Joomla! 3.6.1 is now available. This is a security release for the 3.x series of Joomla. This release fixes several low level security issues. We strongly encourage you update your sites.
IMPORTANT: PLEASE READ THIS ANNOUNCEMENT ABOUT THE 3.6.1 UPDATE PROCESS
What's in 3.6.1?
Version 3.6.1 also addresses several issues:
- Fixes a bug resulting from a backwards compatibility break in PHP 7.0.9
- Fix for language redirects being cached in the browser
- Fix upgrades from Joomla! 2.5.28
- Fix SQLAzure database driver
- TinyMCE upgrade to 4.4.0.
Thanks to the hard work of 46 different volunteer contributors, more than 500 code commits, addressing nearly 150 issues, were made for the 3.6.1 release.
See the list of fixed GitHub issues for details of the tracker items fixed.
Security Issues Fixed
- Medium Priority - Core - CRSF More information »
- Low Priority - Core - ACL Violations More information »
- Low Priority - Core - XSS Vulnerability More information »
For known issues with the 3.6.1 release, see the Version 3.6.1 FAQ in the documentation site.
The Production Leadership Team's goal is to continue to provide regular, frequent updates to the Joomla! Community. Learn more about Joomla! development at the Joomla! Developer Network.
Download
New Installations:
Download Joomla! 3.6.1English (UK), 3.6.1 Full Package
Upgrade Packages:
Upgrade PackagesJoomla! 3 upgrade packages
Note: Please read the update instructions before updating.
Please remember to clear your browser's cache after upgrading.
If you find a bug in Joomla, please report it on the Joomla! Issue Tracker.
How can you help Joomla! development?
There are a variety of ways in which you can get actively involved with Joomla. It doesn't matter if you are a coder, an integrator, or merely a user of Joomla. You can contact anyone on the Production Department, to get more information, or if you are ready you can jump right into the Joomla! Bug Squad.
The Joomla! Bug Squad is one of the most active teams in the Joomla! development process and is always looking for people (not just developers) that can help with sorting bug reports, coding patches and testing solutions. It’s a great way for increasing your working knowledge of Joomla, and also a great way to meet new people from all around the world.
If you are interested, please read about us on the Joomla! Documentation Wiki and, if you wish to join, email
You can also help Joomla! development by thanking those involved in the many areas of the process. In the past year, for example, over 1,250 bugs have been fixed by the Bug Squad.
The Project also wants to thank all of the contributors who have taken the time to prepare and submit work to be included in the Joomla! CMS and Framework.
A Huge Thank You to Our Volunteers!
A big thank you goes out to everyone that contributed to the Joomla! 3.6 release!
Visit our 3.6 page in your language to discover the main features of Joomla! 3.6 and find a list of contributors on our Thank You Page.
Spread the Joomla! Love
Are you looking for the official imagery for your blogpost, a banner on your site or an image to share on social media? You can find them all in many languages on the Joomla! Documentation.
Joomla! Security Strike Team
A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla! secure.
Members include: Matias Aguirre, Michael Babker, Beat B., Mark Boos, Marco Dings, Nicholas Dionysopoulos, Matias Griese, Thomas Hunziker, David Jardin, Alan Langford, Jean-Marie Simonet, Phil Taylor, Viktor Vogel, George Wilson.
Security Team Leadership: Viktor Vogel, Coordinator.
Image Credit: Elisa Foltyn.