Joomla! 3.8.9 and 3.8.10 are now available and they're security releases. Since a few security issues and bugs have been resolved, we’re considering these updates security fixes and we recommend all Joomla website owners have this upgrade done.
Joomla! 3.8.9 is a security release which addresses 2 security vulnerabilities, contains over 50 bug fixes, and includes various security related improvements.
Joomla! 3.8.9 Release (joomla.org)
What’s in Joomla! 3.8.9?
Security Issues Fixed:
- Low Priority - Core - Local File Inclusion with PHP 5.3 (affecting Joomla 2.5.0 through 3.8.8)
- Low Priority - Core - XSS vulnerability in language switcher module (affecting Joomla 1.6.0 through 3.8.8)
Bug fixes and Improvements:
- Correctly escape the random image module output
- Fix folder browsing and file upload that broke in 3.8.8 due to escaping
- com_mailto (mail to friend) allows the usage of a Captcha by using JForm
- Tag indexing improvement
- Fix use of hyphens in data attributes
- Updates to third party PHP libraries
- CodeMirror updated to 5.38.0
Joomla! 3.8.10 Release (joomla.org)
What’s in Joomla! 3.8.10?
Security Issues Fixed:
- Joomla 3.8.10 is addressing one bug introduced into Joomla 3.8.9. This release is fixing the autoloader for Windows platforms
The previous release was on May 22, 2018.
Our Website Maintenance Department will be in contact with our clients regarding this upgrade. If you need this upgrade done on your website, please contact us.
Thank you,
–Tony
