[SECURITY-L] Joomla! 3.7.1 - Security release
CSIRT Unicamp
security em unicamp.br
Qua Maio 17 11:41:44 -03 2017
Joomla! 3.7.1 is now available. This is a security release for the 3.x
series of Joomla! which addresses one critical security vulnerability
and several bug fixes. We strongly recommend that you update your sites
immediately.
This release only contains security and bug fixes; no other changes have
been made compared to the Joomla! 3.7.0 release.
Joomla! 3.7.1 is released to address a critical security issue as well
as several bugs.
Security Issues Fixed:
- High Priority - Core - SQL Injection (affecting Joomla! 3.7.0) (more
information:https://developer.joomla.org/security-centre/692-20170501-core-sql-injection.html)
Bug Fixes:
- Fixed attribute checks in the new calendar #15573
- Inject the JInput dependency into the session handler #15605
- Fix b/c break in JMenuItem #15553
- Fix article ordering in the backend #15655
- Fix milliseconds handling in for PHP Versions lower to 7.1.0 #15853
- Fixing JFilterInput adding byte offsets to character offset #15966
- Redirection fails on multiple status values produced by old FOF2
Extensions #15738
- Remove empty locked cache file if callback function terminate process
#15592
Visit GitHub for the full list of bug fixes.
Please see the documentation wiki for FAQ’s regarding the 3.7.1 release.
https://docs.joomla.org/Category:Version_3.7.1_FAQ
Mais detalhes sobre a lista de discussão SECURITY-L