Joomla 3.7.3 Security & Maintenance Release

The Joomla Team has released Joomla 3.7.3 which contains 3 security fixes that affect all Joomla 1.7.3 to Joomla 3.7.2 websites.
In addition to the security issues, Joomla 3.7.3 also fixes over 230 bugs.
The Joomla Team strongly recommends that all 3.x websites upgrade to version 3.7.3.

Joomla Falang: new release v2.8.3

Changelog

2.8.3 (2017/04/26)

  • add content element for custom field (Joomla 3.7)
  • add custom fields in falang edit mode(readonly only)(Joomla 3.7)
  • remove warning message (Joomla 3.7)
  • remove hreflang for inactive language menu item
  • metakey resizable comme metadesc (text area) article/menu
  • fix status translation due to images&links system
  • add store orginal text for param’s type too
  • fix bug on cache (thanks nicolas from hikashop)
  • change footer

CB AntiSpam 3.0 for Joomla released!

Protect your Community Builder site against spammers with CB AntiSpam 3.0.

This is a major release with 12 new features and 9 bug fixes. We have already installed it on our demo site, so feel free to preview it on us before you install it on your website.

Among the new features are:

  • 5 modes of operation including honeypot and reCaptcha invisible
  • block by ip range and wildcard substitutions in ip lists
  • image output improvements to make spambots suffer
  • account blocking (Joomla level) with optional profile banning

Joomla! 3.5 is Here

joomla35graphic

Stats Collection in Joomla

Since Joomla! 3.5 a statistics plugin will submit anonymous data to the Joomla Project. This will only submit the Joomla version, PHP version, database engine and version, and server operating system.

This data is collected to ensure that future versions of Joomla can take advantage of the latest database and PHP features without effecting significant numbers of users. The need for this became clear when a minimum of PHP 5.3.10 was required when Joomla! 3.3 implemented the more secure Bcrypt passwords.

In the interest of full transparency and to help developers this data is publicly available. An API and graphs will show the Joomla version, PHP versions and database engines in use.

If you do not wish to provide the Joomla Project with this information you can disable the plugin called System – Joomla Statistics.

Soruce: Joomla.org

Joomla SQL Injection Vulnerability Exploit Results in Full Administrative Access

joomla-logo

Trustwave SpiderLabs researcher Asaf Orpani has discovered an SQL injection vulnerability in versions 3.2 through 3.4.4 of Joomla, a popular open-source Content Management System (CMS). Combining that vulnerability with other security weaknesses, our Trustwave SpiderLabs researchers are able to gain full administrative access to any vulnerable Joomla site.

Joomla had a 6.6 percent share of the market for website CMSs as of October 20, 2015 according to W3Techs—second only to WordPress. Internet services company BuiltWith estimates that as many as 2.8 million websites worldwide use Joomla.

The secure version is 3.4.5