Joomla 3.9.24 is now available.
This is a security release for the 3.x series of Joomla which addresses 3 security vulnerabilities and contains more than 35 bug fixes and improvements.
What's in 3.9.24?
Joomla 3.9.24 includes 3 security vulnerability fixes and addresses several bugs, including:
Security Issues Fixed
- [20210101] Low Severity - Low Impact - com_modules exposes module names (affecting Joomla! 3.0.0 through 3.9.23)
- [20210102] Low Severity - Moderate Impact - XSS in mod_breadcrumbs aria-label attribute (affecting Joomla! 3.9.0 through 3.9.23)
- [20210103] Low Severity - Moderate Impact - XSS in com_tags image parameters (affecting Joomla! 3.1.0 through 3.9.23)
Bug fixes and Improvements
- Continuing to improve PHP 8 support #31628 #31537 #31536 #30921
- Solved performance issue with zip archives containing zip files #31514
- Removes deprecate feature-policy and adds the new Permissions Policy #30819
- Update joomla/image dependency #31663
- Fixed regression SMTP Settings Test #31724
- Fixed regression to save empty passwords in global configuration #31672
Visit GitHub for more information about this issue.
Click here for full release information.