|
JCE
Pro 2.9.99.7 Released
|
This
release continues the security work of
the previous versions and fixes the
upload problems some sites saw after
2.9.99.6.
Highlights:
- Fixes
false positive PHP tag detection
that was blocking legitimate image
and file uploads after 2.9.99.6.
- Further
hardening across the upload pipeline
and profile import, continuing the
defence in depth approach.
- JCE can
now be installed on Joomla 3.9 and
later. PHP 7.4 or later is still
required.
- A new
Permitted User Groups option is
available in the Security tab in the
Component parameters. (Components
-> JCE Editor -> Control
Panel, then click the Options
button)Whitelist the groups eligible
for profile assignment and import,
and anything outside it is ignored.
This guards against over-permissive
groups slipping in, for example when
importing a profile from another
site, or another admin adding a
group to a profile that should not
be there. Empty and inactive by
default, so existing sites are
unaffected unless you configure it.
|
|
|
Configure
a Permitted User Group whitelist for
all Editor Profiles
|
|
|
Update
fatigue is real. If you manage
multiple sites you might consider
services like BackupMonkey and MySites.guru, which
assist in managing and updating
multiple Joomla sites.
|
The
update is available via the Joomla
Updater on your site, or in the JCE
Downloads area.
Please
Note: JCE Pro is compatible with
Joomla 3.10.x, 4.2+, 5 and 6, and does
not require the Backwards
Compatibility plugin for Joomla 5 or
Joomla 6.
|
|
|
|
|
Thank
you to everyone who helped get theses
releases ready by testing development
versions and submitting bug reports.
If you find any more issues please
submit them on the forum or on github.
|
|
|
Download
and Installation
The
update should be available in the
Extensions Update Manager on your
site. Please make sure you set
your key before
updating. Alternatively, click the
button below to access the Downloads
area.
Instructions
for installing and updating JCE are available
here.
|
|
|
|
|