Joomla! 3.7.1 is now available. This is a security release for the 3.x series of Joomla! which addresses one critical security vulnerability and several bug fixes. We strongly recommend that you update your sites immediately.
This release only contains security and bug fixes; no other changes have been made compared to the Joomla! 3.7.0 release. Joomla! 3.7.1 is released to address a critical security issue as well as several bugs.
Security Issues Fixed
High Priority - Core - SQL Injection (affecting Joomla! 3.7.0
- Fixed attribute checks in the new calendar #15573
- Inject the JInput dependency into the session handler #15605
- Fix b/c break in JMenuItem #15553
- Fix article ordering in the backend #15655
- Fix milliseconds handling in for PHP Versions lower to 7.1.0 #15853
- Fixing JFilterInput adding byte offsets to character offset #15966
- Redirection fails on multiple status values produced by old FOF2 Extensions #15738
- Remove empty locked cache file if callback function terminate process #15592