Released on: Thursday, 14 March 2019 07:02
Protection of all component and plugin folders against direct web access. This is ABSOLUTELY NOT a security-related change. While it's a common misconception, being able to see non-executable, static files is not a security issue. It might allow someone to figure out which version of Joomla and its extensions you are using but hackers don't actually rely on this information. Therefore this change is just made to ease the mind of people unduly worrying about an irrelevant non-issue, detracting them from the real security concerns (i.e. is their software up-to-date). That's why we made the change: to have people stop worrying about useless non-issues and help them focus on the actual issues which can have a security impact on their sites.
Support for PDO PostgreSQL database driver. This is a feature contributed by a third party developer. We no longer test our software with PostgreSQL.
Allow Site Transfer Wizard to ignore free disk space requirements. This is useful for servers which report the free space wrong or for servers with 32-bit versions of PHP and free disk space over 2GB. In both cases the Site Transfer Wizard would fail with a message about not enough disk space.
Added BackupID in the failed backups email notifications. This lets you pinpoint the failed backup more easily.
Critical bugfix: backup under CLI was broken. The CLI code would misidentify migrated backup profiles and complain that your encryption settings have changed, aborting the backup.
Important bugfix: Folder browser would not work under Windows. An additional check added against arbitrary data injection was misbehaving on Windows servers, causing the Folber Browser page to appear blank. Mostly experienced when you used the Browse button next to the Output Directory in the Configuration page to find a new location for your backups.
Bug fixes. We regularly fix smaller and bigger issues. Please consult the CHANGELOG below and the full change history available from the software's main page by clicking the CHANGELOG button.
We only officially support the latest stable branch of Joomla!. At the time of this writing it is Joomla! 3.9.
Our software should still run on Joomla! 3.8 or later, including 3.8 and 3.9. These versions are not actively supported by us or the Joomla! project anymore. We strongly advise you to run the latest available version of Joomla! for security reasons. Older versions of Joomla! have known major security issues which are being actively exploited to hack sites.
We only officially support using our software with PHP 5.6, 7.1, 7.2 or 7.3. We strongly advise you to run the latest available version of PHP on a branch currently maintained by the PHP project for security and performance reasons. Older versions of PHP have known major security issues which are being actively exploited to hack sites and they have stopped receiving security updates, leaving you exposed to these issues. Moreover, they are slower, therefore consuming more server resources to perform the same tasks.
Kindly note that our policy is to officially support only the PHP versions which are not yet End Of Life per the official PHP project with a voluntarily extension of support for 6 to 9 months after they become End of Life. After that time we stop providing any support for these obsolete versions of PHP without any further notice.