Joomla 3.6.5 Security Release

Joomla! 3.6.5 Security Release Security Release and Bug fixes
Status: Joomla! 3.6.5 has been released and is available as a full package

Joomla! 3.6.5 Security Release Info

The update focuses on three security vulnerabilities, security hardening, and three bug fixes. If you are using the 3.x version of Joomla, then you should update your sites.

Security Fixes

The security issues include the following:

  • Elevated Privileges (Joomla! versions affected: 1.6.0 – 3.6.4)
  • Shell Upload (Joomla! versions affected: 3.0.0 – 3.6.4)
  • Information Disclosure (Joomla! versions affected: 3.0.0 – 3.6.4)

The Security Hardening focuses on restricting a user’s ability to make harmful configuration changes. To find out more information on this change, please see Miscellaneous Security Hardening.

Bug Fixes

The bug fixes included in the 3.6.5 release include:

  • Fix Joomla Updater for Windows Users
  • Fix installation language for sr-YU
  • Fix default values for user creation on installation

For more information on the Joomla! 3.6.5 release, please click here.

Download the 3.6.5 update

Click here to get the Joomla! 3.6.5 update

AC
Arnel Custodio Content Writer I

As a writer for InMotion Hosting, Arnel has always aimed to share helpful information and provide knowledge that will help solve problems and aid in achieving goals. He's also been active with WordPress local community groups and events since 2004.

More Articles by Arnel

Thoughts on “Joomla 3.6.5 Security Release

  • It may have been an unknown module or my template (RocketThemes Hadron 1.5.0), but PHP 5.5.30 seems to have been a conflict with the J 3.6.5 upgrade. I didn’t have the cPanel PHP switcher, so I had support install that, and set this site to PHP 5.6.27. This fixed my error.

  • I’ve done this upgrade, and my Administrator kicks out an Internal Server Error 500 when I try to view Modules and Templates. Very little troubleshooting out there right now following this update, yet. I can’t find much in log files… error_log (in / or in /administrator/) or Error Logs in cPanel don’t register this, it seems.

Was this article helpful? Let us know!