Joomla! 3.9.24 Released

Tuesday, 12 January 2021

Joomla 3.9.24 is now available.

This is a security release for the 3.x series of Joomla which addresses 3 security vulnerabilities and contains more than 35 bug fixes and improvements.

What's in 3.9.24?

Joomla 3.9.24 includes 3 security vulnerability fixes and addresses several bugs, including:

Security Issues Fixed

[20210101] Low Severity - Low Impact - com_modules exposes module names (affecting Joomla! 3.0.0 through 3.9.23)
[20210102] Low Severity - Moderate Impact - XSS in mod_breadcrumbs aria-label attribute (affecting Joomla! 3.9.0 through 3.9.23)
[20210103] Low Severity - Moderate Impact - XSS in com_tags image parameters (affecting Joomla! 3.1.0 through 3.9.23)

Bug fixes and Improvements

Continuing to improve PHP 8 support #31628 #31537 #31536 #30921
Solved performance issue with zip archives containing zip files #31514
Removes deprecate feature-policy and adds the new Permissions Policy #30819
Update joomla/image dependency #31663
Fixed regression SMTP Settings Test #31724
Fixed regression to save empty passwords in global configuration #31672

Visit GitHub for more information about this issue.

Click here for full release information.

We are familiar with the implementation of the upgrade and are currently upgrading multiple sites CONTACT US for a free proposal to update your site.

It's extremely important to keep your Joomla installation, and extensions up to date to minimise the risk of your site being compromised, you should also check that you are not using vulnerable extensions by visiting Joomla! Vulnerable Extensions List.

We manage, maintain, and update hundreds of Joomla sites, to discuss your website update and website maintenance needs submit a ticket on our helpdesk and we will get back to you with the available options. SUBMIT TICKET

Tags: