Menü Schließen

Joomla 4.3.2 Security und Bugfix Release veröffentlicht

Joomla 4.3.2

Die Entwickler des beliebten CMS Joomla, haben das Bugfix Release 4.3.2 veröffentlicht. Das Update behebt 2 Sicherheitslücken und behebt einige Fehler.

Joomla 4.3.2 Release Notes

Security issues fixed with 4.3.2

  • [20230501] Low Severity – Low Impact – Low Probability – Open Redirect and XSS within the mfa selection (affecting Joomla! 4.2.0 – 4.3.1)
    More Information
  • [20230502] Moderate Severity – Critical Impact – Low Probability – Bruteforce prevention within the mfa screen (affecting Joomla! 4.2.0 – 4.3.1)
    More Information

Bug fixes and Improvements with 4.3.2

This version fixes issues encountered during the update process by a number of users. In particular this release addresses:

Accessibility

  • hide table headers in tables rather than omit them when ’show headings‘ is set to ’no‘

Banners

  • aria-label not translated in com_banners
  • reset statistics on banner duplication
  • cannot batch copy banners

Contacts

  • cannot batch copy contacts

Content

  • Content component improved validation when only positive integers are allowed

Editors

  • TinyMCE prevents white text on a white background in preview
  • TinyMCE editor plugin language of parts fails if subform fields are empty
  • Codemirror corrects path for keybinding script

Fields

  • re-introduction of specific layouts to render Contact custom fields
  • calendar type min/max year
  • PHP warning when preparing Text field

Guided Tours

  • escaping of data on update or new installs is unnecessary for the ‚extensions‘ column
  • banners tour is skipping a few fields
  • order of the tours in the modal should no be sorted automatically, use the tour’s view order instead

Media Manager

  • replace ‚an error occurred‘ with ‚this file type is not supported‘
  • refactor the session fallback
  • remove warning in console

Mail Templates

  • tag needs to be quoted before being passed onto the regular expression
  • newly created mail template is not properly recorded in the database (missing extension data and double arrayed tags)

Smart Search

  • add padding to highlighted search words in smart search
  • detect whether Memory engine is supported

Tags

  • router issues on multilingual sites, breaking old URLs
  • hide the filter_tag parameter from the URL when the menu item is created with category type and filtering by tag or tags

Template

  • template parameter invalid json string
  • template manager PHP 8.1 warnings removal
  • missing Cassiopeia black color variable
  • Cassiopeia menu breakpoint for hamburger to prevent vertical menu

User

  • javascript error on login page when MFA
  • Text() not found on user login
  • category access levels should not apply to users having core.admin access
  • User groups tab use invalid checkbox ids
  • Module positions do not show in com_user settings
  • removed login message on login in the frontend
  • Fix submit button focus on frontend MFA captive login page when using Webauthn

Others

  • allow new category when no other category exists
  • when a component is disabled, menu items‘ icon should show ‚component not found‘ and represent a warning rather than a cross with ‚publish item‘ tooltip
  • improved messaging when an extension is missing checksum information (hash codes proving the file is genuine)
  • Articles categories module caching no longer fails
  • make schedule runner/keepalive work with adblockers/no script
  • remove any spaces from the disable_functions string in the php.ini before exploding into an array for checking and prevent error
  • undefined key in HTMLDocument setBuffer
  • PluginHelper::getLayoutPath should work in CLI (in non web context)
  • show empty state layout only when cache contains no data
  • improved RSS page title
  • update of the help table of content
  • PHP 8.2 warnings in Multilingual Sample Data plugin
  • list-view .js should work with Ajax content

The full list on GitHub is here https://github.com/joomla/joomla-cms/milestone/105?closed=1

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert