Joomla 4.1.1 und 3.10.7 Security und Bugfix Release

Logo Joomla

Das CMS Joomla, erhielt das Update 4.1.1 und 3.10.7. Es behebt einige Fehler und schließt 7 bzw. 6 Sicherheitslücken.

Joomla 4.1.1 Release Notes

Security Issues Fixed

  • [20220301] Low Severity – Moderate Impact – Zip Slip within the Tar extractor (affecting Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0) More information
  • [20220302] Low Severity – Low Impact – Path Disclosure within filesystem error messages (affecting Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0) More information
  • [20220303] Low Severity – High Impact – User row are not bound to a authentication mechanism (affecting Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0) More information
  • [20220305] Low Severity – High Impact – Inadequate filtering on the selected Ids (affecting Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0) More information
  • [20220306] Low Severity – Low Impact – Inadequate validation of internal URLs  (affecting Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0) More information
  • [20220307] Low Severity – Moderate Impact – Variable Tampering on JInput $_REQUEST data (affecting Joomla! 4.0.0 through 4.1.0) More information
  • [20220308] Low Severity – Moderate Impact – Inadequate content filtering within the filter code  (affecting Joomla! 4.0.0 through 4.1.0) More information
  • [20220309] Low Severity – Moderate Impact – XSS attack vector through SVG (affecting Joomla! 4.0.0 through 4.1.0) More information

Bug fixes and Improvements

  • Fix language strings behaviour in TinyMCE
  • Fix switch for syntax highlighting in TinyMCE
  • Show failed tasks in scheduler
  • Correct usage of Jooa11y parameters
  • Codemirror enhancements
  • Several 8.x PHP fixes

Visit GitHub for the full list of bug fixes.

Joomla 3.10.7 Release Notes

Security Issues Fixed

  • [20220301] Low Severity – Moderate Impact – Zip Slip within the Tar extractor (affecting Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0) More information
  • [20220302] Low Severity – Low Impact – Path Disclosure within filesystem error messages (affecting Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0) More information
  • [20220303] Low Severity – High Impact – User row are not bound to a authentication mechanism (affecting Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0) More information
  • [20220304] Low Severity – Moderate Impact – Missing input validation within com_fields class inputs (affecting Joomla! 3.7.0 through 3.10.6) More information
  • [20220305] Low Severity – High Impact – Inadequate filtering on the selected Ids (affecting Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0) More information
  • [20220306] Low Severity – Low Impact – Inadequate validation of internal URLs  (affecting Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0) More information

Bug fixes and Improvements

Visit GitHub for the full list of bug fixes.

Quelle: Joomla 4.1.1 and 3.10.7 Release

1 thought on “Joomla 4.1.1 und 3.10.7 Security und Bugfix Release

  1. Pingback: Joomla 4.1.2 und 3.10.8 Regression Security und Bugfix Release – TASTE-OF-IT

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht.