Joomla 3.3.6 and 3.2.7 Security Releases now available

Joomla 3.3.6 and 3.2.7 Security Updates have been released.

Joomla 3.3.5 and 3.2.6 were retracted and the same tracker and security issues notes in that release are included in this release.

If you have already installed 3.3.5 or 3.2.6 the Joomla Updater will not work this one time to update the site. You can use Method B of the upgrade instructions found in the Joomla WIKI to update. Note that Watchful subscribers are not affected by the updater bug and may use their dashboard to upgrade as usual.

This is a security release adressing 1 High Priority - [20140903] - Core - Remote File Inclusion and - 1 Medium Priority - [20140904] - Core - Denial of Service vulnerability as well as resolves 9 tracker issues.

IMPORTANT NOTE: Joomla 3.3.0 and higher requires PHP 5.3.10 for server that have yet to be updated the Joomla 3.2.7 bridge release that includes the patches for the 2 vulnerabilities is also available which can be used with PHP versions 5.3.1 through 5.3.9. It is highly recommended that servers are update to the latest version of PHP 5.3 for best performance, security and compatibility (current release is PHP 5.3.29). Note that older releases will be prompted to update to Joomla 3.2.4 before upgrading to Joomla 3.3.4

This is a security and maitenenance release.

Full details can be found in the official 3.3.6 release announcement at

This release is a security and feature release, we highly recommend that users perform a Joomla upgrade in order to take advantage of the fixes and features that have been released.

A Joomla upgrade can be performed directly in the Joomla administrative backend. For users with multiple sites, we recommend updating all your sites from — a centralized site manager for Joomla.

Last modified on Oct012014
blog comments powered by Disqus

Get the latest updates on our extensions