• News

    The latest info on JoomlaCamp and JoomlaDay Chicago

JoomlaDay Chicago and JoomlaCamp Chicago News

Information about the Joomla World Conference 2019

Information about the Joomla World Conference 2019

After a year without a JWC in 2018, the board were eager to bring together the Joomla! Community with a World Conference in 2019. London was chosen as a venue and the dates were announced for November 2019.

Planning for this event was at an advanced stage and tickets were being sold. Then the deadline for Brexit was extended to 31st October 2019 and in the last week the new UK Prime Minister, Boris Johnson has been elected with a mandate to ensure Brexit happens on 31st October, even if that means without any form of deal with the EU.

Sadly, for an international conference planned for the weeks after Brexit, there is considerable doubt and uncertainty around travel requirements to the UK and what (if any) visas may be required. This coupled with the huge workload already on the limited resources of the community with Joomla 4 at an advanced development stage, the Board has very reluctantly taken the decision to postpone JWC2019 to some date yet to be announced.

We will be going through the process of refunding tickets to those who have purchased and will keep you informed as soon as a new event can be scheduled. Whilst this is an unfortunate decision, we feel that the uncertainty over potential travel restrictions could lead to many international attendees either not being able to attend, or not wanting to risk planning travel before there is certainty about Brexit. It is therefore prudent to take this decision now rather than risk significant losses should the event have to be cancelled at the last minute.

Joomla is a global and productive Community creating and developing the award winning CMS software which powers around 3% of all websites. Together we have created both a truly remarkable software package as well as a community of like minded volunteers who strive to contribute and add to making Joomla even more wonderful.

Continue reading
  1020 Hits
  0 Comments

Copyright

© Joomla.org

1020 Hits
0 Comments

JoomlaDay Chicago 2019 Schedule Posted

schedule-template

The 2019 JoomlaDay Chicago schedule is now live on our site.  We have some fantastic sessions to help you build a better Joomla! site.  The day includes informational sessions, Panel Discussion with our speakers, exam review sessions, and the Joomla Certification Exam.

There is one spot remaining.  We are working to fill it in the next few weeks.  Got ideas?  Let us know.

Our speakers bring varied experiences and we appreciate them giving of their time to share them with us and all of you. The topics are for beginners and beyond.  The only requirement for you to attend is an interest in learning more about Joomla!  

The day begins with welcome address from SD Williams and Keynote Address by Jason Nickerson a long-time Joomla Community member.  Jason will also discuss how to Optimize Everything on your site later in the day.

For many, building Joomla sites is not a hobby but a business, Joe Sonne, a long-time Joomla Community member, will share insights and tips on Building a Successful Joomla Based Business.

Continue reading
  1519 Hits
  0 Comments

Copyright

© JoomlaDay Chicago

1519 Hits
0 Comments

Joomla 3.9.10 Release

Joomla 3.9.10 Release

Joomla 3.9.10 is now available. This is a bug fix release for the 3.x series of Joomla which addresses one bug introduced into 3.9.9, affecting template styles of multilingual web sites.

What's in 3.9.10?

Joomla 3.9.10 is fixing one bug introduced into Joomla 3.9.9 which affects the template styles of multilingual sites and results in lost data.

Please read this JDocs FAQ page to learn more about this issue and its fix.

IMPORTANT information for users who have already updated to 3.9.9 and faced this issue.
Due to a bad sql update, the template style mapping to content languages has been lost. Unfortunately, this is an unrecoverable error.
You must either:

  • Restore the data manually by upgrading to Joomla 3.9.10 and then manually editing each template style and using the "Default" Field to the language required 
  • Or restore a 3.9.8 backup of your sites to recover the data before updating to Joomla 3.9.10.


We would like to take a moment to apologise to our users. 
Whilst we understand that a release which introduces a major bug is always serious - in this case the bug involved actual data lost from sites. This is a red line for us. We are going to go away and look at how we can improve our release and testing strategies and report back to our users when this is complete, detailing how we aim to improve in the future.

Continue reading
  1035 Hits
  0 Comments

Copyright

© Joomla.org

1035 Hits
0 Comments

Joomla 3.9.9 Release

Joomla 3.9.9 Release

Joomla 3.9.9 is now available. This is a security fix release for the 3.x series of Joomla which addresses one security vulnerability and contains over 30 bug fixes and improvements.

What's in 3.9.9?

Joomla 3.9.9 includes one security vulnerability fix and several bugs and improvements, including:

Security Issues Fixed

  • Low Priority - Core - Filter attribute in subform fields allows remote code execution (affecting Joomla 3.9.7 through 3.9.8) More information »

Bug fixes and Improvements

  • Repeatable Custom Fields: fix to keep HTML tags #25189
  • Media Manager: Modal layout improved #22475
  • Voting: Cache cleaned after voting #25201
  • Article ordering: Items grouped by category first #25295
  • Batch system: Improvements for Contact and Newsfeed #25259

Visit GitHub for the full list of bug fixes.

Download

Upgrade Packages

Upgrade Packages
Joomla 3 upgrade packages

Note: Please read the update instructions before updating.
Remember… Please clear your browser's cache after updating.
Found a bug? Report it on the Joomla Issue Tracker.
Questions? See the documentation wiki for FAQ’s regarding the 3.9.9 release.

Continue reading
  1157 Hits
  0 Comments

Copyright

© Joomla.org

1157 Hits
0 Comments

The Single Sign On, Identity and Consent Management on Joomla.org

The Single Sign On, Identity and Consent Management on Joomla.org

Privacy Laws like GDPR introduced several new requirements that changed the way we think the data management and the pathway to the privacy compliance.

Read More ...

  990 Hits
  0 Comments

Copyright

© Joomla.org

990 Hits
0 Comments

4th of July Sale - Tickets $40 for 4 Days

4thjuly

In honor of the 4th of July holiday, we're offering a chance for you to purchase JoomlaDay Chicago tickets for $40 for 4 days, July 4th thru July 7th. Bring your team or clients for more savings.

Don't delay!  There is limited space for sessions, exam and networking.  The event is located in the heart of Chicago, The Loop.  Get your tickets now.

Pricing valid July 4th through July 7th 11:59pm only.

  1458 Hits
  0 Comments
1458 Hits
0 Comments

JoomlaDay Texas September 28, 2019

jdayTXLOGO-header

JoomlaDay Texas will be in the Live Music Capital of the World, Austin, TX!  The event will be on Sepember 28, 2019, a little less than a month before our own JoomlaDay event.  

Each year the JoomlaDay Texas event rotates throughout Texas.  In 2018, it was held in Houston.  Through events like JoomlaDay we strength the Joomla! community, meeting, sharing, learning, and supporting each other - beginners to seasoned advanced users/developers.

Learn more at https://www.joomladaytexas.com/

  1298 Hits
  0 Comments
1298 Hits
0 Comments

JWC Speakers Confirmed

jwclogo-410

The Joomla! World Conference is November 8-10, 2019 in London UK at the Ilec Conference Center.  The main stage speakers have been confirmed.  This three-day conference includes a full day of workshops and 2 days of 4 track conference sessions.  Speakers include Joomla 4 Release Lead, George Wilson, Joomla President Rowan Hoskyns Abrahall, and more.

Joomla World Conference, or JWC, is in its 7th season and is an event the brings like minded individual together to meet, learn, share, and connect.  

For more information and buy tickets, go to: conference.joomla.org

  1508 Hits
  0 Comments
1508 Hits
0 Comments

Our Keynote Speaker - Jason Nickerson

2019-keynote-speaker-nickerson

In a few short months will be 2019 JoomlaDay Chicago.  This year's Keynote Speaker is Jason Nickerson. 

Jason is a Joomla! volunteer and contributor. He currently heads up the Legal and Finance department of OSM, Open Source Matters, and has been the organizer of the Tampa Joomla Users Group and the annual JoomlaDay Florida. Jason's latest position is with the cPanel Community Team as an event planner working on the cPConference and with cPanel sponsored events like JoomlaDay Chicago.

 

  1561 Hits
  0 Comments
1561 Hits
0 Comments

Joomla 3.9.8 Release

Joomla 3.9.8 Release

Joomla 3.9.8 is now available. This is a bug fix release for the 3.x series of Joomla which addresses one bug introduced into 3.9.7 which affects web sites using the French Help Server.

What's in 3.9.8?

Joomla 3.9.8 is fixing one bug introduced into Joomla 3.9.7, due to the removal of the French Help Server.

Visit GitHub for more information about this issue.

Download

Upgrade Packages

Upgrade Packages
Joomla 3 upgrade packages

Note: Please read the update instructions before updating.
Remember… Please clear your browser's cache after updating.
Found a bug? Report it on the Joomla Issue Tracker.
Questions? See the documentation wiki for FAQ’s regarding the 3.9.8 release.

Continue reading
  1569 Hits
  0 Comments

Copyright

© Joomla.org

1569 Hits
0 Comments

Joomla 3.9.7 Release

Joomla 3.9.7 Release

Joomla 3.9.7 is now available. This is a security fix release for the 3.x series of Joomla which addresses three security vulnerabilities and contains over 40 bug fixes and improvements.

What's in 3.9.7?

Joomla 3.9.7 includes three security vulnerability fixes and several bugs and improvements, including:

Security Issues Fixed

  • Low Priority - Core - CSV injection in com_actionlogs (affecting Joomla 3.9.0 through 3.9.6) More information »
  • Low Priority - Core - XSS in subform field (affecting Joomla 3.6.0 through 3.9.6) More information »
  • Low Priority - Core - ACL hardening of com_joomlaupdate (affecting Joomla 3.8.13 through 3.9.6) More information »

Bug fixes and Improvements

  • Batch system: Copy permissions of modules #24737 and categories #24730
  • Progessive cache improvements #20310
  • Fix to avoid duplicated custom fields in com_content #24516
  • RTL improvements #23107 #24722
  • Removal of the unofficial French Help Server #24927
  • TinyMCE improvements: #24978 #25037
  • RSS: Fix to display the right category #24932
  • Media Manager: Fix directory traversal for symlinked folders #24924
  • User registration: Correct http schema used #24089

Visit GitHub for the full list of bug fixes.

Download

Upgrade Packages

Upgrade Packages
Joomla 3 upgrade packages

Note: Please read the update instructions before updating.
Remember… Please clear your browser's cache after updating.
Found a bug? Report it on the Joomla Issue Tracker.
Questions? See the documentation wiki for FAQ’s regarding the 3.9.7 release.

Continue reading
  1441 Hits
  0 Comments

Copyright

© Joomla.org

1441 Hits
0 Comments

Thank You JoomlaShine for Your Support

spn-joomlashine

Joomla events such as JoomlaDay and JoomlaCamp are possible through the support received from the fantastic Joomla Community.  

Thank you JoomlaShine for being a GOLD SPONSOR for this year’s event.

Tirelessly serving the Joomla community providing templates and extensions since 2007.

For more information about JoomlaShine, go to: joomlashine.com.

  1239 Hits
  0 Comments
1239 Hits
0 Comments

Have You Seen Our Video

joomladay

With the help of Joomla.org, we have a new video for this year's JoomlaDay Chicago event. View. Register. Share.

  1286 Hits
  0 Comments
1286 Hits
0 Comments

Thank You JoomlaShack for Your Support

spn-joomlashack

Joomla events such as JoomlaDay and JoomlaCamp are possible through the support received from the fantastic Joomla Community.  

Thank you JoomlaShack for being a SILVER SPONSOR for this year’s event.

Since 2005, Joomlashack has provided Joomla templates, Joomla extensions, and Joomla training for more than a million Joomla sites. Joomlashack develops some of the most popular and innovative extensions in Joomla, including OSMap, JCal Pro, OSMeta and OSEmbed.

For more information about JoomlaShack, go to: joomlashack.com.

  1024 Hits
  0 Comments
1024 Hits
0 Comments

We're Honored to Have Platinum Sponsor cPanel

spn-cpanel

Joomla events such as JoomlaDay and JoomlaCamp are possible through the support received from the fantastic Joomla Community.  

We are honored to have cPanel as PLATINUM SPONSOR and LANYARD SPONSOR for this year's event. 

Founded in 1997, cPanel has been powering the internet ever since.  cPanel has a strong sense of community and giving back, collaborating in ways to empower the community.  

For more information about cPanel, go to: cpanel.net.

  996 Hits
  0 Comments
996 Hits
0 Comments

Thank you JoomShaper for your support!

2019JoomlaDayChicago-Logo-JoomShape_20190522-213427_1

Joomla events such as JoomlaDay and JoomlaCamp are possible through the support received from the fantastic Joomla Community.  We thank JoomShaper for supporting our event by becoming a GOLD SPONSOR.  

JoomShaper is a professional web development team focused on open-source Content Management System (CMS) Joomla!  They are also a huge supporter of Joomla! by sponsoring events for several years.  They have numerous extensions and templates as well as page builder with great features.  

For more information about JoomShaper, go to: joomshaper.com 

  1153 Hits
  0 Comments
1153 Hits
0 Comments

Marketing & Communication Department Coordinator Election Result

Rachel-Walraven

We are happy to announce that the election for the replacement for the Marketing & Communications Department Coordinator has been completed.

Marketing & Communications
Department Coordinator

Rachel Walraven


Reference:

Thank you!

  897 Hits
  0 Comments

Copyright

© joomla.org

897 Hits
0 Comments

JED Server Security Incident Report

breach

Following a server level compromise of the Joomla! Extensions Directory (JED), we would like to provide our community a postmortem summary of the events leading to this issue, the response from the Joomla project team members, and a plan of action moving forward to prevent a similar type of issue in the future.

In summary, this was a preventable compromise, and after analysis, we have no reason to believe that any user data has been accessed improperly.

Issue Notification

  • At approximately 09:30 UTC on 15 May 2019, a security researcher notified the Joomla Security Strike Team (JSST) that they had discovered an internal Jenkins CI server used by the JED to deploy updates to their live and staging websites and were able to exploit CVE-2018-1000861 on the server, providing a screenshot of a sensitive file as proof of the exploit.  
  • Upon notification, JSST members worked with JED team members to bring the affected Jenkins system offline and conduct an analysis of whether this server had been compromised in other ways.

Systems Audit

  • While investigating the Jenkins server compromise, it was found that a crypto-miner had been installed and was running on the server.  A crypto-miner is a software script used to create digital currencies via abuse of server resources (CPU and memory).
  • As part of the installed software, a script was found to have been added to the server’s crontab that would attempt to connect to other servers in the local network and install the same miner.  
  • Since the Jenkins server was used to deploy site updates, the script was able to access the production JED server and install itself there.
  • Once it had been discovered on the JED server, steps were taken immediately to bring all services on the affected servers offline and access was restricted to privileged individuals in order to conduct a full root-cause analysis and to begin executing a recovery plan.
  • In parallel, the other servers hosting the joomla.org architecture were audited to ensure they had not been compromised as well, and it was determined that only the JED’s servers were affected.
  • An analysis was performed on the production JED server to determine the scope of the compromise, including when the server was presumed to be breached and what resources may have been accessed.  
  • The analysis concluded that the crypto-miner had been installed on the evening of 11 May 2019 and that there was no evidence of improper data access (including access to uploaded extension packages sent to the JED Checker and the site’s database).
  • With the analysis concluded, the compromised server was decommissioned with a replacement server activated and a file backup from 10 May 2019 and database from 15 May 2019 restored to the new server.  
  • The restoration process was completed on 16 May 2019 with the JED team taking action to re-apply pertinent user actions performed between the backup date and the time the JED was discovered to be compromised.

Plan of Action

As a result of the server compromise, several steps are being taken to ensure the security of our servers and our user’s data.  

  • First, the compromised Jenkins server is scheduled to be permanently decommissioned with the JED migrating to one of the other CI servers used by Joomla in order to eliminate a redundant resource.  
  • Second, all administrative access (server level passwords and SSH keys) are being reset.  
  • Third, out of an abundance of caution, all remember me tokens will be invalidated, and all registered users will be required to reset their passwords.  
  • Lastly, we will be reviewing our internal workflows and procedures and improving our policies and the security features made available to our users across all joomla.org subdomains (such as enabling two-factor authentication on all sites).

Questions and Answers

Q: What was the cause of the compromise?
A: A Jenkins server used to deploy updates to the JED’s production and staging websites, had not been updated to apply a security patch, resulting in the Jenkins server and the JED production server being compromised.

Q: What was the objective of the compromise?
A: According to the analysis, the crypto-miner was installed on the evening of 11 May 2019 and ran until it was detected on 15 May 2019. The crypto-miner abused server resources (CPU and memory) to mine digital currency.

Continue reading
  983 Hits
  0 Comments

Copyright

© joomla.org

983 Hits
0 Comments

Joomla 3.9.6 Release

Joomla 3.9.6 Release

J

oomla 3.9.6 is now available. This is a security fix release for the 3.x series of Joomla which addresses two security vulnerabilities and contains over 25 bug fixes and improvements.

What's in 3.9.6?

Joomla 3.9.6 includes two security vulnerability fixes and several bugs and improvements, including:

Security Issues Fixed

  • Low Priority - Core - XSS in com_users ACL debug views (affecting Joomla 1.7.0 through 3.9.5) More information »
  • Low Priority - Core - By-passing protection of Phar Stream Wrapper Interceptor (affecting Joomla 3.9.3 through 3.9.5) More information »

Bug fixes and Improvements

  • Media Manager: Fix logic in file upload check introduced in 3.9.5 #24637
  • Edge Chromium support added #24379
  • User Notes: Fix date format #24529
  • Frontend editing: article category editable by Publishers and up #24640
  • Cache: Cache folder automatically created if it doesn’t exist #21952
  • PostgreSQL database improvements #24682 #24683 #24652

Visit GitHub for the full list of bug fixes.

Download

Continue reading
  1097 Hits
  0 Comments

Copyright

© Joomla.org

1097 Hits
0 Comments

Discount Tickets for May 4th

discount-may4th

As a big Star Wars fan could not resist offering a discount on May 4th.  Until 11:59 pm on May 4th, tickets for the JoomlaDay Chicago sessions and the Joomla Review sessions for the exams will be $40.

REGISTER NOW 

  946 Hits
  0 Comments
946 Hits
0 Comments

Joomla! Volunteers Portal