Joomla! 3.6.5 is now available. This is a security release for the 3.x series of Joomla! which addresses three security vulnerabilities, miscellaneous security hardening and three bug fixes; no further changes have been made compared to the Joomla! 3.6.4 release. We strongly recommend that you update your sites.
What's in 3.6.5
Version 3.6.5 is released to address three security issues, miscellaneous security hardening and three bugs.
Security Issues Fixed
- High Priority - Core - Elevated Privileges (affecting Joomla! 1.6.0 through 3.6.4) More information »
- Low Priority - Core - Shell Upload (affecting Joomla! 3.0.0 through 3.6.4) More information »
- Low Priority - Core - Information Disclosure (affecting Joomla! 3.0.0 through 3.6.4) More information »
- Security Hardening More information »
- [#12817] Fix Joomla Updater for Windows Users
- [#12984] Fix installation language for sr-YU
- [#12589] and [#13127] Fix default values for user creation on installation
Please see the documentation wiki for FAQ’s regarding the 3.6.5 release.
Over the last weeks we have sent mixed messages about Joomla! 3.7 and what will be included in the final version. Without having an alpha/beta version published this is always complicated but with this post we are trying to clear the air.
As part of our post-release review process for the 3.6.4 release, the Joomla! Security Strike Team has identified and confirmed an additional side effect of the issue resolved in security advisory 20161002 (CVE-2016-8869) and as such we have revised our assessment of this issue.