Skip to Content Skip to Menu

Joomla 4.1.2 and Joomla 3.10.8 are here!

 

The Joomla! Project is ticking like a Swiss watch and agile like a leopard!

Right on schedule, Joomla 4.1.2 and Joomla 3.10.8 have been just released, 6 weeks after Joomla 4.1 and 3.0.6!

Both are security and maintenance releases for previous Joomla <4.1.1 and <3.10.7 releases.

It is delighting to see Joomla picking up momentum and confirming its dependability and agility.

With Joomla 4.2 alpha 1 around the corner, the future is bright. Kudos to the Joomla Production and Security Strike Teams (of which our Beat is also member)!

Joomla 4.1.2 includes 7 low level security vulnerabilities fixes (see full announcement below for security details) and addresses several bugs and improvements:

  • Language strings behaviour fix in TinyMCE
  • Fix switch for syntax highlighting in TinyMCE
  • Show failed tasks in scheduler
  • Correct usage of parameters of Jooa11y integrated accessibility and quality assurance tool
  • Codemirror HTML text editor enhancements
  • Several PHP 8.1 improvements (some contributed by Beat)

Joomla 3.10.8 contains 5 low level security vulnerabilities fixes (see full announcement below for security details) and several bugfixes and welcome improvements:

  • Backport JQuery UI security patch for CVE-2021-41184 (Joomla core, CB and our add-ons were not affected)
  • Disable Google Fonts setting for new Joomla 3.10.7+ installations only
  • [Regression] Fixes redirect values updating automatically unintentionally changed
  • Removes FLoC setting as FLoC has been abandoned
  • E-Mail Cloak: TLDs longer than 10 are no longer truncated
  • Privacy Consent wording clarifiaction: I agree/No reply is now: I agree / I do not agree.

As previously mentioned, both Joomla 4.1.2 and 3.10.8 are security releases and highly recommended upgrades. If you are still on Joomla 3.9 or below, or 4.0, it is time to upgrade to Joomla 3.10.8 and 4.1.2, both versions being smooth upgrades for their respective series.

Community Builder 2.7.2 and all Joomlapolis add-ons run just fine on all of these new Joomla releases.

You can learn more about these new features by reading the Joomla 4.1.2/3.10.8 announcement.

You may ask: what happened to 4.1.1 and 3.10.7? A few hours after release a last-minute regression for a small minority of websites using alternate authentication plugins for logins has been reported. The 4.1.1 and 3.10.7 releases got quickly removed from the updates servers, the Joomla team worked hard to fix the issue, and a few hours later Joomla 4.1.2 and Joomla 3.10.8 have been released without the corresponding change, thus fixing this regression in a safe way! Community Builder is using Joomla's standard APIs, and was thus not affected by this regression of Joomla 4.1.1 and 3.10.7.

A few personal words about the 4.1.1 and 3.10.7 short-lived Joomla releases: Bugs and mistakes can happen in great teams. But what sets aside an awesome team, like Joomla, from a great team is how mishaps are handled. Joomla has quickly and openly acknowledged its bug, and swiftly fixed the issue, provided a FAQ to help the very few people that got affected by the regression bug. Additionally, discussions are looking into how to improve the processes. While very few loose time pointing fingers or laughing, we can only say: Kudos Joomla! Team! and then continue moving ahead full speed on our next CB Paid Subscriptions release 4.6 which should come soon, with a nice surprise included!