Joomla 3.6.2 has just been released (soon after version 3.6.1) and we recommend that you update.
These releases squashed some bugs and also fixes some low and medium-level security issues.
One security issue was especially tricky to fix and was related to how Joomla updates. As a result, the Joomla team have recommended a slightly different approach when updating your sites to Joomla 3.6.2.
Here's the recommended process for Joomla 3 sites:
Step 1: If you're not already there, update your site to Joomla 3.6.0.
Step 2: Go to Extensions > Manage > Update. You should see a "Joomla! Update Component Update", as in the image below:
Step 3. You can update as normal to 3.6.2.
By doing things this way, you get the safest and most reliable update to Joomla 3.6.2.
Do you get an invalid token error?
We've seen reports of some people getting a message like this after updating:
The most recent request was denied because it contained an invalid security token. Please refresh the page and try again.
This is also related to this security update. If you see the invalid token message, the solution is simple:
- Go to Extension > Manage > Database.
- Click "Fix".
Are you using Akeeba Backup?
As noted by people in the comments below, Akeeba Backup users should do one of two things:
- Update to Akeeba Backup 5.1.4 before updating Joomla, or
- Disable Akeeba's "Backup on Update" plugin.