Joomla! 3.9.27 Security Release announced

joomla help support cheshire manchester merseyside north west ukRelease date: 25 May 2021.

Joomla! 3.9.27 is a SECURITY FIX which addresses THREE vulnerabilities.

This release includes a Post Installation Message about a new technology being rolled out by browsers called FLoC.

The Joomla! CMS will by default block FLoC browser technology when you install the Joomla! 3.9.27 Security Release.

See below for why this change has been made by The Joomla! Project.

This release also continues to improve support for PHP 8 (released in November 2020).

See the Release Notes at the link below.

Read more: Joomla! 3.9.27 Release News.

Read more: Joomla! 3.9.27 Post Installation Message.

 

Addressed Vulnerabilities

Low Severity

Low Impact - Adding HTML to the executable block list of MediaHelper::canUpload (affecting Joomla! 3.0.0 through 3.9.26).
Low Impact - CSRF in AJAX reordering endpoint (affecting Joomla! 3.0.0 through 3.9.26).
Low Impact - CSRF in data download endpoints (affecting Joomla! 3.0.0 through 3.9.26).

 

Joomla! and FLoC Browser Technology

The Joomla! CMS will by default block FLoC browser technology when you install the Joomla! 3.9.27 Security Release.

Why has this change been made by The Joomla! Project?

To help prevent website visitors from being profiled by FLoC browser technology.

You can change this setting in Global Configuration under the Site tab if you wish.

But first find out the implications of doing so.

Read more: Joomla! and FLoC.

For more information about FLoC visit the Electronic Frontier Foundation (EFF) website.

Read more: EFF say FLoC is a terrible idea.

 

Back up before updating is highly recommended

Protect your assets.

Perform a FULL backup of your website (database and files) BEFORE updating the Joomla! CMS and/or its extensions.

Read more: How to back up your website.

Read more: How to update your Joomla! CMS & its extensions.

 

Make Joomla! CMS Security YOUR #1 Priority

joomla support cheshire manchester merseyside north west ukWe offer Joomla! coaching, help and support to businesses and organisations across Cheshire, Manchester, Merseyside, North West England & the UK.

Learn how to manage Joomla! website security.