• Royal Pavilion

  • Community

  • South Downs

  • LIttlehampton Pier

  • Eastbourne

  • White Horse Wilmington

  • Sussex-Coast

Copyright 2017 - Custom text here
Thursday, 04 August 2016 09:39

j3.6.1 security release

Written by
Rate this item
(0 votes)

During the latest release of Joomla! 3.6.1 an issue emerged because of a security fix. 3.6.1 introduced a CSRF token check to the Joomla! Update component as an extra level of security to fix a Medium Level security issue. 3.6.0 down to 2.5.4 (every Joomla! release with the update component) will hit an issue with failing to pass the CSRF token check because those versions don't generate the needed token to pass the check.

Therefore we have had to make some emergency decisions:

Updating from Joomla! 2.5.x

Unfortunately there was a bug when updating Joomla! 2.5.x to 3.6.0 - this was patched in the 3.6.1 release - however as this migration is no longer possible - you will need to first migrate to Joomla! 3.5.1 then upgrade to 3.6.0. Then follow the steps below for users on Joomla! 3.6.0.

Updating from Joomla! 3.0.0-3.5.1

Update to Joomla! 3.6.0 through the Joomla! Update component. Then follow the steps below for users on Joomla! 3.6.0.

Updating from Joomla! 3.6.0

Update the Joomla! Update Component through the Extension Manager. Then use the Joomla! Update component to update to the latest 3.6.x version.

For those who have updated to 3.6.1 from 3.6.0 already

For those who have already updated to Joomla! 3.6.1 don’t worry. All the new 3.6.1 files have been successfully put in place. Simply run the database fixer tool to delete the one file we have removed.

For those who have updated to 3.6.1 from a version earlier than 3.6.0 already

Your files have been updated. You must treat this upgrade as if you have updated Joomla! by unzipping the files over your existing system. We strongly advise that you run the database fixer tool to clean up outdated files and update the database structure. Note this will not fix any insert or updates by design as we cannot verify that these have happened before. Therefore you will need to manually apply these changes yourself. We apologise for the inconvenience this causes our users.

All Versions (2.5.4 to 3.6.0) - Manual Upgrade

Though we do not encourage this practice, it is possible to update Joomla! manually (similar to Joomla! 1.5 updates) and perform a proper upgrade. There is a script with detailed instructions available at https://gist.github.com/mbabker/d7bfb4e1e2fbc6b7815a733607f89281

Read 401 times
Login to post comments
  • To Enable users in Brighton and Hove and other Sussex areas to meet face to face. To expand Joomla!®. use and knowledge within the Sussex area. We are also on  LinkedIn & Facebook

f t g m


Joomla! User Groups™ are officially recognized and licensed by, but not organized or operated by, Open Source Matters, Inc. (OSM) on behalf of The Joomla! Project™. Each Joomla! User Group, along with their events, are independently managed by a local community. Use of the Joomla!® name, symbol, logo and related trademarks is licensed by Open Source Matters, Inc.


The Joomla!® name and logo is used under a limited license granted by Open Source Matters the trademark holder in the United States and other countries.
joomlasussex.uk is not affiliated with or endorsed by Open Source Matters or the Joomla!® Project