jNews 8.7 is now available. This is a security update for all previous versions and we strongly encourage you to update your sites immediately.
This release addresses an inadequate filtering of user input that leads to SQL injection vulnerability. All previous version of jNews are affected.
We also added the following bug fixes;
- Fixed: Bootstrap conflict in jNews frontend
- Fixed: jNews users are not syncing when you create a List when 'Auto-subscribes Users" is defined.
- Fixed: Email subject with an apostrophe are not replaced when you receieve in your mail inbox
Upgrading to jNews 8.7
- In order to update to the latest version of jNews your site must be running under Joomla 3.x environment. For Joomla 2.5.x users, you can update but we do not guarantee full compatibility since we no longer perform test cases under this environment.
Joomla 1.0 and 1.5 are no longer supported.
If you purchased jNews after June 2013:
- Download the latest version of jNews from the orders page "My Orders" when you login to your joobi.org account. Take note that you have to login using your account that you used to purchase jNews.
- After downloading jNews, please login to your Joomla admin → Extensions → Manage and install over your newly downloaded file
If you purchased jNews before June 2013:
- Please contact Joobi support and supply us your order number and site URL where jNews is installed.
If you customized certain functionality in the jNews component, plugins and module, you have to backup your custom code before doing the update.
This release is freely available for users who purchased jNews license.. However, you will not be able to obtain support provided if your 1 year free support contract has expired. You have to renew your membership if you need further assistance.