomla! 2.5.0 through 3.9.19) More information »
• Low Priority – Core – CSRF in com_privacy remove-request feature (affecting Joomla! 3.9.0 through 3.9.19) More information »
• Low Priority – Core – Variable tampering via user table class (affecting Joomla! 3.0.0 through 3.9.19) More information »
• Low Priority – Core – Escape mod_random_image link (affecting Joomla! 3.0.0 through 3.9.19) More information »
• Low Priority – Core – System Information screen could expose redis or proxy credentials (affecting Joomla! 3.0.0 through 3.9.19) More information »

Bug fixes and Improvements

• Upload & Update tab of Joomla Update Component: Fix to allow upload of ZIP filetype only #29877
• Local database server: Allow optional port numbers #29567
• Beez3 Template: Markup fix for the Tabs layout of com_contact #29636
• Beez3 Template: Allow custom field editing on frontend #29577
• Backend cache cleared when purging updates #29603

Quelle: https://www.joomla.org/announcements/release-news/5814-joomla-3-9-20.html