Skip to Content Skip to Menu

Joomla 3.9.5 is here - a security and bug fixes release!

 

The Joomla project team has recently released version 3.9.5 that addresses three security vulnerabilities fixes and several bugs and improvements.

Security Issues Fixed

  • Low Priority - Core - Directory Traversal in com_media (affecting Joomla 1.5.0 through 3.9.4)
  • High Priority - Core - Helpsites refresh endpoint callable for unauthenticated users (affecting Joomla 3.2.0 through 3.9.4)
  • Moderate Priority - Core - Object.prototype pollution in JQuery $.extend (affecting Joomla 3.0.0 through 3.9.4)

Bug fixes and Improvements

  • User Password: Add minimum lowercase rule for password validation
  • Associations tab: Fix wrong behaviour of Indonesian language
  • Debug language: Fix User Actions Log Manager
  • New installation language: Kazakh
  • Google Authenticator plugin (2FA): QR-code generator implemented

 

Community Builder 2.4.1 (latest build) and all Joomlapolis add-ons work just fine with Joomla 3.9.5. You can see everything in action on our demo site.

The Joomla 3.9.5 is a highly recommended upgrade for all Joomla 3.x series sites - you should upgrade immediately.

As always, before any Joomla upgrade on your live website, take a backup just in case anything goes wrong.

You can learn more about the fixed bugs by reading the Joomla 3.9.5 announcement.