Changelog for
joomla-3.9.3-2.1.noarch.rpm :
Fri Feb 15 13:00:00 2019 larsAATTlinux-schulserver.de
- update to 3.9.3
Security Issues Fixed
+ Lack of URL filtering in various core components
+ Browserside mime-type sniffing causes XSS attack vectors
+ Additional warning in the Global Configuration textfilter settings
+ Stored XSS issue in the Global Configuration help url #2
+ XSS Issue in core.js writeDynaList
+ Implement the TYPO3 PHAR stream wrapper
Bug fixes and Improvements
+ Prevent renaming/deleting the template index.php file #23654
+ Smart Search improvement #23736
+ Contacts banned fields removed #23585
+ Improvement of the Integration tab display #23711
+ Fix the category filter for featured articles #23454
+ Fix for the Template Style field in the menu manager #23556
+ Breadcrumbs for tags #23599
Thu Jan 17 13:00:00 2019 larsAATTlinux-schulserver.de
- update to 3.9.2
Security Issues Fixed
+ Stored XSS in mod_banners
+ Stored XSS in com_contact
+ Stored XSS issue in the Global Configuration textfilter settings
+ Stored XSS issue in the Global Configuration help url
Bug fixes and Improvements
+ Fixes for states in com_finder (#23194), com_banners (#23193),
com_messages (#23192), com_users notes (#23191)
+ Removal of the Caching field in the languages (#23174),
syndicate (#23166), random image (#23165), and login modules (#23152)
+ Editors API extended #23224
+ Menu Item Alias type: Redirection is optional #23278
+ com_media: Normalisation of uploaded file names (#23259)
+ Code cleanup and namespacing
Mon Dec 24 13:00:00 2018 larsAATTlinux-schulserver.de
- update to 3.9.1
+ Fix for the automatic title option of the Latest Actions admin module #22925
+ Com_privacy: Redirected to the privacy request form after login #22927
+ Update to TinyMCE 4.5.9 #22879
+ Performance improvement for the category and tag managers #22117
+ Fix for the delete module positions issue #22935
+ Preventing the System Privacy Consent plugin from running when
logging out through a menu item #22939
+ Content - Page Break plugin: Possibility to use a template
override for Previous/Next pagination #22932
+ Fix navigation to the first page in pagination when SEF is off #23042
+ System - User Actions Log plugin: Removal of the number of
days limitation #23084
Sun Nov 11 13:00:00 2018 larsAATTlinux-schulserver.de
- update to 3.9.0
+ 3.9 intoduced the new Privacy Tool Suite by Joomla
+ Add notes to your articles in the backend, and filter them #19134
+ A new search feature in the backend: search for a specific article content #20083
+ Load a module by ID into your article #19362
+ A repeatable custom field is now available #20243
+ Create alternative layouts to fit your needs #18571
+ Display the intro or full image in your newsflash module #20169
+ Show only the articles from a specific author in your latest articles module (#20687), and more options!
+ A new toolbar button to edit associations #21022
+ Propagate existing associations #21321
+ Display your tags per language #19509
+ Use Google Invisible reCAPTCHA on your websites #18146
+ Argon2id Password is now supported #20855
Thu Oct 11 14:00:00 2018 larsAATTlinux-schulserver.de
- update to 3.8.13
* Low Priority - Core - Hardening com_contact contact form
* Low Priority - Core - Inadequate default access level for com_joomlaupdate
* Low Priority - Core - Access level Violation in com_tags
* Low Priority - Core - ACL Violation in com_users for the admin verification
* Low Priority - Core - CSRF hardening in com_installer
Wed Sep 12 14:00:00 2018 larsAATTlinux-schulserver.de
- update to 3.8.12
* Security - Core - Hardening the InputFilter for phar stubs
* Security - Core - Stored XSS vulnerability in the frontend profile
* Security - Core - ACL Violation in custom fields
* mod_articles_latest and mod_articles_news: fix to show featured articles #21336
* Tags in com_content: fix to display tags when other item info are set to hidden #21275
* com_tags: All Tags default layout #21031
* Allows filtering by the archived state in the redirect component #21673
Thu Aug 30 14:00:00 2018 adrianAATTsuse.de
- update to 3.8.12
Security Issues Fixed
* Low Priority - Core - Hardening the InputFilter for phar stubs (affecting Joomla 1.5.0 through 3.8.11)
* Low Priority - Core - Stored XSS vulnerability in the frontend profile (affecting Joomla 1.5.0 through 3.8.11)
* Low Priority - Core - ACL Violation in custom fields (affecting Joomla 3.7.0 through 3.8.11)
Bug fixes and Improvements
* mod_articles_latest and mod_articles_news: fix to show featured articles
* Tags in com_content: fix to display tags when other item info are set to hidden
* com_tags: All Tags default layout
* Allows filtering by the archived state in the redirect component
Mon Aug 6 14:00:00 2018 adrianAATTsuse.de
- update to 3.8.11
* Fix for the Missing \"Select Type\" field in the Extensions Manager #20881
* Replace the URL parameter \"limitstart=0\" by \"start=0\" when SEF is enabled #19452
* Remove non callable array items from field categories #20093
* Articles - Category Module: New ‘showon’ attribute for form fields #20950
* Fix OpenSearch implementation #20937
* Fix for tag filtering in Featured Articles view in administrator #21138
* Fix for filtering Featured Articles by access level in administrator #21168
* Media manager: relative paths for video files #21156
* Com_menus: removal of useglobal attribute #21095
* Multilingual Associations Component: fix associations in sidebyside view for contact and newsfeeds #21180
Mon Jul 23 14:00:00 2018 adrianAATTsuse.de
- update to 3.8.10
Security Issues Fixed
* Low Priority - Core - Local File Inclusion with PHP 5.3 (affecting Joomla 2.5.0 through 3.8.8) More information »
* Low Priority - Core - XSS vulnerability in language switcher module (affecting Joomla 1.6.0 through 3.8.8) More information »
Bug fixes and Improvements
* Correctly escape the random image module output #20533
* Fix folder browsing and file upload that broke in 3.8.8 due to escaping #20586
* com_mailto (mail to friend) allows the usage of a Captcha by using JForm #20265
* Tag indexing improvement #13868
* Fix use of hyphens in data attributes #20579
* Updates to third party PHP libraries #20583
* CodeMirror updated to 5.38.0 #20636
Thu Jun 21 14:00:00 2018 adrianAATTsuse.de
- update to 3.8.8
Security fixes:
* Low Priority - Core - ACL violation in access levels
* Low Priority - Core - Add phar files to the upload blacklist
* Moderate Priority - Core - Information Disclosure about unpublished tags
* Low Priority - Core - Installer leaks plain text password to local user
* Moderate Priority - Core - XSS Vulnerabilities & additional hardening
* Low Priority - Core - Filter field in com_fields allows remote code execution
* Low Priority - Core - Session deletion race condition
* Low Priority - Core - Possible XSS attack in the redirect method
* Low Priority - Core - XSS vulnerability in the media manager
Bug fixes and Improvements
* Miscellaneous accessibility improvements for the Backend
* Updated CodeMirror to 5.37 and various improvements #20269 #19833 #12542
* Improved handling of numeric user group names #20091
* [com_content] Filter by no author #20245
* Added support for PHP 7.3’s is_countable function #20441
* Sending passwords by email disabled by default for new installs #20247
Mon Apr 23 14:00:00 2018 adrianAATTsuse.de
- update to 3.8.7
Bugfix release
* Various backend improvements for multi language websites (admin menus and associations)
* CodeMirror editor updated to 5.35.0 #19809
* Allow absolute or relative URLs for redirects #19942
* Improved handling of read-only field data in com_fields #20068
* Highlight all matching text in Smart Search results #20019
Tue Mar 20 13:00:00 2018 larsAATTlinux-schulserver.de
- update to 3.8.6
Security Issues Fixed
* Low Priority - Core - SQLi vulnerability in User Notes
(affecting Joomla 3.5.0 through 3.8.5)
Bug fixes and Improvements
* Various session management improvements #19548, #19687
* Multilingual: Associated categories should display only when
published #19551
* Improve performance of the com_content category view with
filter by tags #19284
* [com_fields] Fields are not copied when batch duplicating
an article #16958
* Pass the configuration tmp_path to the archive package for
extension installations #19608
* Hide global configuration and system information from non
super users #19697
* Language overrides do not find plugin language files when files
are in the plugin language folder #19740
* reCAPTCHA V1 - Discontinued #19648
* Delete existing user_keys, if password is changed #17827
* PHP 7.2 compatibility fixes
Wed Feb 14 13:00:00 2018 adrianAATTsuse.de
- update to 3.8.5
Regressions of Joomla 3.8.4, including the revert of routing
changes applied in Joomla 3.8.4 and broken syntax highlighting
in the CodeMirror editor.
Tue Feb 6 13:00:00 2018 adrianAATTsuse.de
- update to 3.8.4
Security Fixes:
* Low Priority - Core - XSS vulnerability in module chromes (affecting Joomla 3.0.0 through 3.8.3) More information »
* Low Priority - Core - XSS vulnerability in com_fields (affecting Joomla 3.7.0 through 3.8.3) More information »
* Low Priority - Core - XSS vulnerability in Uri class (affecting Joomla 1.5.0 through 3.8.3) More information »
* Low Priority - Core - SQLi vulnerability in Hathor postinstall message (affecting Joomla 3.7.0 through 3.8.3) More information »
Please see the documentation wiki for more information about the security patches.
Bug Fixes and Improvements
* Contact form loses data after submission with error #17743
* Smart Search performance improvement for common words #12450
* Performance improvement in Smart Search indexing process #17390
* Update jQuery Autocomplete to 1.4.7 #18113
* Update CodeMirror to 5.33.0 #18880
* Update srcset url conversion to handle commas and spaces #18327
* Custom Fields: Handle tag items properly #19006
* Fix filepath to PHPMailer language file #19072
* Display category title as page heading and page title when no menu
item for com_content category #19195
* Respect access level in com_content #18417
* Miscellaneous PHP 7.2 compatibility fixes
Sun Jan 28 13:00:00 2018 larsAATTlinux-schulserver.de
- update to 3.8.3
Joomla 3.8.3 addresses several bugs, including:
* Support for multiple download sources on update servers
(AKA download mirrors) #18926
* PHP 7.2 Compatibility fixes
* Update TinyMCE 4.5.8 #18574
* Multilingual Associations component: reduce the number of
duplicate queries #18544
* [com_fields] Multilanguage: fixing display of fields when the
item concerned is set to ALL #18536
* Eliminate crippling performance of content search plugin for
large sites with custom fields #18915
Wed Nov 8 13:00:00 2017 adrianAATTsuse.de
- update to version 3.8.2
* Features and Security fixes as documented here:
https://www.joomla.org/announcements/release-news/5716-joomla-3-8-2-release.html
Tue Sep 19 14:00:00 2017 adrianAATTsuse.de
- update to version 3.8.0
* Features and Security fixes as documented here:
https://www.joomla.org/announcements/release-news/5713-joomla-3-8-0-release.html
Wed Aug 30 14:00:00 2017 adrianAATTsuse.de
- update to version 3.7.5
* Joomla! is not installing on remote databases #17248
Thu Jul 27 14:00:00 2017 larsAATTlinux-schulserver.de
- update to version 3.7.4
* Security Issues Fixed
- Core - Installer: Lack of Ownership Verification
- Core - XSS Vulnerability
- Visit the Security Centre for more information.
* Bug Fixes
- Fatal error for PHP 5.3 and a multilanguage site #16966
- Multilingual com_tags getting wrong language cookie #17084
- Post installation message: Wrong php detection #16964
- com_contact address is no longer displayed #16971
- Visit GitHub for the full list of bug fixes.
Fri Jul 7 14:00:00 2017 adrianAATTsuse.de
- update to version 3.7.3
* Security Issues Fixed
- Core - Information Disclosure (affecting Joomla 1.7.3-3.7.2) More information »
- Core - XSS Vulnerability (affecting Joomla 1.7.3-3.7.2) More information »
- Core - XSS Vulnerability (affecting Joomla 1.5.0-3.6.5) More information »
- Visit the Security Centre for More information »
- Bug Fixes
* Calendar fixes #16794
- Fix frontend menus of menu type \"main\" or \"menu\" and backend main menu #16577
- Tags: Respect Browser Page Title in view Tagged Items #16773
- Adding thumbs file names in Media Manager #16769
- Remove PHP memory_limit from max upload size calculation #16741
- Fix custom fields without a fieldgroup not being displayed #16705
- Update tinymce to 4.5.7 #16042
Sun May 28 14:00:00 2017 adrianAATTsuse.de
- update to 3.7.2
* Fix mime checks #16091
* Clear cache with more operations #15606
* Setting week numbers to display per default #16117
* Fix Page filtering in the Modules manager #16118
* Fix Copy Reference to Target issue #16178
* Allow multiple values for the integer field #16153
* Visit GitHub for the full list of bug fixes.
Fri May 19 14:00:00 2017 adrianAATTsuse.de
- update to 3.7.1
* High Priority - Core - SQL Injection (affecting Joomla! 3.7.0) More information »
Bug Fixes:
* Fixed attribute checks in the new calendar #15573
* Inject the JInput dependency into the session handler #15605
* Fix b/c break in JMenuItem #15553
* Fix article ordering in the backend #15655
* Fix milliseconds handling in for PHP Versions lower to 7.1.0 #15853
* Fixing JFilterInput adding byte offsets to character offset #15966
* Redirection fails on multiple status values produced by old FOF2 Extensions #15738
* Remove empty locked cache file if callback function terminate process #15592
* Visit GitHub for the full list of bug fixes.
Wed Apr 26 14:00:00 2017 adrianAATTsuse.de
- update to 3.7.0
Mon Dec 26 13:00:00 2016 larsAATTlinux-schulserver.de
- update to 3.6.5
Tue May 24 14:00:00 2016 larsAATTlinux-schulserver.de
- allow apache 2.4
Sun Jan 18 13:00:00 2015 larsAATTlinux-schulserver.de
- added initial apparmor profile
Thu Nov 20 13:00:00 2014 larsAATTlinux-schulserver.de
- update to 3.3.6:
Thu Sep 25 14:00:00 2014 larsAATTlinux-schulserver.de
- update to 3.3.4:
+ Security: Core XSS Vulnerability
+ Security: Core Unauthorised Logins
Thu Sep 4 14:00:00 2014 larsAATTlinux-schulserver.de
- adapt/fix apache configuration
- joomla developers want to get more rights for apache user
- recommend php-zip
Mon Sep 1 14:00:00 2014 larsAATTlinux-schulserver.de
- update to 3.3.3:
+ GitHub [#3954] - Change the cloak container from div to span
+ GitHub [#3956] - Class attributes are not included in mailcloak
+ JoomlaCode [#33984] - Getting a 500 when trying to sort users by
User Group in Modal
+ JoomlaCode [#33987] - User settings for Editor ignored
- define and use JOOMLA_WEBROOT in robots.txt and apache config
- let wwwrun own the logs and language directories
Tue Aug 26 14:00:00 2014 larsAATTlinux-schulserver.de
- initial version 3.3.0
