Joomla! 3.4 - Do More

Joomla! 3.4.5 is now available. This is a security release for the 3.x series of Joomla which addresses a critical security vulnerability. We strongly recommend that you update your sites immediately. This release only contains the security fixes; no other changes have been made compared to the Joomla 3.4.4 release.

Security Release

What's in 3.4.5

Version 3.4.5 is released to address three reported security vulnerabilities and includes additional security hardening of the UploadShield system.

Security Issues Fixed

  • High Priority - Core - SQL Injection (affecting Joomla 3.2 through 3.4.4) More information »
  • Medium Priority - Core - ACL Violations (affecting Joomla 3.2 through 3.4.4) More information »
  • Medium Priority - Core - ACL Violations (affecting Joomla 3.0 through 3.4.4) More information »

Please see the documentation wiki for FAQ’s regarding the 3.4.5 release.

Download

Upgrade Packages:

Upgrade Packages
Joomla 3 upgrade packages

Note: Please read the update instructions before updating.

Please remember to clear your browser's cache after upgrading.

A Huge Thank You!

Thank you to Asaf Orpani of Trustwave and Netanel Rubin at PerimeterX for the responsible disclosure of the security vulnerabilities addressed in this release and to the Joomla Security Strike Team for their swift resolution of these issues.

Joomla Security Strike Team

A big thanks to the Joomla Security Strike Team for their ongoing work to keep Joomla secure. Members include: Matias Aguirre, Michael Babker, Beat B., Mark Boos, Marco Dings, Nicholas Dionysopoulos, Matias Griese, Thomas Hunziker, David Jardin, Alan Langford, Jean-Marie Simonet, Phil Taylor, Viktor Vogel, George Wilson

Security Team Leadership: Viktor Vogel, Coordinator

Image Credit: Chiara Aliotta and Helvecio Da Silva