The Joomla project team has released version 3.8.7, a bug fixes release.
Community Builder 2.1.4 (latest build) and all Joomlapolis add-ons work just fine with Joomla 3.8.7. You can see everything in action on our demo site.
This is a maintenance release for all Joomla 3.x series sites. As always, before any Joomla upgrade on your live website, take a backup just in case anything goes wrong.
The Joomla project team has released version 3.8.6, a security and bug fixes release.
This is an important maintenance release for Joomla 3.8.5 regression bugs and a recommended upgrade for all Joomla 3.x series sites. As always, before any Joomla upgrade on your live website, take a backup just in case anything goes wrong.
The security fix addresses a low level SQLi vulnerability in User Notes and the bug fixes address various Joomla 3.8.5 regressions (session management and cookies improvements), PHP 7.2 compatibility issues and other bugs.
The Joomla Team has released Joomla 3.7.3 which contains 3 security fixes that affect all Joomla 1.7.3 to Joomla 3.7.2 websites.
In addition to the security issues, Joomla 3.7.3 also fixes over 230 bugs.
The Joomla Team strongly recommends that all 3.x websites upgrade to version 3.7.3.
Protect your Community Builder site against spammers with CB AntiSpam 3.0.
This is a major release with 12 new features and 9 bug fixes. We have already installed it on our demo site, so feel free to preview it on us before you install it on your website.
Among the new features are:
- 5 modes of operation including honeypot and reCaptcha invisible
- block by ip range and wildcard substitutions in ip lists
- image output improvements to make spambots suffer
- account blocking (Joomla level) with optional profile banning
Stats Collection in Joomla
Since Joomla! 3.5 a statistics plugin will submit anonymous data to the Joomla Project. This will only submit the Joomla version, PHP version, database engine and version, and server operating system.
This data is collected to ensure that future versions of Joomla can take advantage of the latest database and PHP features without effecting significant numbers of users. The need for this became clear when a minimum of PHP 5.3.10 was required when Joomla! 3.3 implemented the more secure Bcrypt passwords.
In the interest of full transparency and to help developers this data is publicly available. An API and graphs will show the Joomla version, PHP versions and database engines in use.
If you do not wish to provide the Joomla Project with this information you can disable the plugin called System – Joomla Statistics.
Trustwave SpiderLabs researcher Asaf Orpani has discovered an SQL injection vulnerability in versions 3.2 through 3.4.4 of Joomla, a popular open-source Content Management System (CMS). Combining that vulnerability with other security weaknesses, our Trustwave SpiderLabs researchers are able to gain full administrative access to any vulnerable Joomla site.
Joomla had a 6.6 percent share of the market for website CMSs as of October 20, 2015 according to W3Techs—second only to WordPress. Internet services company BuiltWith estimates that as many as 2.8 million websites worldwide use Joomla.
The secure version is 3.4.5