Hosting Joomla

3.9.13
 (Sicherheitsupdate)
5 November - 70MBJoomla 3.9.13 is security and bug fix release.



Security

Low Priority - Core - CSRF in com_template overrides view (affecting Joomla 3.2.0 through 3.9.12) - A missing token check in com_template causes a CSRF vulnerability.

Low Priority - Core - Path Disclosure in phpuft8 mapping files (affecting Joomla 3.6.0 through 3.9.12) - Missing access check in the phputf8 mapping files could lead to an path disclosure.



Bug Fixes

Improve PHP 7.4 compatibility #25801 #25782 #26615 #26865

Improve reverse proxy support #25520

Fix active category detection #26330

Fix message filtering #26065

Improve sending mass mail #26844

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5780-joomla-3-9-13-release.html






3.9.12
 (Sicherheitsupdate)
24 September - 70MBJoomla 3.9.12 is security and bug fix release.



Security

Low Priority - Core - XSS in logo parameter of default templates (affecting Joomla 3.0.0 through 3.9.11)



Bug Fixes

Fix for minyear and maxyear in the calendar

Handle Google Font weights and styles in Protostar

Fix user session on mssql server

Protect SQL servers by adding pause mechanism to cli finder indexer

Fix Imagelist custom field default image

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5776-joomla-3-9-12-release.html






3.9.11
 (Sicherheitsupdate)
13 August - 70MBJoomla 3.9.11 is a security fix release for the 3.x series of Joomla which addresses one security vulnerability and contains over 25 bug fixes and improvements.



Security

Low Priority - Core - Hardening com_contact contact form (affecting Joomla 1.6.2 through 3.9.10) - Inadequate checks in com_contact could allowed mail submission in disabled forms.



Bug Fixes

Custom Fields: Fix language strings/unknown columns/sorting

Creating categories on the fly with numbers

Fix database schema checker for MySQL 8

Tree sorting in templates file tree

Improved PHP 7.4 compatibility

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5775-joomla-3-9-11.html






3.9.10
 (Sicherheitsupdate)
10 Juli - 70MBJoomla 3.9.10 is a bug fix release for the 3.x series of Joomla which addresses one bug introduced into 3.9.9, affecting template styles of multilingual web sites.

We would like to take a moment to apologise to our users for any loss of data caused by this bug. 



Bug Fixes

template styles of multilingual sites and results in lost data.



**IMPORTANT** information for users who have already updated to 3.9.9 and faced this issue.

Due to a bad sql update, the template style mapping to content languages has been lost. Unfortunately, this is an unrecoverable error.

You must either:

Restore the data manually by upgrading to Joomla 3.9.10 and then manually editing each template style and using the "Default" Field to the language required 

Or restore a 3.9.8 backup of your sites to recover the data before updating to Joomla 3.9.10.

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5774-joomla-3-9-10-release.html



Zeige mehr Versionen




3.9.9

9 Juli - 70MBNOTE: Joomla 3.9.9 included a bug that could destroy data in some cases. Installatron's upgrade system will skip over this version for that reason. The beneficial fixes in this release are included in 3.9.10.



Joomla 3.9.9 includes one security vulnerability fix and several bugs and improvements.



Security

Low Priority - Core - Filter attribute in subform fields allows remote code execution (affecting Joomla 3.9.7 through 3.9.8).



Bug Fixes

Repeatable Custom Fields: fix to keep HTML tags

Media Manager: Modal layout improved

Voting: Cache cleaned after voting

Article ordering: Items grouped by category first

Batch system: Improvements for Contact and Newsfeed

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5772-joomla-3-9-9-release.html






3.9.8

12 Juni - 70MB3.9.8



Bug fixes and Improvements

This is a bug fix release for the 3.x series of Joomla which addresses one bug introduced into 3.9.7 which affects web sites using the French Help Server.



3.9.7



Security

Low Priority - Core - CSV injection in com_actionlogs (affecting Joomla 3.9.0 through 3.9.6) - The CSV export of com_actionslogs is vulnerable to CSV injection.

Low Priority - Core - XSS in subform field (affecting Joomla 3.6.0 through 3.9.6) - The subform fieldtype does not sufficiently filter or validate input of subfields, this leads to XSS attack vectors.

Low Priority - Core - ACL hardening of com_joomlaupdate (affecting Joomla 3.8.13 through 3.9.6) - The update server URL of com_joomlaupdate can be manipulated by non Super-Admin users.



Bug fixes and Improvements

Batch system: Copy permissions of modules #24737 and categories #24730

Progessive cache improvements #20310

Fix to avoid duplicated custom fields in com_content #24516

RTL improvements #23107 #24722

Removal of the unofficial French Help Server #24927

TinyMCE improvements: #24978 #25037

RSS: Fix to display the right category #24932

Media Manager: Fix directory traversal for symlinked folders #24924

User registration: Correct http schema used #24089

Lesen Sie mehr: https://joomla.org/announcements/release-news/5771-joomla-3-9-8-release.html






3.9.6
 (Sicherheitsupdate)
8 Mai - 70MBSecurity

Low Priority - Core - XSS in com_users ACL debug views (affecting Joomla 1.7.0 through 3.9.5) - The debug views of com_users do not properly escape user supplied data, which leads to a potential XSS attack vector.

Low Priority - Core - Core - By-passing protection of Phar Stream Wrapper Interceptor (affecting Joomla 3.9.3 through 3.9.5) - In Joomla 3.9.3, the vulnerability of insecure deserialization when executing Phar archives was addressed by removing the known attack vector in the Joomla core. In order to intercept file invocations like file_exists or stat on compromised Phar archives the base name has to be determined and checked before allowing to be handled by PHP Phar stream handling. The used implementation however is vulnerable to path traversal leading to scenarios where the Phar archive to be assessed is not the actual (compromised) file.



Bug fixes and Improvements

Media Manager: Fix logic in file upload check introduced in 3.9.5 #24637

Edge Chromium support added #24379

User Notes: Fix date format #24529

Frontend editing: article category editable by Publishers and up #24640

Cache: Cache folder automatically created if it doesn’t exist #21952

PostgreSQL database improvements #24682 #24683 #24652

Lesen Sie mehr: https://joomla.org/announcements/release-news/5765-joomla-3-9-6-release.html






3.9.5
 (Sicherheitsupdate)
10 April - 70MBSecurity

Low Priority - Core - Directory Traversal in com_media (affecting Joomla 1.5.0 through 3.9.4) - The Media Manager component does not properly sanitise the folder parameter, allowing attackers to act outside the media manager root directory.

High Priority - Core - Helpsites refresh endpoint callable for unauthenticated users (affecting Joomla 3.2.0 through 3.9.4) - The "refresh list of helpsites" endpoint of com_users lacks access checks, allowing calls from unauthenticated users.

Moderate Priority - Core - Object.prototype pollution in JQuery $.extend (affecting Joomla 3.0.0 through 3.9.4) - The $.extend method of JQuery is vulnerable to Object.prototype pollution attacks.



Bug fixes and Improvements

User Password: Add minimum lowercase rule for password validation #24230

Associations tab: Fix wrong behaviour of Indonesian language #24244

Debug language: Fix User Actions Log Manager #24178

New installation language: Kazakh #24233

Google Authenticator plugin (2FA): QR-code generator implemented #24255

Lesen Sie mehr: http://joomla.org/announcements/release-news/5764-joomla-3-9-5-release.html






3.9.4
 (Sicherheitsupdate)
13 März - 70MBSecurity

High Priority - Core - Missing ACL check in sample data plugins (affecting Joomla 3.8.0 through 3.9.3) - The sample data plugins lack ACL checks, allowing unauthorized access.

Low Priority - Core - XSS in com_config JSON handler (affecting Joomla 3.2.0 through 3.9.3) - The JSON handler in com_config lacks input validation, leading to XSS vulnerability.

Low Priority - Core - XSS in item_title layout (affecting Joomla 3.0.0 through 3.9.3) - The item_title layout in edit views lacks escaping, leading to a XSS vulnerability.

Low Priority - Core - XSS in media form field (affecting Joomla 3.0.0 through 3.9.3) - The media form field lacks escaping, leading to a XSS vulnerability.



Bug fixes and Improvements

User Terms (#23787) and Privacy Consent (#23660) plugins: Layouts for the label and message added

Featured articles: Page subheading added #23583

Custom formfield layout paths simplified #22645

Com_contact: Contact name field moved out of the Contact Information block #23563

Custom module: Improvement of the frontend editing #23741

Action Logs improvement: Cache (#22739) and Purge/Export (#22740) actions are now logged

Lesen Sie mehr: http://joomla.org/announcements/release-news/5761-joomla-3-9-4-release.html






3.9.3
 (Sicherheitsupdate)
13 Februar - 70MBSecurity

Low Priority - Core - Lack of URL filtering in various core components (affecting Joomla 2.5.0 through 3.9.2) - Inadequate filtering on URL fields in various core components could lead to an XSS vulnerability.

Low Priority - Core - Browserside mime-type sniffing causes XSS attack vectors (affecting Joomla 1.0.0 through 3.9.2) - A combination of specific webserver configurations, in connection with specific file types and browserside mime-type sniffing causes a XSS attack vector.

Low Priority - Core - Additional warning in the Global Configuration textfilter settings (affecting Joomla 2.5.0 through 3.9.2) - "No Filtering" textfilter overrides child settings in the Global Configuration. This is intended behavior but might be unexpected for the user. An additional message is now shown in the configuration dialog.

Low Priority - Core - Stored XSS issue in the Global Configuration help url #2 (affecting Joomla 2.5.0 through 3.9.2) - Inadequate checks at the Global Configuration helpurl settings allowed a stored XSS.

Low Priority - Core - XSS Issue in core.js writeDynaList (affecting Joomla 2.5.0 through 3.9.2) - Inadequate parameter handling in JS code could lead to an XSS attack vector.

Low Priority - Core - Implement the TYPO3 PHAR stream wrapper (affecting Joomla 2.5.0 through 3.9.2) - The phar:// stream wrapper can be used for objection injection attacks. We now disallow usage of the phar:// handler for non .phar-files within the CMS globally by implementing the TYPO3 PHAR stream wrapper.



Bug fixes and Improvements

Prevent renaming/deleting the template index.php file #23654

Smart Search improvement #23736

Contacts banned fields removed #23585

Improvement of the Integration tab display #23711

Fix the category filter for featured articles #23454

Fix for the Template Style field in the menu manager #23556

Breadcrumbs for tags #23599

Lesen Sie mehr: http://joomla.org/announcements/release-news/5756-joomla-3-9-3-release.html






3.9.2
 (Sicherheitsupdate)
15 Januar - 70MBSecurity

Low Priority - Core - Stored XSS in mod_banners (affecting Joomla 2.5.0 through 3.9.1) - Inadequate escaping in mod_banners leads to a stored XSS vulnerability.

Low Priority - Core - Stored XSS in com_contact (affecting Joomla 2.5.0 through 3.9.1) - Inadequate escaping in com_contact leads to a stored XSS vulnerability.

Low Priority - Core - Stored XSS issue in the Global Configuration textfilter settings (affecting Joomla 2.5.0 through 3.9.1) - Inadequate checks at the Global Configuration Text Filter settings allowed a stored XSS.

Low Priority - Core - Stored XSS issue in the Global Configuration help url (affecting Joomla 2.5.0 through 3.9.1) - Inadequate checks at the Global Configuration helpurl settings allowed a stored XSS.



Bug fixes and Improvements

Fixes for states in com_finder (#23194), com_banners (#23193),  com_messages (#23192), com_users notes (#23191)

Removal of the Caching field in the languages (#23174), syndicate (#23166), random image (#23165), and login modules (#23152)

Editors API extended #23224

Menu Item Alias type: Redirection is optional #23278

com_media: Normalisation of uploaded file names (#23259)

Code cleanup and namespacing

Lesen Sie mehr: http://joomla.org/announcements/release-news/5755-joomla-3-9-2-release.html






3.9.1

3 Dezember 2018 - 70MB
Fix for the automatic title option of the Latest Actions admin module #22925

Com_privacy: Redirected to the privacy request form after login #22927

Update to TinyMCE 4.5.9 #22879

Performance improvement for the category and tag managers #22117

Fix for the delete module positions issue #22935

Preventing the System Privacy Consent plugin from running when logging out through a menu item #22939

Content - Page Break plugin: Possibility to use a template override for Previous/Next pagination #22932

Fix navigation to the first page in pagination when SEF is off #23042

System - User Actions Log plugin: Removal of the number of days limitation #23084

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5751-joomla-3-9-1-release.html






3.9
 (Hauptversion)
30 Oktober 2018 - 70MBPrivacy Tools

User Consents - Make light work of data privacy requirements

User information requests? Easy-peasy

Extension Capabilities - Put your users in the picture when it comes to privacy...

User Actions Log - Know who’s done what, and when



Highlights

Add notes to your articles in the backend, and filter them

A new search feature in the backend: search for a specific article content

Load a module by ID into your article

A repeatable custom field is now available

Create alternative layouts to fit your needs

Display the intro or full image in your newsflash module

Show only the articles from a specific author in your latest articles module, and more options!

A new toolbar button to edit associations

Propagate existing associations

Display your tags per language

Use Google Invisible reCAPTCHA on your websites

Argon2id Password is now supported

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5748-the-privacy-tool-suite-by-joomla-joomla-3-9-is-here.html






3.8.13
 (Sicherheitsupdate)
10 Oktober 2018 - 60MBSecurity

Low Priority - Core - Hardening com_contact contact form (affecting Joomla 2.5.0 through 3.8.12) - Inadequate checks in com_contact could allowed mail submission in disabled forms.

Low Priority - Core - Inadequate default access level for com_joomlaupdate (affecting Joomla 2.5.4 through 3.8.12) - Joomla's com_joomlaupdate allows the execution of arbitrary code. The default ACL config enabled access of Administrator-level users to access com_joomlaupdate and trigger a code execution.

Low Priority - Core - Access level Violation in com_tags (affecting Joomla 3.1.0 through 3.8.12) - Inadequate checks on the tags search fields can lead to an access level violation.

Low Priority - Core - ACL Violation in com_users for the admin verification (affecting Joomla 1.5.0 through 3.8.12) - In case that an attacker gets access to the mail account of an user who can approve admin verifications in the registration process he can activate himself.

Low Priority - Core - CSRF hardening in com_installer (affecting Joomla 2.5.0 through 3.8.12) - Added additional CSRF hardening in com_installer actions in the backend.

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5747-joomla-3-8-13-release.html






3.8.12

3 September 2018 - 60MBSecurity

Low Priority - Core - Hardening the InputFilter for phar stubs (affecting Joomla 1.5.0 through 3.8.11) - Inadequate checks in the InputFilter class could allow specifically prepared PHAR files to pass the upload filter.

Low Priority - Core - Stored XSS vulnerability in the frontend profile (affecting Joomla 1.5.0 through 3.8.11) - Inadequate output filtering on the user profile page could lead to a stored XSS attack.

Low Priority - Core - ACL Violation in custom fields (affecting Joomla 3.7.0 through 3.8.11) - Inadequate checks regarding disabled fields can lead to an ACL violation.



Bug fixes and Improvements

mod_articles_latest and mod_articles_news: fix to show featured articles #21336

Tags in com_content: fix to display tags when other item info are set to hidden #21275

com_tags: All Tags default layout #21031

Allows filtering by the archived state in the redirect component #21673

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5738-joomla-3-8-11-release.html






3.8.11

3 August 2018 - 60MBHighlights

Fix for the Missing "Select Type" field in the Extensions Manager

Replace the URL parameter "limitstart=0" by "start=0" when SEF is enabled

Remove non callable array items from field categories

Articles - Category Module: New ‘showon’ attribute for form fields

Fix OpenSearch implementation

Fix for tag filtering in Featured Articles view in administrator

Fix for filtering Featured Articles by access level in administrator

Media manager: relative paths for video files

Com_menus: removal of useglobal attribute

Multilingual Associations Component: fix associations in sidebyside view for contact and newsfeeds

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5738-joomla-3-8-11-release.html






3.8.10
 (Sicherheitsupdate)
28 Juni 2018 - 32MB3.8.10



Bug Fixes:

Fixes one bug introduced into 3.8.9 which affects Windows servers.



3.8.9



Security

Low Priority - Core - Local File Inclusion with PHP 5.3 (affecting Joomla 2.5.0 through 3.8.8)

Low Priority - Core - XSS vulnerability in language switcher module (affecting Joomla 1.6.0 through 3.8.8)



Bug Fixes

Correctly escape the random image module output

Fix folder browsing and file upload that broke in 3.8.8 due to escaping

com_mailto (mail to friend) allows the usage of a Captcha by using JForm

Tag indexing improvement

Fix use of hyphens in data attributes

Updates to third party PHP libraries

CodeMirror updated to 5.38.0

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5737-joomla-3-8-10-release.html






3.8.8
 (Sicherheitsupdate)
23 Mai 2018 - 32MBSecurity Issues Fixed

Low Priority  - Core - ACL violation in access levels (affecting Joomla 2.5.0 through 3.8.7) - Inadequate checks allowed users to modify the access levels of user groups with higher permissions.

Low Priority -  Core - Add phar files to the upload blacklist (affecting Joomla 2.5.0 through 3.8.7) - Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver.

Moderate Priority -  Core - Information Disclosure about unpublished tags (affecting Joomla 3.1.0 through 3.8.7) - Inadequate checks allowed users to see the names of tags that were either unpublished or published with restricted view permission.

Low Priority -  Core - Installer leaks plain text password to local user (affecting Joomla 3.0.0 through 3.8.7) - The web install application would autofill password fields after either a form validation error or navigating to a previous install step, and displays the plain text password for the administrator account at the confirmation screen.

Moderate Priority -  Core - XSS Vulnerabilities & additional hardening (affecting Joomla 3.0.0 through 3.8.7) - Inadequate input filtering leads to multiple XSS vulnerabilities. Additionally, the default filtering settings could potentially allow users of the default Administrator user group to perform a XSS attack.

Low Priority - Core - Filter field in com_fields allows remote code execution (affecting Joomla 3.7.0 through 3.8.7) - Inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option.

Low Priority - Core - Session deletion race condition (affecting Joomla 3.0.0 through 3.8.7) - A long running background process, such as remote checks for core or extension updates, could create a race condition where a session which was expected to be destroyed would be recreated.

Low Priority - Core - Possible XSS attack in the redirect method (affecting Joomla 3.2.1 through 3.8.7) - Under specific circumstances (a redirect issued with a URI containing a username and password when the Location: header cannot be used), a lack of escaping the user-info component of the URI could result in a XSS vulnerability.

Low Priority - Core - XSS vulnerability in the media manager (affecting Joomla 1.5.0 through 3.8.7) - Inadequate filtering of file and folder names lead to various XSS attack vectors in the media manager.



Bug Fixes

Miscellaneous accessibility improvements for the Backend

Updated CodeMirror to 5.37 and various improvements #20269 #19833 #12542

Improved handling of numeric user group names #20091

[com_content] Filter by no author #20245

Added support for PHP 7.3’s is_countable function #20441

Sending passwords by email disabled by default for new installs #20247

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5730-joomla-3-8-8-release.html






3.8.7

23 April 2018 - 32MBBug Fixes

Various backend improvements for multi language websites (admin menus and associations)

CodeMirror editor updated to 5.35.0 #19809

Allow absolute or relative URLs for redirects #19942

Improved handling of read-only field data in com_fields #20068

Highlight all matching text in Smart Search results #20019

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5728-joomla-3-8-7-release.html






3.8.6
 (Sicherheitsupdate)
13 März 2018 - 32MBSecurity

Low Priority - Core - SQLi vulnerability in User Notes (affecting Joomla 3.5.0 through 3.8.5) - The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the User Notes list view.



Bug Fixes

Various session management improvements #19548, #19687

Multilingual: Associated categories should display only when published #19551

Improve performance of the com_content category view with filter by tags #19284

[com_fields] Fields are not copied when batch duplicating an article #16958

Pass the configuration tmp_path to the archive package for extension installations #19608

Hide global configuration and system information from non super users #19697

Language overrides do not find plugin language files when files are in the plugin language folder #19740

reCAPTCHA V1 - Discontinued #19648

Delete existing user_keys, if password is changed #17827

PHP 7.2 compatibility fixes

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5725-joomla-3-8-6-release.html






3.8.5

9 Februar 2018 - 32MBBug Fixes

Joomla 3.8.5 addresses regressions reported after the release of Joomla 3.8.4, including the revert of routing changes applied in Joomla 3.8.4 (learn more about issue #19512 on GitHub) and broken syntax highlighting in the CodeMirror editor.



Full Changelog

#19561 Revert content archive routing

#19512 Revert routing changes in 3.8.4

#19533 CodeMirror Updated to 5.34.0

#19514 Fix delete session meta data error

#19488 Move from protocol relative links to https for google fonts imports

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5724-joomla-3-8-5-release.html






3.8.4
 (Sicherheitsupdate)
31 Januar 2018 - 32MBSecurity Issues Fixed

Low Priority - Core - XSS vulnerability in module chromes (affecting Joomla 3.0.0 through 3.8.3) - Lack of escaping in the module chromes leads to XSS vulnerabilities in the module system.

Low Priority - Core - XSS vulnerability in com_fields (affecting Joomla 3.7.0 through 3.8.3) - Inadequate input filtering in com_fields leads to a XSS vulnerability in multiple field types, i.e. list, radio and checkbox.

Low Priority - Core - XSS vulnerability in Uri class (affecting Joomla 1.5.0 through 3.8.3) - Inadequate input filtering in the Uri class (formerly JUri) leads to a XSS vulnerability.

Low Priority - Core - SQLi vulnerability in Hathor postinstall message (affecting Joomla 3.7.0 through 3.8.3) - The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message.



Bug Fixes

Contact form loses data after submission with error #17743

Smart Search performance improvement for common words #12450

Performance improvement in Smart Search indexing process #17390

Update jQuery Autocomplete to 1.4.7 #18113

Update CodeMirror to 5.33.0 #18880

Update srcset url conversion to handle commas and spaces #18327

Custom Fields: Handle tag items properly #19006

Fix filepath to PHPMailer language file #19072

Display category title as page heading and page title when no menu item for com_content category #19195

Respect access level in com_content #18417

Miscellaneous PHP 7.2 compatibility fixes



Full Changelog

#19447 Do not add unnecessary parameters in the archive link

#19450 Fix filter by multiple categories

#18416 [installer] - sanitize extensions type as lower case

#19415 Regression in createUri

#19443 Fix media manager 'up' button

#19397 [com_content] - archived legacy SEF fix

#19423 Regression: Isis RTL forgotten in 19417

#19417 Regression in the ISIS backed css

#19406 [bug] Featured article menu item does not respect Show Unauthorised Links menu item parameter

#19295 Correctly redirect after logging into the multilingual joomla with association enabled

#19391 Retain filtered month in archive form

#18880 Codemirror updated to 5.33.0

#15509 [SQL] - remove triplicated index from #__user_keys

#17120 Janitorial Duty

#17671 Allow to delete cache items without any errors is system cache is disabled.

#17861 Fix PHP HHVM incompatibility in JFormField::getAttribute()

#18417 [com_content] - respect acces level

#18881 Tag and bracket completion and matching bug

#19136 Mod_Wrapper multiple instances

#19145 Fix form data lost when user registration failed

#19344 [Regression] Fix undefined index: *

#19385 [Protostar] Fix top nav dropdown disappearing in FF

#19328 Protostar: missing some RTL code and order rtl classes load

#19165 Decrease the frequency of session metadata cleanup and where in the request cycle it occurs

#19195 Display category title as page heading and page title when no menu item for com_content category

#19261 Improve the loading speed of category items

#19283 additional complex value test

#19310 Select not click

#19314 Multilanguage: Correcting display of associated articles when they are Unpublished or when user has no access to them

#19366 Create apcu-7.2.ini

#19177 [CS] Code Style round 1 fixes for libraries/scr

#19359 Use https URLs for openstreetmap.org.

#19178 [CS] Code Style round 2 fixes for libraries/src

#19173 [CS] Code Style fixes for administrator/components,modules,templates

#19176 [CS] Code Style fixes for plugins/

#19175 [CS] Code Style fixes for modules/

#19342 Build status icons in table

#17743 Contact form loses data after postback with error

#12450 Smart Search common words assigned too much weight

#19135 php 7.2 fix for count

#19201 [CS] New round of Code Style fixes for components/

#19250 [ChangeItem] - calisthenic code part 1

#19315 helpTOC cli script

#19294 Typo on comment

#19268 Fix parser error in plugin languagefilter on php5

#18443 [ChangeItem] - the check query should return array instead of object - PHP 7.2

#18522 Fix Joomla! search highlighting when including chars like ) (. Create…

#18573 Fix Undefined index: JHtmlBootstrap::startAccordion / JHtmlBootstrap::startTabSet

#19099 Do not add default or active Itemid to every link without own menu item

#19116 com_redirect modal close button check in fix

#19141 Profile plugin fields can be left empty when required on admin edit

#19164 [install] - remove Notice: Undefined property: stdClass::$class

#19193 Fix warning on JHtmlMenu::treerecurse method on PHP 7.2

#19197 Set active class in mod_articles_categories when SEF is off

#19171 [CS] Plugin field type

#19174 [CS] Code Style fixes for components/

#19170 [CS] "clone" is a statement not a function

#19167 Fix metadata

#19155 [CS] Code Style fixes for unit tests

#19161 [CS] Code Style fixes for Superfluous Whitespace

#19168 [CS] Fix @package tag

#19166 [CS] copyright tag comment indented incorrectly

#19154 [CS] Code Style fixes for libraries Object operator not indented correctly

#19157 [CS] Code Style fixes for components/com_config and components/com_tags

#19160 [CS] Code Style fixes for Valid Logical Operators

#19158 [CS] Code Style fixes for plugins: captcha, finder,search,system,user

#19153 [CS] Code Style fixes for components\com_contact

#19151 [CS] tabs Code Style fixes for administrator/components

#19152 [CS] Code Style fixes for libraries\src\Application\WebApplication.php

#19156 [CS] Code Style fixes for libraries/src/Document/Document.php

#19159 [CS] clone is a Statement Not Function

#19162 [CS] Round 2 Code Style fixes for Superfluous Whitespace

#19163 [CS] Round 3 Code Style fixes for Superfluous Whitespace

#12039 Radio field: fix readonly and disabled option

#15951 Avoid conflict between JQTooltip in the same DOM as a BSTooltip

#18377 Batch users modal has invalid markup

#19104 markup in title attribute does not render in tooltip

#19108 Improve UsersRouterRulesLegacy build method

#19115 Remove title attribute from icons of the Batch/Bulk Import buttons

#19117 Grammar fix

#19118 Calendar button

#19128 [a11y & c/s] Module settings

#19129 Fix grammar

#19138 Enhanced stub generator

#19050 Use original cased alias for deprecation logging

#19140 template menu separator fix

#19142 Change error on registration

#19143 Link CSS style strings

#19137 Typo in comment

#18101 Passing a null value for the first argument of Text::script() is depr…

#18239 [com_fields] Color plugin - invalid markup

#18982 In-menu-item modal modual editor fix

#19025 [com_fields] Encode complex values to JSON

#19049 Don't hardcode class/method names into Exception messages

#19109 Improve UsersHelperRoute

#19081 [CS] Code Style fixes for administrator/components/com_templates/

#19082 [CS] Code Style fixes for administrator/components/com_users/

#19080 [CS] Code Style fixes for administrator/components/com_tags/

#19098 Reserve other values for the download source tags

#17390 Chunk the tokens array to avoid making extremely long queries.

#18113 Update jQuery Autocomplete to 1.4.7

#18327 Update srcset url conversion to handle commas and spaces

#18372 JED message invalid html

#19006 [com_fields] Handle tag items properly

#19051 Improve captcha empty error message

#19058 Fix undefined index: com_fields in contact form

#19072 Fix filepath to PHPMailer language file

#19075 Ensure catid to be an integer array in search archived articles

#19084 Correction for menu request params

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5723-joomla-3-8-4-release.html






3.8.3

14 Dezember 2017 - 32MBHighlights

Support for multiple download sources on update servers (AKA download mirrors) #18926

PHP 7.2 Compatibility fixes

Update TinyMCE 4.5.8 #18574

Multilingual Associations component:  reduce the number of duplicate queries #18544

[com_fields] Multilanguage: fixing display of fields when the item concerned is set to ALL #18536

Eliminate crippling performance of content search plugin for large sites with custom fields #18915

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5717-joomla-3-8-3-release.html






3.8.2
 (Sicherheitsupdate)
8 November 2017 - 32MBSecurity Issues Fixed

Medium Priority - Core - LDAP Information Disclosure (affecting Joomla! 1.5.0 through 3.8.1) - Inadequate escaping in the LDAP authentication plugin can result in disclosure of username and password.

Medium Priority - Core - Two-Factor Authentication Bypass (affecting Joomla! 3.2.0 through 3.8.1) - A bug allowed third parties to bypass a user's 2-factor-authentication method.

Low Priority - Core - Information Disclosure (affecting Joomla! 3.7.0 through 3.8.1) - A logic bug in com_fields exposed read-only information about a site's custom fields to unauthorized users.



Bug Fixes

Display subcategories in blog layout only when user has access #18408

Tags being deleted by any batch action and by drag and drop reordering #18328

Search Module not displayed on the core templates error page #18375

Fix unneeded repetitive filesystem access / checks causing performance issue in custom fields #17893

Fix backend articles manager not listing articles in sub-categories when categories filter is active #18179



Full Changelog

#18509 Change: Return error 404 instead of error 0 for non-existent page, ex index.php?Itemid=9999

#18456 Change: Searchtools css on smaller screens

#18463 Change: Label element without control

#18470 Change: Multilingual Associations iframes require a title

#18473 Change: Help screen invalid markup

#18475 Change: Flags ALT tags in language switcher module

#18485 Change: Fix undefined $langCode

#18490 Change: Duplicate id in fields_groups

#17533 Change: Move JHttpFactory::getHttp() into try catch and add error handling

#18497 Change: [Travis] Redis exists returns integer values

#18492 Change: Fix invalid markup

#18496 Language Change: Remove space after the string JGLOBAL_EXPAND_CATEGORIES

#18482 Language Change: Update Czech calendar language file

#18472 Change: Help screens iframe

#18467 Change: Flags alt tags

#18466 Language Change: [IMP} Changing string for no user + adding None in authors column in managers

#18459 Language Change: Expand category icon

#18445 Language Change: [fix] Frontend Filtering by author broken in modal when inserting article via xtd

#18444 Language Change: Custom Field repeatable icons

#18440 Change: [fix] Filtering authors by 'No user` for articles and featured managers. Correcting broken filtering by author in featured manager

#18433 Change: Fix for Search with a / in the title

#18426 Change: Update search bar layout

#18415 Change: Do not force HTML5 polyfill on modern browsers

#18407 Change: [com_tags] Always use slug to create tag links

#18404 Change: Removing menu children on component install can destroy the whole menu tree

#18308 Change: Optimize `ComponentHelper`: isInstalled and other

#18307 Language Change: Fix container menu item description

#17310 Change: Logged user is loaded twice

#18436 Change: Little correction for de.js

#18408 Change: [fix] Display subcategories in blog layout only when user has access

#18350 Unit/System Tests: If there is no menu item with layout then use menu item without layout

#18336 Change: Fixes #18228. Renaming a menutype while a list is filtered on it, causes error in list.

#18275 Change: admin login using keyboard fix tab order

#18248 Change: Set correct session key for category filter tag

#18202 Language Change: Remove unused meaningless strings

#18200 Change: plugins and templates - number not text

#18075 Change: Add new method BufferStreamHandler::stream_register()

#18357 Change: Isis Pagination  update

#18199 Change: Components - number not text

#18214 Change: [Category manager] Fix level limit for links linking to every category articles to be 1 (only the category itself)

#18362 Change: Update sidebar toggle layout for aria

#18371 Change: Versions toolbar button consistency

#18409 Change: Update italian tinymce language

#18326 Language Change: Protostar pagination update

#18328 Change: Fix tags being deleted by any batch action and by drap and drop reordering of records

#18375 Change: [Fix] Search Module does not display in the error.php page

#18391 Change: Set missing column system_data for template installation

#18359 Change: patch the non existent editor

#18354 Change: [com_content] - no votes/ratings label if vote plugin disabled

#18335 Change: [com_modules] - show only current user access level modules

#18286 Change: Login footer links with debug enabled

#18266 Change: [redis] - add db selection for redis session storage

#18345 Change: Prevent displaying xtd-field when com_fields is disabled

#17893 Change: Fix unneeded repetitive filesystem access / checks (e.g. 10,000 in category view) causing performance issue in custom fields feature

#18355 Change: Registered the SodiumCipher class

#10739 Change: [com_content] - use index for check duplicate alias

#16480 Unit/System Tests: Fix for: Field subform (multiple) produces wrong id

#18143 Change: No value on joomla update: files extracted #18142

#18260 Unit/System Tests: If the link is the same as active menu item then use it

#18264 Change: [mod_menu] too much duplicate queries in menu.php

#18315 Change: Fix sqlsrv syntax for query SELECT with DISTINCT and LIMIT

#18329 Change: Beez3: Add missing double quote after nofollow noopener noreferrer

#18339 Language Change: Update cy-GB installation language

#18169 Language Change: php 7.2 compatibility mcrypt checks

#18293 Change: Added vote requires to array for list type

#17381 Change: Fix delete cache items from redis and others

#17970 Language Change: Text separator with menu item params

#18159 Change: Allow alternate menuitems being selected as alternate layouts

#18179 Change: Fix backend articles manager not listing articles in sub-categories when categories filter is active

#18223 Change: Option colour in menu settings

#18224 Change: Only create DB record when enabled

#18253 Change: Use CodeMirror's functions to try to determine the correct mode

#18267 Change: Check if exists variable is equal to null instead use isset

#18271 Change: Remove notice in com_content legacyrouting

#18282 Change: Fix indentation

#18278 Change: Refactors _quickicons.less

#18268 Change: CS fix for comments

#18261 Change: Languages Keys should be uppercase

#18231 Change: Banner Tracks background

#18251 Change: xml codestyle

#18210 Change: [protostar] Clearfix after component

#18255 Change: Fixed the stability check when looking for updates for an extension

#18099 Change: CodeMirror Update

#18076 Change: Add useglobal to JFormFieldNumber

#18093 Change: Suppress empty class attribute in pagination

#18135 Language Change: Show the root user configuration to any superadmin when enabeld

#18234 Change: Category Blog multiple tags filter

#18233 Change: Hide mass mail menu if disabled

#18221 Change: Search with a / in the title

#18216 Change: [com_menus] Hide move/copy in admin menu batch modal

#18212 Change: [com_fields]List Field Placeholder Parameter is not used

#18195 Change: [com_menus] Hide Process button when in Trashed status (Admin menu)

#18194 Change: Modules - number not text

#18191 Language Change: Correct the menutype descriptions

#18165 Language Change: New Router Label

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5716-joomla-3-8-2-release.html






3.8.1

8 Oktober 2017 - 32MBHighlights

Fix handling of image srcset attribute #17978

Some plugin events were triggered multiple times #18066

Redirect plugin not redirecting correctly #17997

Removed checks causing some admin menu items to be hidden #18156

LDAP login broken #17989

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5715-joomla-3-8-1-release.html






3.8.0
 (Hauptversion)
22 September 2017 - 35MBHighlights

New Routing System - The new routing system gives users more control over their URL structure, including the often requested ability to remove IDs from URLs

Joomla! 4 Compatibility Layer - The development of Joomla! 4 has made some changes in how the core code is structured by migrating classes to use PHP namespaces. Joomla! 3.8 includes a mapping layer to allow developers to use the older class names while being able to take advantage of the new class name structure.

Improved Sample Data Installation - It is now possible to install sample data within your site backend after finishing the installation process, allows users to create their own generic data sets or extension developers to provide easy-to-install sample data for their extensions

Sodium Encryption Support - PHP 7.2 introduces the new sodium extension for processing encrypted data, through a polyfill of this library Joomla! 3.8 makes this new API available for all of our users even before they upgrade to PHP 7.2

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5711-joomla-3-7-5-release.html






3.7.5

22 August 2017 - 35MBBug Fixes

Joomla! is not installing on remote databases #17248

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5711-joomla-3-7-5-release.html






3.7.4
 (Sicherheitsupdate)
26 Juli 2017 - 35MBSecurity Issues Fixed

Core - Installer: Lack of Ownership Verification (affecting Joomla! 1.0.0 through Joomla! 3.7.3) - The CMS installer application lacked a process to verify the users ownership of a webspace, potentially allowing users to gain control. Please note: Already installed sites are not affected, as this issue is limited to the installer application!

Core - XSS Vulnerability (affecting Joomla! 1.5.0 through Joomla! 3.7.3) - Inadequate filtering of potentially malicious HTML tags leads to XSS vulnerabilities in various components.



Bug Fixes

Fatal error for PHP 5.3 and a multilanguage site #16966

Multilingual com_tags getting wrong language cookie #17084

Post installation message: Wrong php detection #16964

com_contact address is no longer displayed #16971

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5710-joomla-3-7-4-release.html






3.7.3
 (Sicherheitsupdate)
4 Juli 2017 - 35MBSecurity Issues Fixed

Core - Information Disclosure (affecting Joomla 1.7.3-3.7.2) - Improper cache invalidation leads to disclosure of form contents.

Core - XSS Vulnerability (affecting Joomla 1.7.3-3.7.2) - Missing CSRF token checks and improper input validation lead to an XSS vulnerability.

Core - XSS Vulnerability (affecting Joomla 1.5.0-3.6.5) - Inadequate filtering of multibyte characters leads to XSS vulnerabilities in various components.



Bug Fixes

Calendar fixes #16794

Fix frontend menus of menu type "main" or "menu" and backend main menu #16577

Tags: Respect Browser Page Title in view Tagged Items #16773

Adding thumbs file names in Media Manager #16769

Remove PHP memory_limit from max upload size calculation #16741

Fix custom fields without a fieldgroup not being displayed #16705

Update tinymce to 4.5.7 #16042

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5709-joomla-3-7-3-release.html






3.7.2

25 Mai 2017 - 35MBBug Fixes

Fix mime checks

Clear cache with more operations

Setting week numbers to display per default

Fix Page filtering in the Modules manager

Fix Copy Reference to Target issue

Allow multiple values for the integer field

Lesen Sie mehr: https://www.joomla.org/announcements/release-news/5706-joomla-3-7-2-release.html






3.7.1

17 Mai 2017 - 35MBSecurity Issues Fixed

High Priority - Core - SQL Injection (affecting Joomla! 3.7.0)



Bug Fixes

Fixed attribute checks in the new calendar #15573

Inject the JInput dependency into the session handler #15605

Fix b/c break in JMenuItem #15553

Fix article ordering in the backend #15655

Fix milliseconds handling in for PHP Versions lower to 7.1.0 #15853

Fixing JFilterInput adding byte offsets to character offset #15966

Redirection fails on multiple status values produced by old FOF2 Extensions #15738

Remove empty locked cache file if callback function terminate process #15592

Lesen Sie mehr: http://joomla.org/announcements/release-news/5705-joomla-3-7-1-release.html






3.7.0
 (Hauptversion)
26 April 2017 - 35MBThe Joomla! Project is proud to announce the release of Joomla! 3.7, the latest in the 'Joomla! 3' series. This new release features over 700 improvements to the popular CMS, including many features which make administration of Joomla! Web sites easier and more feature-rich, as well as several security updates.
Lesen Sie mehr: http://joomla.org/announcements/release-news/5703-joomla-3-7-is-here.html






3.6.5

14 Dezember 2016 - 35MBThis is a security release for the 3.x series of Joomla! which addresses two critical security vulnerabilities and a bug fix for two-factor authentication. We strongly recommend that you update your sites immediately.



Security

High Priority - Core - Elevated Privileges (affecting Joomla! 1.6.0 through 3.6.4)

Low Priority - Core - Shell Upload (affecting Joomla! 3.0.0 through 3.6.4)

Low Priority - Core - Information Disclosure (affecting Joomla! 3.0.0 through 3.6.4)

Security Hardening



Bug Fixes

#12817 Fix Joomla Updater for Windows Users

#12984 Fix installation language for sr-YU

#12589 and #13127 Fix default values for user creation on installation

Lesen Sie mehr: http://joomla.org/announcements/release-news/5693-joomla-3-6-5-released.html






3.6.4
 (Sicherheitsupdate)
25 Oktober 2016 - 35MBThis is a security release for the 3.x series of Joomla! which addresses two critical security vulnerabilities and a bug fix for two-factor authentication. We strongly recommend that you update your sites immediately.



Security

CVE-2016-8870 - High Priority - Core - Account Creation (affecting Joomla! 3.4.4 through 3.6.3) - Inadequate checks allows for users to register on a site when registration has been disabled.

CVE-2016-8869 - High Priority - Core - Elevated Privileges (affecting Joomla! 3.4.4 through 3.6.3) - Incorrect use of unfiltered data allows for users to register on a site with elevated privileges.



Bug Fixes

#12497 Two-Factor Authentication encryption fix

Lesen Sie mehr: http://joomla.org/announcements/release-news/5678-joomla-3-6-4-released.html






3.6.3

20 Oktober 2016 - 35MBThis release fixes a Backwards Compatibility Break we made in 3.6.2 with the article ordering. In addition there are a large number of minor improvements and bug fixes.



Highlights

TinyMCE updated to 4.4.3

CodeMirror updated to 5.18.0

Lesen Sie mehr: https://joomla.org/announcements/release-news/5676-joomla-3-6-3-released.html






3.6.2

5 August 2016 - 35MBThis release fixes some issues found in the previous release.



Highlights

PHP 5.3 users were unable to login

Cloaking emails could cause issues with placeholder and input values that were emails

Emails in links with attributes had the attributes stripped when email cloaking happens

Lesen Sie mehr: http://joomla.org/announcements/release-news/5667-joomla-3-6-2-released.html






3.6.1

4 August 2016 - 35MBThis release fixes several low level security issues. 



Highlights

Fixes a bug resulting from a backwards compatibility break in PHP 7.0.9

Fix for language redirects being cached in the browser

Fix upgrades from Joomla! 2.5.28

Fix SQLAzure database driver

TinyMCE upgrade to 4.4.0.



Security Issues Fixed

Medium Priority - Core - CRSF

Low Priority - Core - ACL Violations

Low Priority - Core - XSS Vulnerability

Lesen Sie mehr: http://joomla.org/announcements/release-news/5665-joomla-3-6-1-released.html






3.6.0
 (Hauptversion)
12 Juli 2016 - 35MBThis version introduces more than 400 improvements, including many features which make administration of Joomla! Web sites easier and more feature-rich, as well as many UX (user experience) improvements.



Highlights

Joomla! Update has been improved and now allows you to reinstall Joomla’s core files at the click of a button, overwriting any modified file(s) and reverting them back to the default.

Joomla! 3.6 contains a lot of UX improvements. Now you can find your modules faster, have tasks done by dropdown, improved user management and so much more...

With the new Sub Form Field function in Joomla! 3.6, we added some extra additional functionality next to Repeatable fields. Now you can nest XML forms inside each other or reuse your existing forms inside your current form.

Create categories on the fly: It can get frustrating when you create a new item, and you realise that you haven’t created a category yet. Joomla! 3.6 now lets you create a category on the fly for articles, contacts, newsfeeds and banners.

Menu type ACL: ACL in the backend did not exist at the menu level, now we have improved that. Give or block certain user groups access to a specific menu, and therefore also all menu items of that menu.

See what's in your menus with All Menu Items: The new option to show all items from all menus gives you a quick overview of what is displayed where on your website. It has never been easier to spot duplicated links, missing menu items or just get an overview of every menu on your site.

Lesen Sie mehr: http://joomla.org/announcements/release-news/5664-joomla-3-6-is-here.html






3.5.1

6 April 2016 - 35MBThis version fixes some issues found in the 3.5.0 release two weeks ago.



Highlights

Fix root url sometimes returning empty in canonical URLs

Fix having to log in twice when user session expires

Some SMTP emails could no longer be sent due to a bug in the SMTP email server setup

Session restarts caused PHP Errors

Fix insertid() returning 0 for the PDO MySQL driver

Fix the Empty trash and unarchive button not existing for com_banners

Lesen Sie mehr: http://joomla.org/announcements/release-news/5655-joomla-3-5-1-released.html






3.5.0
 (Hauptversion)
21 März 2016 - 35MBThis version of Joomla! supports the most recent release of PHP, the most popular programming language for developing web applications. PHP 7 was recently announced with significant performance improvements and is now available for use by the general public. With Joomla! 3.5 users can now enjoy the benefit of that performance improvement.



Highlights

Download system & environment information: gives users the option to download system/environment information for support purposes.

Ability to add a user CSS file to Protostar: currently it is impossible to use a custom.css file when using the Protostar template. This update adds a check to see if the file user.css exists and loads the file to allow for user customisation.

Added site and admin links to module user: adds switches to the mod_status module to show/hide links to the front-end and back-end of the site.

Article counts: a set of updates that allows the visual presentation of published, unpublished and trashed articles in the Category Manager for articles, banners, contacts and newsfeeds.

Random category blog and list order: this update answers a common user request to add a random ordering option for articles in the blog category and category list view.

Editor Buttons added to the Toolbar: You no longer need to scroll down the page to find the "readmore" or "insert image" buttons. Editor extension buttons that used to be placed below the text area can now be found in the toolbar where they belong.

Easily Insert Modules in Articles: allows users to easily add a module into an article with a button directly on the editor toolbar. Users don’t need to learn any syntax or remember the module details as the user interface does it for them.

Drag and Drop Images: Adding an image is now as easy as dragging and dropping it from your computer directly into the content. This works anywhere that you are using the default TinyMCE WYSIWYG editor.

Lesen Sie mehr: http://joomla.org/announcements/release-news/5654-joomla-3-5-is-here.html






3.4.8

25 Dezember 2015 - 35MBJoomla 3.4.8 fixes some issues found in the 3.4.7 release on Monday to do with browser sessions. All reported bugs from the 3.4.7 update have been fixed in this release.



Bugs Fixed:

Users were unable to edit or create items after the 3.4.7 update

Fatal error about connection->stat() not existing on external database connections

After session timeout users could still navigate the backend but without being able to create/edit items or use pagination/filters

Lesen Sie mehr: http://joomla.org/announcements/release-news/5644-joomla-3-4-8-released.html






3.4.7
 (Sicherheitsupdate)
21 Dezember 2015 - 35MBThis release addresses a critical security vulnerability and one low level security vulnerability.



Security Issues Fixed

High Priority - Core - Session Hardening Execution (affecting Joomla 1.5 through 3.4.6)

Low Priority - Core - SQL Injection (affecting Joomla 3.0.0 through 3.4.6)

Lesen Sie mehr: http://joomla.org/announcements/release-news/5643-joomla-3-4-7.html






3.4.6
 (Sicherheitsupdate)
14 Dezember 2015 - 35MBThis release addresses four reported security vulnerabilities and includes security hardening of the user password reset system.



Security Issues Fixed

High Priority - Core - Remote Code Execution (affecting Joomla 1.5 through 3.4.5)

Low Priority - Core - CRSF Hardening (affecting Joomla 3.2.0 through 3.4.5)

Low Priority - Core - Directory Traversal (affecting Joomla 3.2.0 through 3.4.5)

Low Priority - Core - Directory Traversal (affecting Joomla 3.4.0 through 3.4.5)

Lesen Sie mehr: http://joomla.org/announcements/release-news/5641-joomla-3-4-6-released.html






3.4.5
 (Sicherheitsupdate)
22 Oktober 2015 - 35MBThis is a security release for a high level security issue.



Security Issues Fixed

High Priority - Core - SQL Injection (affecting Joomla 3.2 through 3.4.4)

Medium Priority - Core - ACL Violations (affecting Joomla 3.2 through 3.4.4)

Medium Priority - Core - ACL Violations (affecting Joomla 3.0 through 3.4.4)

Lesen Sie mehr: http://joomla.org/announcements/release-news/5628-joomla-3-4-4-released.html






3.4.4
 (Sicherheitsupdate)
8 September 2015 - 35MBThis is a security release for a low level security issue.



Security Issues Fixed:

Low Priority - Core - XSS Vulnerability: Inadequate escaping leads to XSS vulnerability in login module.



Issues Fixed:

Further en-GB language cleanup

Fixes for MSSQL and PostgresSQL Joomla installations

jQuery, HTML5Shiv and CodeMirror updates

Finished implementing the Joomla! codestyle rules



Bugs Fixed:

#7832 MSSQL - install extensions

#7814 Update $explodedName with reversed array

#7811 Language: Error when mass changing directory to folder

#7806 Fixes wrong behaviour in filter method of JForm class

#7801 HTML5 Shiv Update to 3.7.3

#7798 Update jQuery to 1.11.3

#7796 CodeMirror 5.6

#7791 Sync frontend en-GB.lib_joomla.ini with changes made in backend.

#7789 Adding administrator/templates/isis/html/message.php file to delete

#7788 Protostar: Correcting classes for alert messages (Solves #7786)

#7785 $model->validate() requires the form parameter.

#7778 SQL errors when installing extensions on MS SQL Server

#7769 Index category after save in finder plugin

#7768 Rendering params fieldsets on site article form

#7761 Fix some strange code

#7759 Fix wrong CSS Class on Tags edit view title

#7758 Add deprecation tags for methods logging deprecation notices

#7753 Wrong datetime NOW for JForm field calendar

#7752 Fix the missing lang strings for com_media

#7748 [codestyle] Use spaces instead of tabs for equal signs at the other folders

#7747 [codestyle] Use spaces instead of tabs for equal signs at the modules folder

#7746 [codestyle] Use spaces instead of tabs for equal signs at the plugins folder

#7745 [codestyle] Use spaces instead of tabs for equal signs at the templates folder

#7744 [codestyle] Use spaces instead of tabs for equal signs at the admin components folder

#7743 [codestyle] Use spaces instead of tabs for equal signs at the admin folder without components

#7742 [codestyle] Use spaces instead of tabs for equal signs at the lib folder

#7741 [codestyle] Use spaces instead of tabs for equal signs at the components folder

#7740 Add line length code style rule for administrator components

#7739 Remove Rule exceptions for class comments

#7738 Single Comment Code Style Rule

#7734 Fix title in com_installer

#7729 [codestyle] Use spaces instead of tabs for equal signs at the installation folder

#7726 Codestyle

#7725 Codestyle

#7724 Codestyle

#7723 Remove Temporary PHPCS Exclusion

#7722 Turn on method scope code style for components folders

#7721 com_config - prevent wrong database settings

#7715 Add "btn-group-yesno" class for show title field on frontend module editing

#7698 Fix for #7695 - close unclosed div tag in DOB field layout

#7694 CS: normalising Authentification Method field tooltip

#7693 [fix] wrong component detection in some Windows servers

#7690 Undefined variable $accept

#7689 Fix FF40 odd select behavior

#7684 Remove redundant formbehavior chosen call

#7675 folders go first and then the files

#7674 Fix nginx 502 Bad gateway because of invalid http status codes (Redo: #6368)

#7673 Remove declaration of xml files in module mod_stats_admin

#7672 Add missed file in recaptcha.xml

#7671 Add some missed CSS files in codemirror.xml

#7666 Format Date of Birth and adjust timezone correctly.

#7664 [cs] folders go first and then the files

#7663 TOC links not shown as active

#7661 Add closing div for all contact page formats in beez

#7650 Toggle All Selection - menu assignment

#7648 Modules batch modals changes

#7637 Batch Processing clarify

#7636 postStoreProcess tag method replaces all tags when false is set

#7634 fix error in ini #7469

#7630 Make JToolbarHelper::custom calls consistent

#7629 Long drop-down sub menu gets cropped in Mobile View (solves #7587)

#7628 Tag edit form cleanup

#7617 Moving association saving to JModelAdmin

#7613 Add microdata to breadcrumbs

#7609 Correcting Isis dropdown z-index (see #7608)

#7607 Admin autofocus login

#7604 Add Autofocus to Frontend Login Component Form

#7585 Contact profile displays idna url as punycode encoded

#7583 Multilanguage: deleting an associated item does not delete it in the _associations table

#7582 Regression multilanguage: double associations tab when editing menu item

#7578 typo

#7577 installation folder comment

#7572 Backport Weblinks language change to remove manager

#7570 Make the package URL a link.

#7568 HTTP status response not rendered correctly

#7566 Code style fixes- function calls

#7565 Code style fixes - Commenting Style

#7564 Code style fixes - control structure spacing

#7563 Code Style fix - Whitespace found at end of line

#7561 Add Bootstrap Styling to Joomla Update Confirmation Message

#7560 Add Bootstrap3 class names to debug plugin

#7559 Code style fix

#7556 Run the JHtml::calendar test

#7555 Mock JDocument in JErrorPage unit test

#7553 Fix line ending issues when running tests in windows

#7546 Refactor JApplicationBaseTest, fix B/C break in JApplicationBase

#7545 Save and restore server state pre-modifications

#7543 Add test case for JUserHelper::activeUser

#7541 Adding maxlength parameter to version_note field

#7538 [cs] Add dumping data comment

#7537 password options text consistency

#7536 newsfeed acl list

#7535 contact list acl fix

#7534 [imp] Adding manifest xml link to Update Sites Manager page

#7532 Search secret in plugins and modules

#7531 Update string "Editor for this user"

#7527 Fixed test error with PHP7

#7526 Change rebuild failed message type to error

#7523 standardise on folder

#7522 [codestyle] Fixed casing in function/method names

#7521 Remove to-do comment

#7520 Fixed casing in class names

#7516 admin help screen menu items

#7515 Replaced JTEXT occurrences with JText

#7514 new edit in component toolbar title

#7513 [codestyle] Replaced JHTML occurrences with JHtml

#7512 [codestyle] Removed redundant elses

#7511 [codestyle] Removed redundant elses

#7510 [codestyle] Removed redundant elses

#7509 [codestyle] Removed redundant elses

#7508 [codestyle] Removed redundant elses

#7507 [codestyle] Removed redundant elses (com_joomlaupdate)

#7505 [codestyle] Removed redundant elses

#7503 [codestyle] Removed redundant elses

#7502 [codestyle] Removed redundant elses

#7501 [codestyle] Removed redundant elses

#7499 [codestyle] Removed redundant elses

#7498 [codestyle] Removed redundant elses

#7497 [codestyle] Removed redundant elses

#7496 [codestyle] Removed redundant elses

#7495 [codestyle] Removed redundant nesting

#7494 [codestyle] Removed redundant elses

#7493 [codestyle] Removed redundant elses

#7492 [codestyle] Removed redundant elses

#7491 [codestyle] Removed redundant elses

#7490 Remove Manager and standardise on Options

#7488 Fixing default values for article/module/category creation

#7481 remove full stop

#7479 simplify message in postinstall

#7477 Use the mock application in the OAuth tests

#7476 Mock the application and input classes in JGoogleAuthOauth2Test

#7475 Isolate JGoogleAuthOauth2Test from JOAuth2ClientTest

#7474 Remove word options

#7473 Check if $instance is a JUser object

#7472 Fixed issue 5211

#7471 Search statistics enable link

#7470 Fixed Issue 7449

#7466 [codestyle] Fixed first letter casing in class name reference

#7465 [codestyle] Fixed first letter casing in class name reference

#7464 [codestyle] Fixed first letter casing in class name reference

#7463 [codestyle] Fixed first letter casing in class name reference

#7458 Disable sudo in Travis to use the new enviroment

#7455 Refactored router tests

#7447 Update en-GB.com_languages.ini

#7442 Move JHtml::tooltipText unit test to use a data provider

#7441 Set server variables in setUp and tearDown

#7440 Use mock cms application in JHtml Tests

#7436 Remove assertThat in JHtml tests

#7433 Stop using the abbreviation admin

#7430 replace click with select

#7427 Regression: Multilanguage: cookie is not checked when sef is off and when sef is on and URL Language Code always present

#7426 MSSQL - fix typo error on getTableColumns()

#7425 Fix JToolbar unit tests in windows

#7424 Fix unit tests failing on windows because of EOL differences

#7422 Strip tags for administrator page title

#7421 Backend - list views: Alignment fixes for almost all core components (similar to #7384)

#7418 Protostar: Missing slash in logo url for monolanguage sites (corrects #7394)

#7416 code style mod_finder.xml

#7414 Remove declaration of xml files in modules

#7410 Fix: A forgotten call to helper.php in mod_submenu.xml

#7402 Logged in time - admin module

#7399 [CODE STYLE] Simple code style improvement

#7398 [CODE STYLE] Simple code style improvement

#7397 [CODE STYLE] Simple code style improvement

#7396 [CODE STYLE] Simple code style improvement

#7395 [CODE STYLE] Simple code style improvement

#7394 Multilanguage: making Protostar logo link multilang aware

#7391 Fix for #7388 .. Fix some more undefined variables in core.js, for "strict mode"

#7387 Wrong Cambodian flag name

#7386 en-gb style for elipsis

#7384 Various cosmetic fixes regarding alignment for Extension, Module, Plugin, Language, Template Managers

#7381 JForm::filter() make sure that $data is complete

#7377 Add missing dot from https://github.com/joomla/joomla-cms/pull/6234

#7376 Improve wording

#7373 Remove addLog function that doesn't exist

#7370 Update en-GB.com_banners.ini

#7363 Fix behavior keepalive - Revert

#7353 Remove uneeded ACL checks in template manager

#7345 Profile plugin: Display Date of Birth TIP only when editing + correcting alignment of display

#7344 Fix: Regression Notice: Undefined variable: link com_menus in 3.4.3

#7342 Isis fix for safari bug #5970

#7341 Fixing Search Filter Changes in System Tests

#7340 Remove the doubled closing div in the "Date of Birth" layout

#7338 [Regression] Delete button on the media manager doesn't work anymore

#7333 Change Travis build and Composer lock to track extra dev dependencies

#7331 created_user_id field must have integer value in #__tags

#7329 Remove Gitter webhook

#7325 CSS for addons is in a separate file now. Include it.

#7323 Removes the duplicated update message in the quickicon

#7305 Fix Hamburger menubutton on Mobile/Firefox/Android

#7284 CodeMirror updated to 5.5

#7283 Fix typo in language file en-GB.com_media.ini

#7281 Minor fixes in "Install localised content"

#7279 System - Debug relies on __destruct which is never triggered (Fix #5826)

#7278 Make HTML structure consistent for Joomla.renderMessages() (Fix #5602)

#7277 JFormFieldEditor does not pass columns value (Fix #5209)

#7268 Add (array) to JRouter::_rules return value

#7256 Missing grouping label on mod_articles_category

#7255 Fix case with string value

#7254 PHPCS fix

#7252 Change language string for active module positions

#7244 Implementing "No Matching Results" in Categories modal

#7242 Remove CSS rules for specific icons

#7237 Display Captcha using HTTPS only + URL encode & sign

#7236 Implementing "No Matching Results" in Users modal

#7235 Fixes HTML errors in com_installer #7230

#7234 Implementing "No Matching Results" in News Feed modal

#7232 Implementing "No Matching Results" in Contacts modal

#7231 Implementing "No Matching Results" in Articles modal

#7229 Make sure only a valid template can be loaded

#7219 Show hide

#7211 WebDriver needs name for iframe

#7201 Adding a Limit Box to Languages Manager: Installed languages

#7200 RTL, protostar: correcting sub-menu alignment

#7197 Remove full stop

#7189 Isis template tooltip mismatch

#7184 Better external resource detection in JHtml::includeRelativeFiles()

#7167 Load mootools modal in layouts only if needed

#7147 # Output the custom tags - array_unique makes sure that we don't outp…

#7139 Filter by client_id prevents duplicates

#7126 content plugins not able to insert custom fieldsets into core forms

#7082 fix PostgreSQL installation issue - no error handling #makeithappen

#7062 Adding option to show/hide phrases areas

#7009 Postgresql - Error when save new banner Fix #7006

#6930 Removed item checked_out status

#6792 Including core_params field in SELECT

#6783 [fix] getMessage doesn't exist, use getError instead.

#6771 Fix Issue #6770: Pagination limit results are wrong in Smart Search

#6748 Change type_alias to type_id in uc_ItemnameTagid

#6734 URL-encode at-sign in HTTP Basic Auth credentials

#6588 Improved com_banners hide/show for parameters

#6581 Fixed issue with non-language strings with comma's being interpreted as sprintf format

#6554 Fixes #6133 - allows long filenames for TAR archives

#6512 Fix up the 'core' javascript file

#6499 System Tests 6 errors found

#6355 PostgreSQL - redirect link not saved

#6326 PostgreSQL - sql error save category with tag

#6314 PostgreSQL - SQL error when add new tag

#6234 add call to processLimit to appent the limit and offset to query

#6130 Fix filtering in extension manager's manage view

#5716 Replaced inline JavaScript in wrapper

#4992 Standardize method for getting database object in models

#4904 Fix behavior keepalive

#4729 JModelLegacy::addIncludePath is supposed to support arrays

#4506 [#33041] JHtmlBootstrap::tooltip() delay

#4353 SimpleXMLElement::addChild() [simplexmlelement.addchild]: unterminated entity reference

#3900 [#30884] DRY list fields

Lesen Sie mehr: http://joomla.org/announcements/release-news/5628-joomla-3-4-4-released.html






3.4.3

2 Juli 2015 - 35MBThis is a maintenance release.



Issues Fixed:

The renaming of the ClassLoader.php file to classloader.php caused issues which in some isolated cases even broke the CMS.

When creating menus of type Smart Search or contact list for 3.4.2 invalid field warnings were displayed when trying to save.

The option to disable the count-join in JCategories is permanently enabled on multilingual sites, making extensions that don't use this feature and for example don't have a catid field in their table, fail.

Module, Article and Category creation applies a wrong default values for the access level. Instead of the one from the global configuration it just takes none, and thus the first in the list is selected (Guest).

The batch model cut the dropdown so you can’t access all items there

On the batch model we had some kind of scrollbar flashing



Bugs Fixed:

#7318 Completing #7302

#7317 value is null so it doesn't match to the empty option

#7313 Setting proper default values for access level

#7307 Moving JClassLoader and delete the old files

#7303 Having a multilang-site should not override the options of JCategories

#7292 Simplification for the release process

#7248 Fix for scrollbar flashing in modals (#7247)

#7215 Remove @author tag

Lesen Sie mehr: http://www.joomla.org/announcements/release-news/5590-joomla-3-4-3-released.html






3.4.2

30 Juni 2015 - 35MBThis is a maintenance release.



Bugs Fixed:

#7266 Import JFolder (Fix #7265)

#7263 Revert #7093, introduce activeEditor for tinyMCE

#7262 Code Style

#7246 Update punycode.php - change JPATH_ROOT to JPATH_LIBRARIES

#7245 Update punycode.php - change JPATH_ROOT to JPATH_LIBRARIES

#7223 [FIX] Permissions settings is not saved for new article

#7220 czech flags

#7194 Fixing Pagination when Search Tools are present

#7187 Add databasequeryerrors logging category

#7186 removeField and removeGroup were always returning true, no matter if …

#7180 # fix for #7178 - JFile::move() returns a string

#7172 Updating en-XX languages xml versions

#7164 Remove unnecessary condition in elseif for article

#7163 Add tooltip to search input in com_banners, com_content and com_users

#7162 JFactory::getDbo(),setQuery #__ prefix not replace in some query

#7160 REGRESSION - Bug in category association (solves #7151 )

#7159 Regression: remaining code from #5140 breaks multilanguage

#7157 Remove index.html from install.xml #7155

#7156 Remove unnecessary conditional check in category and article views

#7153 System information displays wrong cache path when custom $cache_path entered in configuration.php

#7150 Show tooltip for search in Search Tools

#7149 MSSQL - Pagination fix

#7141 Make the link input field large

#7135 com_finder.ini wrong comment

#7130 Fix for  #6904 --> Fixed the check on published content languages.

#7128 Double session boot in install application

#7122 Media type field strings

#7117 missing new lib_fof.ini file in site install.xml

#7111 Rapid Repair Fix: Restore browser detection

#7108 Codestyle for the Image class

#7106 [#33445] RTL Chosen Select causes the page to disappear

#7105 Menu string change

#7104 Cache string correction

#7103 Custom colour strings in Beez

#7102 simplify some strings

#7101 Informal language

#7097 Undefined $model passed to postDeleteHook

#7095 Use correct string in the redirect plugin also the sys ini file. See #7089

#7093 Allowing readmore in each editor on the same page

#7090 Some Codestyle for the yubikey Plugin

#7089 Use correct string in the redirect plugin

#7087 [#33854] New module display strip_tags instead of escape

#7085 Note field #makeithappen

#7081 Update FOF to 2.4.3 – The FINAL update

#7079 Showhide #makeithappen

#7078 Tag tooltip #makitehappen

#7076 Banners missing full stop #makeithappen

#7074 setRedirect does not exist in InstallationControllerDefault

#7073 Handle DB errors in categories search plugin

#7071 Templatestyle language string changes #makeithappen

#7070 Added a css-class ("alert-message") to the p-tag which contains the alert message

#7069 Lang string formatting #makeithappen

#7068 Meta Description string #makeithappen

#7067 Full stop #makeithappen

#7066 Note field language string #makeithappen

#7061 Fix for #7044: use secure cookie on HTTPS servers

#7060 Fixes to Add fast check for image orientation (#3568)

#7059 Fixed issue caused by #6467

#7058 Regression: module edit pre-select position field does not check for existing module [fix: #7056]

#7055 Issue when a content language is unpublished/deleted

#7043 Codestyle for frontend plugins

#7042 Codestyle fronted components

#7040 Fix batch processing of articles. Fixes #7038.

#7039 There is no var filter in JInput

#7035 Regression typo error on renaming i to span

#7034 Articles Category List. Not possible to hide headline *Subcategories*

#7033 Fix #6984. com_tags. Compact List of Tagged items. Wrong order by date options

#7032 Multilanguage: Clarifying default vs current language in languagefilter

#7030 Declare visibility for method _getUserDisplayedGroups

#7029 $associations was implicitly converted to boolean

#7026 Unterminated statement

#7024 Isis sidebar modifications for accessibility Fix #6758

#7021 Improve extensibility of JUri

#7015 Register to Read More link. Avoid wrong redirects after login when SEF off..

#7013 Correcting comment: do not confuse punycode with percent-encoding

#7010 Correct the description for the usergrouplist field

#7003 Batch modals changes

#7000 RFC Batch modals comply with the new layout

#6995 Use the Joomla way for bootstrap modals

#6985 Yet another modal from mootools to bootstrap

#6983 Regression. Multilang. Contact and newsfeed associations. Multiple ID conflict in bootstrap modal

#6980 Fix Feed-reader crashes site if source is not a newsfeed

#6978 Adding core.options to remaining extensions

#6977 Module Manager - pre-select fields on filters in Manager

#6976 Edit Menu Item - pre-select fields on filters in Manager

#6973 Edit Category - pre-select fields on filters in Manager

#6971 Fixes #6965. Multilang. Article associations. Multiple ID conflict in bootstrap modal

#6966 Create article - pre-select language & access level

#6964 Freeze parent window whenever bootstrap modal is shown

#6963 Introduces rel="alternate" for active language

#6961 Fixes #6821. Load Bootstrap framework in icons layout for single article view

#6960 Fixes #6776. ISIS and Hathor Template. Some category status not filterable in Articles Manager.

#6948 Hyperlinked "Smart Search plugin not enabled"

#6947 Hyperlinked "Redirect Plugin is disabled"

#6946 Banners, Changed Filter Option "Type"

#6945 Banners, Changed order of Search Tools - Filter options

#6944 Menu Manager, Changed order of Search Tools - Filter options

#6943 Category Manager, Changed order of Search Tools - Filter options

#6942 Articles + Featured, Changed order of Search Tools - Filter options

#6937 Fix colspan for com_content

#6931 Add email to contacts list

#6929 Make a button less scary to click

#6925 Multilanguage: Propose current language as default when creating new article in frontend

#6918 Remove bootstrap.modal call in multilang status module

#6915 Multilanguage: When the user logs in from a "Register to Read More" link, the language should not change

#6914 Fixed primary key null not being respected

#6913 [Fix #5635] Adding a significant message when passwords do not match

#6911 Regression: Read More button doesn’t work any more...

#6910 Make module redirect configurable

#6908 Read More and login Redirect for single registered article display

#6904 Fixed the check on published content languages.

#6900 Fix JTable publish method error

#6895 Mootools too hard to die?

#6893 Clean up the published method.

#6891 Replaces gh-3123 pull request "redone", hope it is correct now.

#6889 [imp]Client side validation for menu type single news feed

#6888 [imp]Client side validation for menu type single contact

#6887 Small UI improvement for mobile

#6885 [imp]Client side validation for menu type single article

#6883 Backport Possible missing break in bin\keychain.php at line 77? to the CMS

#6881 [Fix #6876] Regression: Routing errors when "Remove URL Language Code" is set in "Language filter"

#6878 Update cacert.pem to latest version

#6873 Fixes #6855. mod_search. Option *Box Width* (size) ignored if INPUT width also set by CSS.

#6871 Banner Tracks delete message

#6870 Remove   tag when displaying extension installer message.

#6869 Capitalisation

#6868 Add StackExchange link

#6867 Clarify text

#6864 mod_articles_news. Adds return link for Register to Read More link.

#6863 Add reminder about the trash

#6861 Fixed tabs ignoring useCookie param

#6860 Change MySQL checks to work with PDO driver

#6854 Prevent message "Component 'com_extension' does not exist." after uninstalling / re-installing component

#6852 Fixed failure in getting user resource from Twitter

#6849 Makes the Protostar menu responsive

#6847 Fix PHP Notice in Smart Search adapter (#6842)

#6846 Change security centre link

#6844 Fixing JToolbarHelper::back()-Button

#6835 Template discover install does not load language files

#6819 [FIX] frontend module editing error

#6806 [Fix] Correct possible error when using TRIM with UTF8 hex (solves #6803 )

#6804 Missed few mootools modals on com_menus boostrapization

#6785 Remove un-used variables from code

#6781 CS - change static order

#6774 Small change to com_tags backend

#6746 Multilanguage: do not use a language if it has been deleted/disabled

#6736 Adding since tag 3.4.2

#6735 Add Tests Scenarios in .txt format

#6731 Unpublished Templates are visible in Module's Batch Mode

#6729 Run the find language if we open the install language view

#6727 Show the Updates by using the Update button

#6717 Handle DB errors in tinymce editors plugin

#6716 Handle DB errors in content search plugin

#6715 Handle DB errors in newsfeeds search plugin

#6714 Handle DB errors in tags search plugin

#6711 Handle DB errors in contacts search plugin

#6709 More inline scripts through API

#6708 Handle DB errors in articles archive module

#6707 Handle DB errors in related items module

#6704 Regression: multilanguage user login => default language

#6700 Handle DB errors in tags similar module

#6699 Handle DB errors in tags popular module

#6698 Filter isInstalled query for components, fix #6697

#6691 Handle DB errors in stats module

#6686 CodeMirror 5.3

#6676 Handle DB errors in menu module

#6675 Handle DB errors in stats_admin module

#6671 Updating comment on JModelLegacy to allow for code completion

#6667 Fix for #6662 - Broken Filter in Articles list modal

#6666 Handle DB errors in users latest module

#6665 Handle DB errors in whosonline module

#6664 Fix Regressions: cancel action broken

#6659 updated return tag to allow for code completion

#6658 Menu items manager: Search Tools should not propose Archived as status

#6653 Updating comment on JModelLegacy to allow for code completion

#6646 [Improvement] - Status code 301 for Force SSL option

#6641 Menu Items Manager: status tips don't show for System Links

#6640 fix #6620 - featured frontend editing bug

#6636 Fix wrong return type of JPagination::getPaginationPages()

#6632 Handle DB errors in user joomla plugin

#6626 Multilanguage: Language switcher bug when sef off

#6625 Regression: #4397 dropped tags when info block at the bottom

#6623 Remove nocaptcha from query to refresh manifests at update

#6621 Templates missing support for rendering error stack traces

#6619 en-GB extension install/uninstall strings

#6616 Fix ReCAPTCHA Version 2 on pageload

#6612 Handle DB errors in authentication cookie plugin

#6602 [fix] for #6601 Banner Manager

#6595 Introduce modal footer with close button for bootstrap modals

#6587 Improve Joomla.submitform

#6586 Update jQuery autocomplete to 1.2.18

#6584 Remove No Bom #6574

#6572 Update JModuleHelperTest.php

#6569 Regression: multilang alternate

#6564 Correct conditional

#6563 Adding codeCoverageIgnore to deprecated method in JPathway

#6561 Correctly allow PUT Curl requests

#6559 Wrong error message

#6558 Clarify module missing string

#6550 Improving JPluginHelper unittests

#6547 JErrorPage Testing

#6546 Improving JComponentHelper::getComponent tests

#6545 PostgreSQL - error installing a module

#6542 Fix mod_login not considering Itemid when redirecting

#6540 removed duplicate fieldset label

#6539 Fix "showon" feature on multiple field

#6535 Update layout login view (redo of #6432)

#6532 Try to get the right extension name for files extensions (Fix #5966)

#6529 Define the minimum supported PHP version as a constant

#6528 Make a proper string to display the PHP version check

#6526 Removed unneeded else clause

#6519 $_SERVER variables were not overrided with JRequest::setVar().

#6513 Removing obsolete file check in JEditor

#6504 Unittests for Notequals rule

#6485 Single contact view. Support for number of articles to display (articles_display_num) #6474

#6475 [Accessibility] Improved contrast

#6471 IeCursorFix is TinyMCE's issue only.

#6469 Fix mediamanager

#6467 [Accessibility] Replaced i with span tags

#6465 importing media.less is missing in Isis template - replaces PR #6417

#6463 Set up Codeception tests

#6462 Allow toolbar popup buttons use bootstrap footer

#6460 Support for attribute maxlength. Form field textarea. Issue #6459

#6456 Prevent useless messages if folder doesn't exist

#6447 Replace Joomla logo graphics based on draft brand manual

#6442 Switch to mysqli driver if mysql selected in PHP 7

#6440 JCategories Fatal error: Call to a member function getChildren() on a non-object fixed #6064

#6433 Block instantiation of JDatabaseDriverMysql on PHP 7

#6424 Remove colon from labels - com_users

#6408 Templates modal converted to bootstrap

#6335 Fix - Call to undefined function Composer\Autoload\includeFile()

#6286 [CODE STYLE] Reducing use of else statements, adding early returns [com_admin]

#6275 Redo: Avoid aborting Joomla on any DB errors that forbid executing the Database / Fix

#6267 Updated Bootstrap Accordion

#6265 PostgreSQL - SQL error when adding a user note

#6263 Fix SQL query in mod_articles_archive

#6220 /administrator/language/en-GB/en-GB.com_cpanel.ini (cosmetic)

#6215 Update en-GB.com_postinstall.ini (cosmetic)

#6202 Add log file for sql queries - [#5445] for 340

#6106 Add missing semi-colons

#6094 Language files for components updated to match style guidelines.

#6080 [fix] Bug in setting startOffset to tabs - using localStorage all the time

#6035 Fix wrong filtering in JInput::getArray()

#5974 Requiring valid title for menu items

#5793 Removed Automatic Title from SQL installation + unit tests

#5416 Articles count in "List all categories"

#5245 Hathor: reduce mootools dependency

#4886 Update JFormFieldRulesTest.php

#4752 Fix: PHP undefined notice in caching file storage

#4661 Move com_menus modals to Bootstrap

#4646 Fix undefined index for REQUEST_METHOD

#4633 Remove duplicate sniff

#4003 [#32934] Updated and improved PR -  Update view.html.php #2665

#3877 [#32422] Multi option validation

#3766 [#33854] New module display strip_tags instead of escape

#3568 [#33765] Add fast check for image orientation

#3475 Not gonna load component params

#3206 [#33802] Use getControlGroup()

#3157 [#33284] type cast $plugin to string

#3093 Bind Variable Fix Within PDO Driver

#2708 [#33028] [PR] Allow replacing xml form field's descendants

Lesen Sie mehr: http://www.joomla.org/announcements/release-news/5589-joomla-3-4-2-released.html






3.4.1

21 März 2015 - 35MBThis is a maintenance release that resolves nearly 150 issues.



Bugs Fixed:

#6524 Create index.html

#6522 Installation languages. Opening and ending tag mismatch nb-NO.xml

#6520 Handle non-nested descriptors (single files)

#6508 PHP7 Unit Test Fixes Unit/System Tests

#6507 Regression: #4397 dropped tags when info block at the bottom

#6502 Fix hathor users view broken by #6264

#6501 Regression: Hathor Language Manager: can't set language as default

#6500 Improving JHelp unittests

#6498 RTL: Correcting display of Joomla!® in installation + Hathor

#6493 Throw errors from google while generation google maps coordinates

#6492 Improving JModuleHelper::getModule() test

#6486 RTL: Installation language list. Fix wrongly set parenthesis

#6484 Start work on the JInstallerTests

#6483 Undefined variable lang_code in plugins/system/languagefilter/languagefilter.php on line 297

#6480 Simplifying JPagination unittests

#6477 Fix dataprovider of JPagination unittest

#6473 RTL: Language Manager: Language Names wrong display of parenthesis

#6458 Fixing notice in languagefilter

#6455 Removed obsolete ending ?>

#6454 Fix gh-6397 isSafeFile fails on deeply nested $_FILES 

#6452 Fixing regression in languagefilter related to cookies

#6450 "Warning: Extension record not found in database" in template edit

#6449 Fix for Language names appear with parentheses in wrong place

#6448 Deprecate JHtml::getJSObject

#6441 Rework the existing controller legacy tests Unit/System Tests

#6439 Config doesn't output error message, when we have a required field (PHP validation, not JS!)

#6434 PHP7 Compatibility - Array to String conversion

#6431 Redo Cosmetic Changes for the backend by @spignataro and fix other CS in that file

#6429 Fixes js error when changing name of a repeatable fieldtype field.

#6419 Cleaning com_media allowed and ignored extensions whitespaces

#6416 Update joomla/string package to 1.2.2

#6413 This fixes the front-end form alignment in the protostar template.

#6411 Fix check on non-existing element

#6407 Toolbar buttons fall outside view-poort

#6406 Wrong table used to getErrors

#6403 [#34008] w3c validation error input type file and value

#6402 Remove files that are still there after an upgrade from 2.5 to 3.x

#6401 Fix sidebar issue with debug console #5976

#6400 Checking if the lang_code was already set in POST

#6399 Allow the language to be overriden via a query variable

#6398 Update web.config.txt

#6395 Remove attempt to translate messages while in debug mode

#6394 Correct tag matching in truncate

#6393 Fixes #6390 Language overrides. Search limited to 20 results.

#6389 Update FOF to version 2.4.2

#6385 Update user.php

#6384 Fixes enable / disable check box in plugin manager on IE 10

#6382 password requirements are ignored when password reset(fix for #6380)

#6377 Correcting RTL Module Manager wrong column width

#6360 Add field-type to text filters in global configuration

#6354 [fix] tag menu params ignored. Fixed #6250

#6353 Fixes #6350 - com_plugins doesn't delete cache from administrator/cache

#6351 Set max-height back to 400 px for modals

#6346 Closes #6344 - Close the end of minified js with semi colon

#6345 Allow Case Sensitive Meta Name

#6340 Removed gradients from isis

#6332 Fixed incorrect show_page_heading default = Fix "Articles" heading

#6327 Use left/right icon for sidebar - fix #6310

#6324 Removed a few nested conditionals in JFormHelper

#6320 Added module event triggers

#6317 [imp] Speed up the rule field rendering (client side)

#6316 Let the com_installer manager helper follow our codestyle

#6312 Use the curl default option for get/post/put

#6302 Fix object fatal error

#6298 Fixed mobile admin menu

#6294 Optimized JavaScript validator

#6291 [fix] wrong link when tag is in a menu

#6278 Remove usage of JRouter from Languagefilter Plugin constructor

#6276 Correct a mootols error

#6274 Fix the page heading in "List of all tags" view

#6273 [fix] only define constants if they are not defined

#6266 Correct lookup paths in JPluginHelper::getLayoutPath()

#6264 UX tweaks to notes in com_users

#6259 Update joomla/registry package to 1.4.2 release

#6258 Icon change in login

#6254 Missing URL information breaks menu alias routing

#6252 Catch the potential DB errors when "#__postinstall_messages" is missing

#6249 Styles for invalid Chosen plugin drop-down

#6248 Add bootstrap checkout icon

#6244 Revert the license text to the original GPL text as distributed by FSF

#6243 Allow line breaks in Contact Address textarea to be rendered as 's

#6241 Fix SQL commands for sample and testing data

#6238 Link directly to the resources.joomla.org instead of an outdated old pag...

#6237 Provide a better link for onboarding of volunteers from "Get Involved" l...

#6236 Rename Credits to Special Thanks which is more appropriate

#6235 Fix undefined var for ReCapture 2.0 API calls.

#6233 [#33985] Redo of: Add show_tags to article options in blog view

#6226 remove html escaping for edit-tooltip

#6219 InstallerModelDatabase::fixSchemaVersion() malformed SQL INSERT query

#6214 fixed JCrop in Template Manager

#6210 Missing string in front end #6206

#6203 Target blank on external link

#6200 Bootstrapization of warning panels in com_installer

#6199 Do we need to ship outdated postinstall messages for new installs?

#6195 Postinstall message for https://github.com/joomla/joomla-cms/pull/6194

#6194 Issue with content languages access in 3.4.0 (replaces #6172)

#6192 Update joomla/di to 1.3.0 (Fix #6187)

#6188 PostgreSQL - SQL error when search for module

#6180 Fix #6173

#6179 Update for Tooltips

#6175 Add a class_exists check to PDO MySQL driver

#6162 Remove empty space in ul tag

#6158 Fix for issue #5764: archived articles list filter

#6154 Added text wrapping to tooltip in installation template CSS

#6150 CodeMirror 5.0

#6148 Fix for issue #6042. Fix error message when phpinfo() is called.

#6146 Fix for PR #6131 (final)

#6145 Fix #5648 Menu Manager: Add Menu :: Display a correct error message

#6138 Content Languages: Prevent saving an incorrect language tag when saving a Content Language PR-staging RTC

#6134 [imp] avoid to open div and closing it in different files

#6127 Fix call to PHPMailer::addReplyTo

#6116 Consistent use of icon

#6115 Icons instead of images in com_redirect

#6107 Discover function in module & template adapters missing a file exists check

#6088 Icons instead of images in com_messages

#6083 CS - Forms in com_users

#6052 Custom $pk doesn't work on JLanguageAssociations::getAssociations

#6045 Fatal error: Call to undefined method JDocumentRaw::getHeadData()

#6044 Removing unnecessary routing code for SEF mode

#6034 Optimizing mod_login helper

#5995 Fix #5990: Menu item alias to menu external url is not working

#5959 Arc pull request 2015-02-03 (SQL Server query fixes)

#5958 Fix display of mootools tooltips

#5899 Fix logical ordering of access levels

#5630 Once you have tagged an item you can't add any more tags: removing a part of the code seems to be the fix PR-staging RTC

#5387 Allow extensions of JLog to add handlers

#5016 [#29248] FrontEnd - Disabling Show Navigation setting does not affect article

#4112 Sql optimise admin menu types branch

#4047 Update html5.js

#4029 [#32922] Quick fix for tracker item

#4020 [bug][34004] Correct icon-ban-circle

#3906 [#28401] Display child categories of every selected Category in Module Articles Category

#3709 [#33026] Load custom.css (if exist) in Admin templates.  New Feature.

#3707 User profile website only cleaned, when DOB is set

#3523 Ensure param for showing page header works in beeze

#3484 [#33312] Also calls jQuery events on form submission

#3421 [#33580] [imp] deprecate buggy usergroup field and replace ocurrences with usergrouplist. Fixes #3419

#3302 Remove unnecessary reset() function call in JHtmlSelect::radiolist().

Lesen Sie mehr: http://www.joomla.org/announcements/release-news/5587-joomla-3-4-1-released.html






3.4.0
 (Hauptversion)
25 Februar 2015 - 35MBJoomla 3.4 introduces new features into the CMS such as improved front end module editing, decoupling of weblinks, composer integration, Google new reCaptcha and security improvements by implementing UploadShield code which can detect most malicious uploads by examining their filenames and file contents. 



Thanks to the hard work of over 130 different volunteer contributors, over 700 bugs have also been resolved with the 3.4 release of the Joomla!
Lesen Sie mehr: http://www.joomla.org/announcements/release-news/5586-joomla-3-4-is-here.html






3.3.6

1 Oktober 2014 - 35MBThis is a maintenance release that resolves 9 bugs.



Additionally, the following items were addressed based on user reports after yesterday's release:

#4403 Password reset don't work in Joomla 3.3.5

#4394 Error when adding tags via keyboard



Bugs Fixed:

#4390 Regression: Reverting #4104

#4362 JStringPunycode methods strip # (fragment) element from URL

#4354 Email cloak broken when link parameters are not parsed

#4344 [#4312] Adding selecting description for custom usage in com_banners

#4340 Update form.php

#4331 Fixing com_content ACL to restore "Save as Copy" and "Save & New" buttons

#4330 Clear limit for list count

#4324 Fixed broken CropResize method

#3907 [#32744] All Modules type Articles Categories using same category

Lesen Sie mehr: http://www.joomla.org/announcements/release-news/5569-joomla-3-3-6-released.html






3.3.5
 (Sicherheitsupdate)
30 September 2014 - 35MBThis is a maintenance release that resolves two security issues.



Security Issues Fixed:

High Priority - Core - Remote File Inclusion

Medium Priority - Core - Denial of Service

Lesen Sie mehr: http://www.joomla.org/announcements/release-news/5567-joomla-3-3-5-released.html






3.3.4
 (Sicherheitsupdate)
23 September 2014 - 35MBThis is a maintenance release that resolves two security issues.



Security Issues Fixed:

Medium Priority - Core XSS Vulnerability: Inadequate escaping leads to XSS vulnerability in com_media.

Medium Priority - Core Unauthorised Logins: Inadequate checking allowed unauthorised logins via LDAP authentication.

Lesen Sie mehr: http://www.joomla.org/announcements/release-news/5564-joomla-3-3-4-released.html






3.3.3

25 Juli 2014 - 35MBThis is a maintenance release that resolves four bugs.



Bugs Fixed:

GitHub [#3954] - Change the cloak container from div to span

GitHub [#3956] - Class attributes are not included in mailcloak

JoomlaCode [#33984] - Getting a 500 when trying to sort users by User Group in Modal

JoomlaCode [#33987] - User settings for Editor ignored

Lesen Sie mehr: http://www.joomla.org/announcements/release-news/5557-joomla-3-3-3-released.html






3.3.2

24 Juli 2014 - 35MBThis is a maintenance release that resolves over 70 bugs.



Bugs Fixed:

33914 ACL: Redirect component ACL doesn't work

33551 ACL: Users not able to select root category as parent

33285 Administration: Birthday message is lost if you add a new user

33103 Authentication and Login: onUserLoginFailure doesn't necessarily trigger user plugins.

32842 Automated Test: Several test failing due to cross platform incompatibility

33584 CMS Libraries: JHTML::_('menu.linkoptions') returns error

32645 CMS Libraries: Trailing hyphen is removed in JHTML::_('select.options')

33104 CMS Libraries: Cache does not store pathway information

20476 CMS Libraries: XCache failing locks out Administrator

33833 CMS Libraries: Fixed error message shown on "publish" exception in JcontrollerAdmin

33850 CMS Libraries: Config can't be passed into JApplicationCms.

33694 Code Quality: Don't use deprecated $app->getCfg for the plugins folder

33890 Code Quality: Remove the hardcoded logout for hathor as we don't use it

33899 Code Quality: Methods declared void must not return a value

33876 Components: Fix Search Filter activation in com_users

33947 Components: W3C error validation from com_categorie on backend

28389 Components: Search Form Results Menu type and Basic options

33961 Components: Unknown property filling error log

30925 Components: 'plus' icon for subcategories should be disabled if it has no function

33848 Components: After upgrade to Joomla 2.5.21 from 2.5.20 - contact form no longer works

33916 Database: Possible SQL error on the collation test

29956 Forms: com_finder predefined date filters are not working

28256 Forms: JHtmlGrid::id with $stub support

32458 Front End: Intro Image with caption does not float

33927 Front End: Modal.js bug in firefox

33842 Front End: Atom feed renderer does not convert relative to absolute URLs

33974 Front End: *Profile dob_spacer should not show when displaying profile in frontend

33693 Javascript: email.cloak javascript cause problem on ajax request

32762 Javascript: Inefficient jQuery selectors in treeselectmenu

33945 Layouts: Fix empty icons div in single article view

33975 Layouts: [3.x] Regression. Not rendering attribs fieldset if params fieldset exist

33868 Modules: Module "Popular tags" doesn't consider publishing status

33822 Modules: "Similar Tags" module ignores access permissions for selecting tagged articles

33951 Modules: Templates with a single position won't have it listed when editing modules

32055 Modules: mod_custom missing options

32742 None: Update messages renders in

33928 None: Minor code improvement

33877 None: Batch process to add URLs in Redirect component

33272 None: Add date filter to Most Read Content module (mod_articles_popular)

33892 None: Replace ajax-loader.gif in media/jui/img/ with new, nicer looking "spinning all together" icon.

33321 None: Add labels in language & installer manager help us easily choose items.

33896 None: Make delete template error message more helpful

33344 None: [3.x] Wrong filename detection of Content-Disposition URL headers

33446 None: Move readmore button to layouts

33451 None: *Multilingual sites: editing article in front-end issues

33862 None: Improving the Joomla! extensions update for end-users

33982 None: Add support for different plugin groups to com_ajax

33919 Platform: Incorrect redirect when destination is a relative path in the Redirect component

33645 Platform: Deprecate the use of an expression in JDocumentHtml::countModules()

33816 Platform: Cache incorrectly always overrides ID URL param

33902 Platform: [3.x] JArrayHelper::toObject forced recursive mode

33881 Plugins: Profile plugin DOB field displays incorrectly in profile edit form.

33729 Plugins: Cookie authentication plugin always changes auth response type

33887 Plugins: *Updating TinyMCE to version 4.1.0

33956 Plugins: *Mail cloak broken when text contains non-ascii

33957 Plugins: *Mailcloak broken on images #3915

30181 Plugins: Fatal error in joomla content plugin if no one is assigned to get email

33898 Plugins: master: emailcloak not working when linking an image AND using an email-subject

33970 Plugins: *Updating TinyMCE to version 4.1.2

31677 Plugins: 2.5.x: Email Cloaking not working when linking an image AND using an email-subject

33829 Search Engine Friendly: URL rewriting of missing files results in misleading "500" (internal server error) response code

33882 Templates: Template hathor W3C validator error

33883 Templates: HTML validator error on isis login

33893 Templates: W3C error validation for template isis on error page

32063 Templates: Added support to change link color in isis template (backend)

32396 Templates: IE switches to IE7 rendering mode (Isis)

33941 User Interface: Nicer sysinfo icon in administration

33942 User Interface: Consistent use of clearfix in com_installer

33944 User Interface: Responsive tweaks to com_languages

33731 User Interface: Image preview exceeding with of tooltip

33830 User Interface: [imp] Improve the default view in com_joomlaupdate

33328 User Interface: @media css for modal windows on iPhone

33867 User Interface: Moving Joomla part on the update notice form com_installer to com_joomlaupdate

Lesen Sie mehr: http://www.joomla.org/announcements/release-news/5555-joomla-3-3-2-released.html






3.3.1

11 Juni 2014 - 35MBThis is a maintenance release that resolves over 100 bugs. Part of that effort came from a bug squash event held at the J and Beyond Conference at the end of May.



Bugs Fixed:

33562	ACL: Access to this article for registered users bypassing the ACL after the article id.

33769 ACL: com_menus doesn't respect component permissions

33767 Administration: Fix/Add com_banners title icons

33701 Administration: User Notes Categories - Error in menu and filter selection

33641 Administration: Misleading cache time settings

32957 Administration: Remove doubled description tab in template styles

33784 Authentication and Login: Add token to user reset link

33809 Authentication and Login: Remove MooTools autofocus with jQuery autofocus

30246 CMS Libraries: Error with Reply-To Name handling, names are lost

30587 CMS Libraries: Current Protocol not considered by JUri::base when $live_site is set

33163 CMS Libraries: Improve the JFeedFactory when the allow_url_fopen = OFF - Use CURL as alternative

33836 CMS Libraries: JApplication::getHash() is wrong because the function doesn't exist.

32483 CMS Libraries: Can't identify browser version" notice in konqueror/4.10.3

31404 CMS Libraries: Joomla! Memcached session problem when the Memcached daemon uses a non-standard port

33620 CMS Libraries: User selector goes wrong in user id validation

31603 CMS Libraries: Move Observercalls from cms.php to proper table classes

33807 CMS Libraries: JFolder::copy does not test the nonexistence of the destination folder

33430 CMS Libraries: Cleaning up datalist for JFormfieldText

33753 CMS Libraries: complete implementation of Redis Caching

33454 CMS Libraries: JMicrodata - reset params after the display() method

33820 Code Quality: Use quoteName in com_messages

33676 Code Quality: Improve DB Query Code quality in ContentContact plugin

33681 Code Quality: Updates to JUpdater

32351 Code Quality: problem with the function parseSchemaUpdates

33696 Code Quality: Don't use deprecated $app->getCfg in the frontend modules

33263 Code Quality: Fix broken UCM method

33401 Code Quality: app->registeredurlparams is not defined

33732 Code Quality: unnecessary ternary

33402 Code Quality: Update error.php

33642 Code Quality: mod_status - html validaiton error

33745 Code Quality: Make enqueueMessage() more DRY

33653 Code Quality: Array to string conversion notice in mod_articles_category with PHP 5.4+ Strict

29562 Components: Banner details shows trashed client

33474 Components: Use Exceptions for db error handling in com_content voting

33657 Components: Missing property language( com_content )

32079 Components: *Media Manager or media modals post_max_size issue

33662 Components: Joomla CMS 3.3 rc: Microdata in single article view causes invalid HTML

33757 Components: *Delete an override.ini file if empty

30478 Components: com_finder - smart search not filtering unpublished articles

33532 Components: Category Blog - Not hiding the info block html on all positions.

33180 Components: *Smart search filter can't list non-Latin categories

31160 Components: Use of JRequest in the Users Component Controller

32655 Components: com_tags detailview displays wrong heading

33602 Components: Tags view on cat-blog and articles

33704 Components: Broken links for categories with sections

33791 Components: Tooltip correction in smart search

33389 Components: Banner tracking not incrementing the #__banner_tracks count column . Issue and fix

33797 Components: Wrong return path when trying to edit a checked out article - frontend

33742 Components: *Administrator lang strings overrides can't be deleted

31637 Components: Contact form can be used to spam

32944 Components: Save and Close in new customise template component

31645 Components: Removing tags from a component item deletes all ucm_content items with the same "core_content_item_id"

33691 Database: JDatabaseQuery::union group by clause - first group by clause in union is appended to end of query.

33480 Forms: JForm type number max/min limits

30845 Forms: Inconsistent element ID in JFormFieldUserGroup

33843 Front End: The readmore link is broken on the feeds

33568 Front End: Remove mootools from com_content category view

33037 Javascript: Email Cloaking causes slower page loading in Firefox

33600 Javascript: Remove validate-jquery-uncompressed.js

32295 Layouts: In IE the gradient background on the login-page won't display.

33563 Layouts: Make messages use JLayouts in Isis and Beez3

33297 Layouts: Using the "joomla.content.icons" JLayout for article and feature view

31588 Layouts: JLayout for the toolbar-separator isn't working

32901 Layouts: The Multi Column Order don't work for the category blog view

32958 Layouts: Fieldset descriptions aren't shown in parameters

33413 Media Manager: Cannot upload file to sub-folder in Media Manager in back end

31837 Media Manager: Wrong class name in error message after create new folder with spaces and forbidden characters.

31513 Modules: OpenSearch Description File not generated correctly

33813 None: Beez3: when elements aren't found it broke others scripts in the page

31952 None: Various language string updates for users

33744 None: Update jQuery in Joomla to 1.11.1

32258 None: FOFModel::getTmpInstance() clears input before getItemList() is run

30747 None: FTP layer throwing error on update

33688 None: JApplicationCms::getRouter() is a static method and should be called as such

33772 None: *Multilanguage: Finder suggestions are always bound to the default language

33214 None: JsonSerializable is missing in PHP5.5 on Debian Linux servers

33569 None: [imp] Update Message for extensions

32783 None: joomla.edit.details layout saves empty language

33338 None: Fix wrong results returned by JLanguageAssociations->isEnabled

33705 None: Broken ACL check for categories with sections

33792 None: Schemas not supported in discovery_install

32888 None: JText: Changed conditional to make it easier to read

33811 None: Undefined index & Invalid argument supplied for foreach() Wincache Joomla 3.3

33819 Plugins: Emails with  can't cloak by Joomla

33099 Plugins: Wrong config calls for cookie settings in languagefilter and logout plugin

33787 Plugins: Recaptcha plugin, variable not used.

33298 Plugins: Add valid_elements option to TinyMCE plugin

33617 Plugins: New option for redirect plugin: Collect URLs

33803 Plugins: *Updating TinyMCE to version 4.0.28

33750 Plugins: *Correcting tips and spacer display for the profile forms

29425 Search Engine Friendly: Supported document types missing in htaccess and web.config

33773 SQL Files: installations fails on mssql (include solution)

33625 SQL Files: Remove useage of bootstrap_size = 1 in sample data

33821 Templates: Fix - "Show Title" option in the administrator template Isis

32323 Templates: Unnecessary Isis padding-top @ 738px

31127 Templates: *Protostar template does not highlight com_search results

32862 Templates: Fix for unsupported comment tag ( //)

32894 Templates: Nesting issue: beez3/catergory/blog.php

31643 Templates: Add styling to Isis - template.css

33643 Templates: html validation error on isis template

33150 User Interface: Use data-direction attribute to update direction

33721 User Interface: Fixed incorrect image path and one invalid CSS statement

33804 User Interface: Apply content plug-ins to user note body (modal)

Lesen Sie mehr: http://www.joomla.org/announcements/release-news/5551-joomla-3-3-1-released.html






3.3.0
 (Hauptversion)
30 April 2014 - 35MBThis release introduces new features into the CMS such as improved password hashing and microdata and optimizes the code with performance improvements to the routing system and the continued conversion of MooTools based JavaScript to jQuery. In addition, over 115 bugs have been resolved.
Lesen Sie mehr: http://www.joomla.org/announcements/release-news/5546-joomla-3-3-0-released.html






3.2.3
 (Sicherheitsupdate)
6 März 2014 - 35MBOver 40 bugs have been resolved including 4 security issues.



Security Issues Fixed

High Priority - Core SQL Injection

Medium Priority - Core XSS Vulnerability

Medium Priority - Core XSS Vulnerability

Medium Priority - Core Unauthorised Logins

Lesen Sie mehr: http://www.joomla.org/announcements/release-news/5538-joomla-3-2-3-released.html






3.2.2

6 Februar 2014 - 35MBOver 55 bugs have been resolved. Most notably this release fixes errors that have been reported including:

Articles missing for admins in front end

Modules disappear at frontpage after clicking the article title

Lesen Sie mehr: http://www.joomla.org/announcements/release-news/5531-joomla-3-2-2-released.html






3.2.1

18 Dezember 2013 - 35MBOver 125 bugs have been resolved. Particular attention was paid to solving lockout issues associated with the administrator login password hashing and the Remember Me features under certain circumstances.
Lesen Sie mehr: http://www.joomla.org/announcements/release-news/5523-joomla-3-2-1-released.html






3.2.0
 (Hauptversion)
6 November 2013 - 35MBNew Features:

31266 - GSoC 2013 - Improved Template Manager

31347 - GSoC 2013 - Introducing HTML5 form fields and attributes

31989 - GSoC 2013: Microdata semantics library

31264 - GSoC 2013: Front-end Site Configuration

GSoC 2013 - Removed Mootools dependencies

Miscellaneous interface improvements from the JUX Code Sprint

32175 - JED info link in extensions installer and 1-click installer of "install from Web" plugin

31436 - *Create a update button to list new Help servers

31757 - Enable PSR-0 Autoloading by Default

31389 - TinyMCE 4.0.8 Update

31774 - Add the Framework DI Container to the CMS

31009 - Add a switch to turn mail sending on/off

30944 - Content versioning for core and third-party components

31800 - Add Joomla Ajax Interface to core

31844 - Rapid Application Framework (Joomla! RAD)

31704 - Two factor authentication for Joomla!

31725 - Joomla multilingual site automatic installer

31727 - Migrate application classes from legacy JApplication to JApplicationWeb

31977 - Component for Post-Installation Messages

31561 - Add support for BCrypt encryption of passwords and rewrite cookie based authentication to use it

30781 - Small changes to jForm and jField to allow for repeatable form elements

30798 - Add logging to Joomla Update

31770 - Update to jQuery 1.10.2 and add jQuery Migrate 1.2.1

28638 - Advanced ACL for com_modules, permissions per module



Security:

High Priority - Core XSS Vulnerability

Medium Priority - Core XSS Vulnerability

Medium Priority - Core XSS Vulnerability

Lesen Sie mehr: http://developer.joomla.org/version-3-2-0-release-notes.html






3.1.6
 (Sicherheitsupdate)
6 November 2013 - 35MBSecurity issues fixed:

High Priority - Core XSS Vulnerability

Medium Priority - Core XSS Vulnerability

Medium Priority - Core XSS Vulnerability

Lesen Sie mehr: http://developer.joomla.org/version-3-1-6-release-notes.html






3.1.5
 (Sicherheitsupdate)
1 August 2013 - 35MBSecurity issues fixed:

Critical Priority - Core - Unauthorised Upload



7 tracker issues also fixed in this release.
Lesen Sie mehr: http://developer.joomla.org/version-3-1-5-release-notes.html






3.1.4

26 Juli 2013 - 35MBNew Features:

29855 - Automatically set $db and $app properties on plugins

31349 - Display Error Message when Magic Quotes is Enabled

31488 - Added Observer pattern to JTable

31289 - Added JResponseJson as a CMS library class

31087 - Add SQL queries profiler in Debug zone

30966 - Added handling for punycode urls and email addresses

29945 - Show Joomla username in admin area

31130 - Added js files to protostar template

30370 - Added ability to add sprintf variables to JText string

30324 - Added ability to restrict the number of displayed results to mod_related_items

30525 - Added a PSR-0 compatible autoloader to JLoader

30931 - Allow folder names without 's' at the end

31004 - Add JTwitter package to /libraries/joomla



247 tracker issues also fixed in this release.
Lesen Sie mehr: http://developer.joomla.org/version-3-1-4-release-notes.html






3.1.1

26 April 2013 - 35MBApplications:

Updated Languages: Russian, Vietnamese, Spanish, Hungarian, Dutch, Norwegian



Fixed:

Administration:	 30495	 Type check line 31, TemplatesHelper::getPositions

CMS Libraries:	 30679	 Fix two Tags-related API issues

Components:	 30398	 com_tags show "{loadmodule..." when listing items

Components:	 30697	 Invalid tab end in article edit page

Database:	 30681	 Error in Database tab in Extension Manager

Front End:	 30660	 Corrects font-file stack order

Layouts:	 30702	 Only titles display in featured/blogged views when hide intro text is selected

Platform:	 30725	 Exception thrown for empty path

Templates:	 30668	 *Beez3 missing JHtml::_('behavior.caption');

Templates:	 29957	 Administrator interface dropdown menus not working on tablets

User Interface:	 30632	 *Menu item Alias required setting

Lesen Sie mehr: http://developer.joomla.org/version-3-1-1-release-notes.html






3.1.0
 (Hauptversion)
24 April 2013 - 57MBSecurity Issues Fixed:

Moderate Priority - Core - XSS Vulnerability.

Moderate Priority - Core - DOS Vulnerability.

Low Priority - Core - XSS Vulnerability.

Low Priority - Core - Information Disclosure.

Low Priority - Core - XSS Vulnerability.

Low Priority - Core - Privilege Escalation.

Low Priority - Core - XSS Vulnerability.



New Features:

29855 - Tags (click here to see the recent blog post about it)

30298 - Added note form field

29822 - Show logs in debug console

30085 - Refactor installation to use new application and MVC classes

29965 - Added pagination in COM_SEARCH component

29770 - Added triggers on save for com_config

30230 - JPlugin autoloadLanguage property

28924 - Added SQL Server subclass for FinderIndexer

30318 - Media wiki package

30369 - OpenStreetMap package

30364 - UNION ALL feature



242 tracker issues also fixed in this release.
Lesen Sie mehr: http://www.joomla.org/announcements/release-news/5494-joomla-3-1-0-stable-released.html






3.0.4

24 April 2013 - 57MBSecurity Issues Fixed

Moderate Priority - Core - XSS Vulnerability.

Moderate Priority - Core - DOS Vulnerability.

Low Priority - Core - XSS Vulnerability.

Low Priority - Core - Information Disclosure.

Low Priority - Core - XSS Vulnerability.

Low Priority - Core - Privilege Escalation.

Low Priority - Core - XSS Vulnerability.

Lesen Sie mehr: http://www.joomla.org/announcements/release-news/5494-joomla-3-1-0-stable-released.html






3.0.3

4 Februar 2013 - 57MBSecurity Issues Fixed

Low Priority - Core - Information Disclosure.

Low Priority - Core - Information Disclosure.

Low Priority - Core - Information Disclosure.



New Features

29897 Multilanguage: adding items associations in remaining core components. Thanks Benjamin. Click here for more information.

29496 Language Installation tool for the Joomla Installer.



136 tracker issues also fixed in this release.
Lesen Sie mehr: http://www.joomla.org/announcements/release-news/5478-joomla-3-0-3-released.html






3.0.2

8 November 2012 - 57MBSecurity Issues Fixed

Medium Priority - Core - Clickjacking Vulnerability.



New Feature

27373 Implementing Items associations in multi-language. With this function you can assign articles and article categories from different languages together and the module will display the correct link if you change the language itself.



50 tracker issues also fixed in this release.
Lesen Sie mehr: http://www.joomla.org/announcements/release-news/5471-joomla-3-0-2-released.html






3.0.1

10 Oktober 2012 - 57MB





3.0.0
 (Nachtrag 1)
1 August 2013 - 57MBApplications:

Joomla 2.5 can now be updated to Joomla 3.0 or Joomla 3.1 by editing Update Channel to Short Term Stable. These are considered a major version updates--a working backup and/or testing the update on a clone is strongly advised.






3.0.0
 (Hauptversion)
28 September 2012 - 57MBThis is a major update with significant changes that will break incompatible themes and extensions. Upgrading to Joomla 3.0+ is not recommended except when specifically required. The Joomla 2.5.x release branch will continue to be maintained.



New Features:

Incorporation of Twitter Bootstrap into a jui media package.

A new responsive, mobile device friendly administrator template--Isis-- and interface.

A new front end template--Protostar-- built using Twitter Bootstrap.

Updated accessible template called Beez3.

A simplified 3-step installation process.

PostgreSQL Driver. You will be able to run Joomla 3.0 sites using the PostgreSQL database.

PHP Memcached Driver

Use of JFeed for feed management rather than SimplePie

Installation of language packages directly from the extension manager

Guest user group present by default

Saving blank articles allowed

New administrator statistics module

Update TinyMCE to version 3.5.6

Continued clean up of older unused code, files and database fields and tables and improved standardization of tables.

Improvements to Smart Search

Extensive work on code style standardisation and consistency

Unit testing in the CMS

Updated system tests in the CMS 

Custom active menu item for menu module

Let the SEF plug-in add the canonical url to the head

Version 12.2 of the Joomla Platform

Lesen Sie mehr: http://www.joomla.org/announcements/release-news/5464-joomla-3-0-0-released.html