Note to readers

This publication does not currently meet the Government of Canada's Web Standards. The information remains valid.

Joomla! Security Release 3.6.5

Number: AV16-202
Date: 14 December 2016

Purpose

The purpose of this advisory is to bring attention to the recently released security fixes for Joomla!.

Assessment

Joomla! has released a new version that contains security fixes to address the following vulnerabilities in Joomla!:

  • Elevated Privileges
  • Shell Upload
  • Security hardening of configuration tools for user account settings

Versions affected: Joomla! 1.6.0 through 3.6.4

Suggested Action

CCIRC recommends that owner/operators test and deploy the vendor released updates or workarounds to affected platforms accordingly.

References

https://www.joomla.org/announcements/release-news/5693-joomla-3-6-5-released.html

Date modified: