Recently released Joomla 3.4.6 and 3.4.7 updates are the important security releases! Update your site without any template damage risk!
On 14th and 21st December 2015 were introduced two important security Joomla updates. What changes are included in the updates? First of all - improving site security.
At first Joomla 3.4.6 version has 4 serious vulnerabilities regarding safety of the users password reset system fixed.
Changes have a different priority depending on the degree of danger:
- High Priority - Core - Remote Code Execution (affecting Joomla 1.5 through 3.4.5)
- Low Priority - Core - CRSF Hardening (affecting Joomla 3.2.0 through 3.4.5)
- Low Priority - Core - Directory Traversal (affecting Joomla 3.2.0 through 3.4.5)
- Low Priority - Core - Directory Traversal (affecting Joomla 3.4.0 through 3.4.5)
Joomla 3.4.7 version has fixed the issue related with compatibility with older PHP versions. Applied changes:
- High Priority - Core - Session Hardening (affecting Joomla 1.5 through 3.4.6)
- Low Priority - Core - SQL Injection (affecting Joomla 3.0.0 through 3.4.6)
So if you have not updated you Joomla, do it now! If you are worry if the template will work correctly after update we just would like you ti inform that we have updated all our demo sites and may confirm that everything works fine, so we give you the green light :)
Remember, that before making any changes first backup your site! Why? Just in any case!