Joomla 3.9.21 is now available. This is a security release for the 3.x series of Joomla which addresses 3 security vulnerabilities and contains over 20 bug fixes and improvements.

What's in 3.9.21?

Joomla 3.9.21 includes 3 security vulnerability fixes and addresses several bugs, including:

Security Issues Fixed

• Low Priority - Core - XSS in mod_latestactions (affecting Joomla! 3.9.0 through 3.9.20) More information »
• Low Priority - Core - Open redirect in com_content vote feature (affecting Joomla! 3.0.0 through 3.9.20) More information »
• Low Priority - Core - Directory traversal in com_media (affecting Joomla! 2.5.0 through 3.9.20) More information »

Bug fixes and Improvements

• TinyMCE updated #30329
• CodeMirror updated #30370
• Upload Package File / Joomla Update : Upload file size check added #30190 #29895
• Actions Log: Log an event when Joomla is updated #30157 

Visit GitHub for the full list of bug fixes.

Download

Joomla 4 Media Manager was one of the first features upgraded and incorporated into Joomla 4 at the Alpha stage. Find out what’s improved.

I have a confession. 

Having used Joomla so long, I’ve never really liked nor used the core media manager. You’d have to go in and delete files before you could delete folders, and aside from uploading files, there wasn’t much else it was doing. I installed JCE, and have used the JCE File Browser for the better part of a decade now. It’s better, but still has things that could be improved. I think I even got a question wrong on my Joomla Certified Administrator exam as I answered it based on Joomla 1.5 when I last looked at the core Media Manager!

The Media Manager has evolved

In writing a few articles on Joomla 4’s new features over recent months, the Media Manager certainly piqued my interest, and further inspection for this article shows that the work of the New Media Manager team over recent years will be rewarding users in Joomla 4 in spades.

The core improvements are sure to make users of older versions of the Media Manager users happier, and they go a long way towards delivering an overall solution that I’ll happily switch to when I roll out Joomla 4 when it’s released soon.

Key Features

Here’s a quick tour highlighting several of the new features.

So what do you do when the state of New Jersey is on quarantine, and 15 teens want to learn web? You teach them Joomla!

I have taught Joomla for years through Joomla Training, virtual training classes, and with Rutgers, the State University of New Jersey. More recently, I taught Joomla 100% virtually to our Rutgers staff and administrators so they could continue maintaining their websites, even during the quarantine. But why teach Joomla to teens? The idea first came up at our Forum for the Future conference that I attended in Spain with about 80 other Joomla volunteers. I participated in the team for engagement, and one of our ‘takeaways’ was to work on ‘Educational Outreach’. The Educational Outreach group was officially revitalised in Spring of 2020.

Covid-19 basically put us all in a situation of the perfect storm. Teens were home with no sports, no activities. I was available to put together a curriculum and to teach it for 5 sessions with a total of 12 hours of classroom time. Cloudaccess.net donated free hosting space for the teens to work from. SD Williams assisted as a co-teacher for the class and as a support system to build our initial website and flyers.

Now that we know we want to teach, how should we get the students? I contacted the recreation department of East Brunswick, NJ, where I lived. They were very receptive, especially because I was offering it for free. They contacted the youth council where several teens were already chomping at the bit to build their own website to start their own small businesses, while they were home. We selected Zoom as the platform since the students were already comfortable with it. We created 5 sessions, each session focused on a different aspect of building the website. By the end of the class, the ultimate goal was for the students to feel comfortable to build their own websites.

I taught 3 week day sessions which were 2 hours each, and 2 Saturday sessions which were 3 hours each. The students agreed that the 3 hours sessions were too long, so if we were to teach again, we would be sure to keep all sessions to 2 hours. The first session was to focus on high-level Joomla. In session two, we dove into articles and content. In session three, we focused on menus; session 4 was modules and finally, in session five, we installed a variety of tools and templates to see how everything really worked together. I personally would have liked to have a session six, where we could have spent a little more time ‘fixing’ up the site.

Joomla 3.9.20 is now available. This is a security release for the 3.x series of Joomla which addresses 6 security vulnerabilities and contains over 25 bug fixes and improvements.

What's in 3.9.20?

Joomla 3.9.20 includes 6 security vulnerability fixes and addresses several bugs, including:

Security Issues Fixed

• Low Priority - Core - CSRF in com_installer ajax_install endpoint (affecting Joomla! 3.7.0 through 3.9.19) More information »
• Moderate Priority - Core - Missing checks can lead to a broken usergroups table record (affecting Joomla! 2.5.0 through 3.9.19) More information »
• Low Priority - Core - CSRF in com_privacy remove-request feature (affecting Joomla! 3.9.0 through 3.9.19) More information »
• Low Priority - Core - Variable tampering via user table class (affecting Joomla! 3.0.0 through 3.9.19) More information »
• Low Priority - Core - Escape mod_random_image link (affecting Joomla! 3.0.0 through 3.9.19) More information »
• Low Priority - Core - System Information screen could expose redis or proxy credentials (affecting Joomla! 3.0.0 through 3.9.19) More information »

Bug fixes and Improvements

• Upload & Update tab of Joomla Update Component: Fix to allow upload of ZIP filetype only #29877
• Local database server: Allow optional port numbers #29567
• Beez3 Template: Markup fix for the Tabs layout of com_contact #29636
• Beez3 Template: Allow custom field editing on frontend #29577
• Backend cache cleared when purging updates #29603

Visit GitHub for the full list of bug fixes.

Download

The Joomla Project is pleased to announce the availability of the Joomla 4.0 Beta 2 release.

We believe we can improve on what is already a great product.

Introducing Joomla 4, a brand new way for people to create and manage their content, developed and sustained by a global community of volunteers. Joomla 4 offers you a platform that is reliable, steady, secure and fully equipped with a wide variety of options to build any website.

We invite you to download, install and test the package to improve quality assurance for the forthcoming 4.0 release and to discover the new features introduced in this major release.

What’s new in Joomla 4.0?

We are genuinely committed to making the next generation of Joomla the best Joomla ever. Joomla 4 will provide simplicity and a better user experience while also being a more robust system for developers.

Starting with the July meeting announcement we are using AcyMailing for our email newsletter. In our May meeting, AcyMailing Ambassador Joris Stolker walked us through AcyMailing 6.  Our interest in this extension was not just to discuss what it does but also because we were looking at using it for our newsletter.  

Why the Change to AcyMailing?

The first reason is that we like to support and use products that work with Joomla!  The second reason is that we wanted to streamline our communications.  

Getting started with AcyMailing was easy.  The new drop-and-drag editor made it easy to add content and add dynamic Joomla content.  We exported our list from MailChimp, imported into AcyMailing and we were ready to send our first newsletter.

What is AcyMailing?

AcyMailing is an Email and Marketing for Joomla! and Wordpress.  There is link testing, spam testing, click tracking, and marketing conversion. 

How much does AcyMailing Cost?

You can start with AcyMailing for free.  There are 3 paid plans, Essential, Enterprise, and Multisite.

Joomla 3.9.19 is now available. This is a security release for the 3.x series of Joomla which addresses 5 security vulnerabilities and contains over 40 bug fixes and improvements.

What's in 3.9.19?

Joomla 3.9.19 includes 5 security vulnerability fixes and addresses several bugs, including:

Security Issues Fixed

• Low Priority - Core - XSS in modules heading tag option (affecting Joomla! 3.0.0 through 3.9.18) More information »
• Low Priority - Core - Inconsistent default textfilter settings (affecting Joomla! 2.5.0 through 3.9.18) More information »
• Low Priority - Core - XSS in com_modules tag options (affecting Joomla! 3.0.0 through 3.9.18) More information »
• Moderate Priority - Core - XSS in jQuery.htmlPrefilter (affecting Joomla! 3.0.0 through 3.9.18) More information »
• Low Priority - Core - CSRF in com_postinstall (affecting Joomla! 3.7.0 through 3.9.18) More information »

Bug fixes and Improvements

• Fix incomplete utf8mb4 conversion since 3.9.17 #29117
• Backport jQuery 3.5 security fixes #28948
• Frontend: Removal of the create/edit menu item buttons #29191
• Extend the checks to make sure only real user admins can create accounts #28948
• Mail: Support of dotless domains #28576
• Codemirror updated to its latest release #28691
• Improve translation system supporting better pluralization for languages like Welsh #28763

Visit GitHub for the full list of bug fixes.

Download

The Joomla Project is pleased to announce the availability of the Joomla 4.0 Beta release.

We believe we can improve on what is already a great product.

Introducing Joomla 4, a brand new way for people to create and manage their content, developed and sustained by a global community of volunteers. Joomla 4 offers you a platform that is reliable, steady, secure and fully equipped with a wide variety of options to build any website.

We invite you to download, install and test the package to improve quality assurance for the forthcoming 4.0 release and to discover the new features introduced in this major release.

Joomla 4 is getting closer with the Beta version expected for the end of this month, but, at the same time, Joomla's contributors are working hard to develop another important release: Joomla 3.10.

Joomla 3.10 has been announced as the "Bridge version", a release that has several purposes: being the final milestone of the Joomla 3.x series and act as the intermediate version for those websites that will migrate to the 4.x series. The major feature of Joomla 3.10 will be the so-called "Update Checker", a suite of controls and verifications to test the compatibility of the website with the Joomla 4.x series, in order to properly plan and deal with the migration to the new major version of the CMS.

Given the importance of these intermediate steps, in the preparation for the migration to Joomla 4, we decided to ask some questions about Joomla 3.10 to its Release Leader: Tobias Zulauf, a long-term Joomla contributor and developer.

First of all, thanks Tobias for your time answering our questions.

What is the main objective of Joomla 3.10?

The main objective for Joomla 3.10 is that it is the last minor release of 3.x, a dedicated compatibility release and the starting point for any Joomla 3 to Joomla 4 upgrade.