Joomla 4.3.2 - Αναβάθμιση ασφαλείας και διόρθωσης σφαλμάτων

Η νέα έκδοση ασφαλείας του Joomla! 4.3.2, επιλύει 2 θέμα ασφαλείας και επιπλέον περιλαμβάνει πολλά bug fixes και λοιπές βελτιώσεις

Δείτε πιο αναλυτικά τι περιλαμβάνει το Joomla 4.3.2.

Project: Joomla Core
Ημερομηνία: 29 Μαΐου 2023
Τύπος αναβάθμισης: Ασφάλεια και επιδιόρθωση σφαλμάτων

Η έκδοση 4.3.2 περιλαμβάνει:

Αναβαθμίσεις ασφαλείας:

• [20230501] Low Severity - Low Impact - Low Probability - Open Redirect and XSS within the mfa selection (affecting Joomla! 4.2.0 - 4.3.1)
• [20230502] Moderate Severity - Critical Impact - Low Probability - Bruteforce prevention within the mfa screen (affecting Joomla! 4.2.0 - 4.3.1)

Διορθώσεις Bug και βελτιώσεις:

Accessibility

• hide table headers in tables rather than omit them when 'show headings' is set to 'no'

Banners

• aria-label not translated in com_banners
• reset statistics on banner duplication
• cannot batch copy banners
`

Contacts

• cannot batch copy contacts

Content

• Content component improved validation when only positive integers are allowed

Editors

• TinyMCE prevents white text on a white background in preview
• TinyMCE editor plugin language of parts fails if subform fields are empty
• Codemirror corrects path for keybinding script

Fields

• re-introduction of specific layouts to render Contact custom fields
• calendar type min/max year
• PHP warning when preparing Text field

Guided Tours

• escaping of data on update or new installs is unnecessary for the 'extensions' column
• banners tour is skipping a few fields
• order of the tours in the modal should no be sorted automatically, use the tour's view order instead

Media Manager

• replace 'an error occurred' with 'this file type is not supported'
• refactor the session fallback
• remove warning in console

Mail Templates

• tag needs to be quoted before being passed onto the regular expression
• newly created mail template is not properly recorded in the database (missing extension data and double arrayed tags)

Smart Search

• add padding to highlighted search words in smart search
• detect whether Memory engine is supported

Tags

• router issues on multilingual sites, breaking old URLs
• hide the filter_tag parameter from the URL when the menu item is created with category type and filtering by tag or tags

Tags

• template parameter invalid json string
• template manager PHP 8.1 warnings removal
• missing Cassiopeia black color variable
• Cassiopeia menu breakpoint for hamburger to prevent vertical menu

User

• javascript error on login page when MFA
• Text() not found on user login
• category access levels should not apply to users having core.admin access
• User groups tab use invalid checkbox ids
• Module positions do not show in com_user settings
• removed login message on login in the frontend
• Fix submit button focus on frontend MFA captive login page when using Webauthn

Others

• allow new category when no other category exists
• when a component is disabled, menu items' icon should show 'component not found' and represent a warning rather than a cross with 'publish item' tooltip
• improved messaging when an extension is missing checksum information (hash codes proving the file is genuine)
• Articles categories module caching no longer fails
• make schedule runner/keepalive work with adblockers/no script
• remove any spaces from the disable_functions string in the php.ini before exploding into an array for checking and prevent error
• undefined key in HTMLDocument setBuffer
• PluginHelper::getLayoutPath should work in CLI (in non web context)
• show empty state layout only when cache contains no data
• improved RSS page title
• update of the help table of content
• PHP 8.2 warnings in Multilingual Sample Data plugin
• list-view .js should work with Ajax content

Περισσότερες πληροφορίες σχετικά με το Joomla 4.3.2, μπορείτε να βρείτε στον παρακάτω σύνδεσμο:
https://www.joomla.org/announcements/release-news/5887-joomla-4-3-2-security-and-bug-fix-release.html