====================================================================

                             CERT-Renater

                 Note d'Information No. 2019/VULN427
_____________________________________________________________________

DATE                : 20/12/2019

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Joomla versions prior to 3.9.14.

=====================================================================
https://www.joomla.org/announcements/release-news/5781-joomla-3-9-14.html
_____________________________________________________________________

Joomla 3.9.14 is now available. This is a security fix release for the
3.x series of Joomla which addresses two security vulnerabilities and
contains over 35 bug fixes and improvements.


What's in 3.9.14?

Joomla 3.9.14 includes two security vulnerability fixes and several bugs
and improvements, including:


Security Issues Fixed

    Low Priority - Core - Path Disclosure in framework files (affecting
Joomla 3.8.0 through 3.9.13)

    Low Priority - Core - Various SQL injections through configuration
parameters (affecting Joomla 2.5.0 through 3.9.13)


Bug fixes and Improvements

    Improve PHP 7.4 compatibility #27190 #27219
    Fix incorrect id generated for input fields in repetable subform
      #27081
    Fix Sample Data Learn #27100 #27101 #27102
    Allow JSON Document caching #27161
    Avoid errors when Joomla! gets outdated #27197
    Show full video filename and preview icon in Media Manager #27230


Visit GitHub for the full list of bug fixes.

=========================================================
+ CERT-RENATER        | tel : 01-53-94-20-44            +
+ 23/25 Rue Daviel    | fax : 01-53-94-20-41            +
+ 75013 Paris         | email:cert@support.renater.fr   +
=========================================================