Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive

Joomla 1.5.12

One week after the call for help testing Joomla! 1.5.12 RC, the Joomla! Project release the final version of Joomla 1.5.12 [Wojmamni Ama Woi]. (The codename Wojmamni Ama Woi comes from Yaqui language spoken by aboriginals in America. It means the number 12.) This release contains a number of bug fixes and three moderate-level security fixes.

Here are the security fixes included in this version:

  • Moderate Priority - Core - Frontend XSS. An attacker can inject JavaScript into URL to be executed on a user's browser.
  • Moderate Priority - Core - Missing JEXEC check. Scripts may expose internal path information.
  • Moderate Priority - Core - Frontend XSS. HTTP_REFERER is not properly parsed which may allow code injection.

A couple of important changes makes this release an important milestone for the Joomla Project. First, the upgrade of the PEAR library to the new BSD licensed version brings the codebase into full compliance with the GPL. In addition, this release contains an important upgrade to TinyMCE v 3.2.4.1.

See the full list of changes at Joomla! 1.5.12 Released page. Full and upgrade release packages can be downloaded there.

 

Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive

Joomla! Project is asking for help in testing the coming Joomla! 1.5.12. They recently (6/24) released Joomla! 1.5.12 Relase Candidate. This version contains 22 bug fixes as well as two major feature updates. The project development team feels that those changes are significant enough to warrant extra community testing.

 

One of the major updates is the upgrade of TinyMCE. Joomla! 1.5.x has been using the older version 2 for a long while. Joomla! 1.5.12 will employ the latest TinyMCE version 3. Because there are quite many changes from the earlier version, more tests are needed to ensure its proper working with Joomla!.

The other major update requires extra testing concerns PHPMailer class. Changes were made to the framework PHPMailer class in order to allow secure connections (SSL/TLS) to SMTP servers. Given these changes, Joomla! is now able to use services such as Gmail to handle e-mail from the application.

You should first verify normal email functions are working as before, then test it using your Gmail account. Using following options in Global Configuration -> Server for your tests:

  • Mailer: SMTP Server
  • SMTP Authentication: Yes
  • SMTP Username: Your Gmail username
  • SMTP Password: Your Gmail password
  • SMTP Host: tls://smtp.gmail.com:465

Please download Joomla! 1.5.12.RC at it announcemnet page. Any feedback regarding your testing results can be submitted as comments on that page.

Because this is a release candidate, please don't use it on a live production site.

 

Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive

Joom!Fish development team notified its club members over the weekend (6/22) the availability of the first pre-release of Joom!Fish 2.1. This version contains several bug fixes as well as additional features that make all the extra extensions more efficient.

There is expected to be one more pre-release before the final versoin. The final release of Joom!Fish 2.1 will also incorporate features requested through the feedback system and major clean-up of the language files.

If you are a member of Joom!Fish club, you are welcome to download this pre-release from the club download page. This version is considered by Joom!Fish developers as stable. However, please perform a backup before upgrading.

Please report any bugs and issues regarding this pre-release in Joom!Fish support forum.

 

User Rating: 4 / 5

Star ActiveStar ActiveStar ActiveStar ActiveStar Inactive

The latest Traditional Chinese language packs have been released by Joomla! Taiwan. These packs are updates to support recently released Joomla! 1.5.11. According to Joomla! Taiwan, there are only three files changed since last version. Two separate language packs are provided, one for front end and the other for back end. You can find them at the home page of Joomla! Taiwan.

 

Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive

Today (June 3) a new Joomla! release was announced. This new version, Joomla! 1.5.11 [Vea], is a security release. Users of previous versions are encouraged to upgrade as soon as possible.

Two moderate-level and one low-level security issues are fixed in this release.

  • Moderate Priority: Core - A XSS vulnerability exists in the user view of com_users in the administrator panel.
  • Moderate Priority: Core - A XSS vulnerability exists in the JA_Purity template which ships with Joomla! 1.5.
  • Low Priority: Core - Some values were output from the database without being properly escaped which may allow XSS exploits.

In addition to those security issues, it also patches up bugs in components, modules, templates, language, administrator and system.

As always, please head for the official announcement page for details and downloads.

FaLang translation system by Faboba