Co nowego w wersji 4.1.2?
Joomla 4.1.2 zawiera wszystkie patche z wersji 4.1.1 poza [20220303] który został odwołany z dystrybucji z powodu błędów w implementacji.
Problemy z bezpieczeństwem naprawione z fixem 4.1.1:
- [20220301] Low Severity - Moderate Impact - Zip Slip within the Tar extractor (affecting Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0) More information
- [20220302] Low Severity - Low Impact - Path Disclosure within filesystem error messages (affecting Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0) More information
- [20220305] Low Severity - High Impact - Inadequate filtering on the selected Ids (affecting Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0) More information
- [20220306] Low Severity - Low Impact - Inadequate validation of internal URLs (affecting Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0) More information
- [20220307] Low Severity - Moderate Impact - Variable Tampering on JInput $_REQUEST data (affecting Joomla! 4.0.0 through 4.1.0) More information
- [20220308] Low Severity - Moderate Impact - Inadequate content filtering within the filter code (affecting Joomla! 4.0.0 through 4.1.0) More information
- [20220309] Low Severity - Moderate Impact - XSS attack vector through SVG (affecting Joomla! 4.0.0 through 4.1.0) More information
Poprawki i łatki bezpieczeństwa:
- Fix language strings behaviour in TinyMCE
- Fix switch for syntax highlighting in TinyMCE
- Show failed tasks in scheduler
- Correct usage of Jooa11y parameters
- Codemirror enhancements
- Several 8.x PHP fixes
Visit GitHub for the full list of bug fixes.
Co nowego w wersji 3.10.8?
Joomla 3.10.8 zawiera wszystkie łatki oraz poprawki z wersji 3.10.7 poza [20220303] która zostałą oznaczona jako niezdatna do użytku ze względu na błędy w implementacji.
Problemy z bezpieczeństwem naprawione z fixem 3.10.7:
- [20220301] Low Severity - Moderate Impact - Zip Slip within the Tar extractor (affecting Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0) More information
- [20220302] Low Severity - Low Impact - Path Disclosure within filesystem error messages (affecting Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0) More information
- [20220304] Low Severity - Moderate Impact - Missing input validation within com_fields class inputs (affecting Joomla! 3.7.0 through 3.10.6) More information
- [20220305] Low Severity - High Impact - Inadequate filtering on the selected Ids (affecting Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0) More information
- [20220306] Low Severity - Low Impact - Inadequate validation of internal URLs (affecting Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0) More information
Poprawki i łatki bezpieczeństwa:
- Backport JQuery UI security patch for CVE-2021-41184 (#37308 (https://github.com/joomla/joomla-cms/pull/37308))
- Disable Google Fonts setting for 3.10.7+ new installations (#36888 (https://github.com/joomla/joomla-cms/pull/36888))
- [Regression] Fix updating redirect values unintentionally changed (#36951 (https://github.com/joomla/joomla-cms/pull/36951))
- Remove FLoC setting as it has been abandoned (#36861 (https://github.com/joomla/joomla-cms/pull/36861))
- E-Mail Cloak: TLDs long as 10 will no longer truncated until (#36986 (https://github.com/joomla/joomla-cms/pull/36986))
- Privacy Consent wording I agree vs I do not agree (#37181 (https://github.com/joomla/joomla-cms/pull/37181))
Visit GitHub for the full list of bug fixes.
Czysta instalacja:
Instrukcja czystej instalacji oraz wymagania techniczne
Upgrade:
Pamiętaj... Po poprawnej aktualizacji - zawsze wyczyść cache przeglądarki aby uniknąć błędów...
Źródło: https://www.joomla.org/announcements/release-news/5858-joomla-4-1-2-and-3-10-8-release.html