Joomla 4.1.1 & 3.10.7 stable veröffentlicht

    Hallo,


    heute hat das Joomla Project Joomla in Version 4.1.1 sowie 3.10.7 veröffentlicht:

    Joomla 4.1.1 and 3.10.7 Release
    The Joomla Project is pleased to announce the release of Joomla 4.1.1 Stable - New standards in accessible website design
    www.joomla.org

    Joomla 4.1.1 und Joomla 3.10.7 sind da - Sicherheitsupdate


    Joomla 4.1.1 hat 8 security patches:

    • [20220301] Low Severity - Moderate Impact - Zip Slip within the Tar extractor (affecting Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0) More information »
    • [20220302] Low Severity - Low Impact - Path Disclosure within filesystem error messages (affecting Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0) More information »
    • [20220303] Low Severity - High Impact - User row are not bound to a authentication mechanism (affecting Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0) More information »
    • [20220305] Low Severity - High Impact - Inadequate filtering on the selected Ids (affecting Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0) More information »
    • [20220306] Low Severity - Low Impact - Inadequate validation of internal URLs (affecting Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0) More information »
    • [20220307] Low Severity - Moderate Impact - Variable Tampering on JInput $_REQUEST data (affecting Joomla! 4.0.0 through 4.1.0) More information »
    • [20220308] Low Severity - Moderate Impact - Inadequate content filtering within the filter code (affecting Joomla! 4.0.0 through 4.1.0) More information »
    • [20220309] Low Severity - Moderate Impact - XSS attack vector through SVG (affecting Joomla! 4.0.0 through 4.1.0) More information »


    Joomla 3.10.7 hat 6 security patches:

    • [20220301] Low Severity - Moderate Impact - Zip Slip within the Tar extractor (affecting Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0) More information »
    • [20220302] Low Severity - Low Impact - Path Disclosure within filesystem error messages (affecting Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0) More information »
    • [20220303] Low Severity - High Impact - User row are not bound to a authentication mechanism (affecting Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0) More information »
    • [20220304] Low Severity - Moderate Impact - Missing input validation within com_fields class inputs (affecting Joomla! 3.7.0 through 3.10.6) More information »
    • [20220305] Low Severity - High Impact - Inadequate filtering on the selected Ids (affecting Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0) More information »
    • [20220306] Low Severity - Low Impact - Inadequate validation of internal URLs (affecting Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0) More information »

    Fürs erste wurden die Updates auf 4.1.1 und 3.10.7 vom Updateserver runter genommen und erstmal nicht weiter verteilt: https://twitter.com/joomla/status/1508913480140791810


    Sobald es weitere Updates gibt informieren wir, sollte jemand von dem remember me Problem betroffen sein gibt es hier einen kurzen FAQ Artikel: https://docs.joomla.org/J3.x:A…ers_can%27t_login_anymore