====================================================================

                             CERT-Renater

                 Note d'Information No. 2021/VULN288
_____________________________________________________________________

DATE                : 27/05/2021

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Joomla versions prior to 3.9.27.

=====================================================================
https://www.joomla.org/announcements/release-news/5836-joomla-3-9-27.html
_____________________________________________________________________


Joomla 3.9.27 Release

    Created: 25 May 2021


Joomla 3.9.27

Joomla 3.9.27 is now available. This is a security release for the 3.x
series of Joomla which addresses 3 security vulnerabilities and contains
more than 15 bug fixes and improvements.


What's in 3.9.27?

Joomla 3.9.27 includes 3 security vulnerability fixes and addresses
several bugs, including:

Security Issues Fixed

    [20210501] Low Severity - Low Impact - Adding HTML to the executable
block list of MediaHelper::canUpload (affecting Joomla! 3.0.0 through
3.9.26) More information »

    [20210502] Low Severity - Low Impact - CSRF in AJAX reordering
endpoint (affecting Joomla! 3.0.0 through 3.9.26) More information »

    [20210503] Low Severity - Low Impact - CSRF in data download
endpoints (affecting Joomla! 3.0.0 through 3.9.26) More information »


Bug fixes and Improvements

    Disable FLoC by default #33212
    Postgres compatibility fixes for smart search #31809
    Allow objects stored in tables as json #33633
    Improve indexing performance of Smart Search #33720
    Addional PHP 8 improvment #3311


Visit GitHub for the full list of bug fixes.



A Huge Thank You to Our Volunteers!

A big thank you goes out to everyone that contributed to the 3.9
releases!


Make the next Joomla release even better

Download the upcoming releases from the nightly build page (for testing
purposes only - do not use on production sites).


Want an even easier option? Get yourself over to launch.joomla.org -
where you can also test Joomla 4.0 with just one click - no testing
environment needed, nothing to install or set up (at all).


Translations

    Russian: ????? ????? ???????????? Joomla 3.9.27
    Spanish: Joomla 3.9.27 ya está disponible
    Dutch: Joomla 3.9.27 is nu beschikbaar
    German: Joomla 3.9.27 Release
    Italian: Disponibile aggiornamento sicurezza Joomla 3.9.27
    Turkish: Joomla! 3.9.27 Yayinlandi
    Greek: Joomla 3.9.27 - ?sf??e?a ?a? ?e?t??se??
    French: Joomla 3.9.27 est disponible


=========================================================
+ CERT-RENATER       |    tel : 01-53-94-20-44          +
+ 23/25 Rue Daviel   |    fax : 01-53-94-20-41          +
+ 75013 Paris        |    email:cert@support.renater.fr +
=========================================================