The Joomla! Project has announced the release of Joomla 5.1.3 and 4.4.7, bringing important security fixes and bug improvements to the popular content management system. As a long-time Joomla user and web developer, I'm excited to share the highlights of this release with you.
Security First
This update addresses several critical security vulnerabilities, including:
- XSS vectors in Outputfilter::strip* methods
- Improper ACL for backend profile view
- XSS in HTML Mail Templates
- Cache Poisoning in Pagination
- Inadequate validation of internal URLs
It's crucial to note that two of these fixes involve behavior changes that may affect existing sites. Be sure to check the 5.1.3 release FAQ for more details.
What's New in 5.1.3?
Besides the security patches, Joomla 5.1.3 brings several improvements:
- Updated TinyMCE to version 6.8.4
- Fixed attachment handling in Mail class
- Improved Schema.org data management
- Enhanced frontend language handling for multilingual sites
- Various UI and JavaScript fixes
Joomla 4.4.7 Update For those still on the 4.x branch, 4.4.7 focuses primarily on bug fixes. While it doesn't introduce new features, it's an essential stepping stone for future upgrades to Joomla 5.x.
Upgrading to Joomla 5 If you're considering the move to Joomla 5, there's good news: upgrading from 4.4.x to 5.x is relatively straightforward. Many Joomla 4 extensions will work in Joomla 5, especially with the new Backward Compatibility Plugin. However, it's always wise to test the upgrade on a copy of your site first.
Don't feel pressured to upgrade immediately – Joomla 4.4 will be supported for two more years. Take your time to ensure all your extensions are Joomla 5 compatible.
Getting Involved
Joomla's strength lies in its community. Whether you're a coder, integrator, or user, there are many ways to contribute:
- Join discussions on Mattermost
- Help with bug reporting and testing
- Contribute to documentation
A big thank you to all the volunteers who made this release possible. Their dedication keeps Joomla secure, accessible, and powerful for users worldwide.
Ready to upgrade?
Head over to the Joomla Downloads site to get started. And if you're new to Joomla 5, why not take it for a spin at launch.joomla.org