15 December 2015

High Priority: Joomla! 3.4.6 Released

Written by Aníbal Sánchez, Posted in Announcements,

This is a security release for the 3.x series of Joomla which addresses a critical security vulnerability and 4 low level security vulnerabilities. We strongly recommend that you update your sites immediately.

High Priority: Joomla! 3.4.6 Released

Joomla! 3.4.6 is now available. This is a security release for the 3.x series of Joomla which addresses a critical security vulnerability and 4 low level security vulnerabilities. We strongly recommend that you update your sites immediately.

This release only contains the security fixes; no other changes have been made compared to the Joomla 3.4.5 release.

What's in 3.4.6

Version 3.4.6 is released to address four reported security vulnerabilities and includes security hardening of the user password reset system.

Security Issues Fixed

  • High Priority - Core - Remote Code Execution (affecting Joomla 1.5 through 3.4.5) More information »
  • Low Priority - Core - CRSF Hardening (affecting Joomla 3.2.0 through 3.4.5) More information »
  • Low Priority - Core - Directory Traversal (affecting Joomla 3.2.0 through 3.4.5) More information »
  • Low Priority - Core - Directory Traversal (affecting Joomla 3.4.0 through 3.4.5) More information »

Please see the documentation wiki for FAQ’s regarding the 3.4.6 release.

About the Author

Aníbal Sánchez

Aníbal Sánchez

JED Assistant Team Manager / Google Summer of Code 2017 Mentor

Web Developer, working with Joomla! CMS since 2007, developing extensions, social media and mobile applications. Currently working at Extly Extensions, SlimAppsApps for Joomla!, and Extly Tech as Director and Leading Developer.