15Jan Joomla 1.5.9 Security Release Now Available
img alt=”Joomla 1.5.9 Released” class=”float-img-left” src=”http://www.joomla.org/images/stories/security_release.png” / br /
pThe Joomla Project announces the evident accessibility of Joomla 1.5.9 [Vatani]. strongThis is the confidence recover as well as users have been strongly speedy to ascent immediately.#160;/strongbr /
br /
It has been around dual months given the rel=’nofollow’ href=”http://www.joomla.org/announcements/release-news/5219-joomla-158-released.html”Joomla 1.5.8 was released/a upon Nov 10, 2008. The the rel=’nofollow’ href=”http://docs.joomla.org/Development_Working_Group”Development Working Group’s/a idea is to go upon to yield regular, revisit updates to the Joomla community. br /
#160;/p
br /
br /
br /
br /
br /
h2Download/h2
h3a rel=’nofollow’ href=”http://joomlacode.org/gf/project/joomla/frs/?action=FrsReleaseViewrelease_id=9294″Click here to download Joomla 1.5.9 (Full package) »/a/h3
h3a rel=’nofollow’ href=”http://joomlacode.org/gf/project/joomla/frs/?action=FrsReleaseViewamp;release_id=9293″Click here to find an refurbish package. »/a/h3
h2Instructions/h2
ul
lia rel=’nofollow’ href=”http://help.joomla.org/content/category/48/268/302/”New installation/a as well as the rel=’nofollow’ href=”http://www.joomla.org/about-joomla/technical-requirements.html”technical requirements/a/li
lia rel=’nofollow’ href=”http://docs.joomla.org/Upgrading_1.5_from_an_existing_1.5x_version”Upgrade from an existent Joomla 1.5 version/a/li
lia rel=’nofollow’ href=”http://docs.joomla.org/Migrating_from_1.0.x_to_1.5_Stable”Migration from Joomla! 1.0.x/a/li
/ul
pWant to exam expostulate Joomla? Try the a rel=’nofollow’ href=”http://demo.joomla.org/”online demo/a. the rel=’nofollow’ href=”http://docs.joomla.org/Beginners”Documentation is accessible for beginners./a/p
h2Release Notes/h2
pCheck the a rel=’nofollow’ href=”http://docs.joomla.org/Category:Version_1.5.9_FAQ”Joomla 1.5.9 Post-Release Notes/a to see if there have been critical equipment as well as beneficial hints detected after the release./p
h3Security/h3
pOne low-level as well as the single high-level confidence emanate were bound in this release:/p
ul
liHigh Priority: Directory Traversal. A crafted ask can concede an assailant to perspective office trees upon the server. Note: essence of files cannot be edited or deleted, only viewed. the rel=’nofollow’ href=”http://developer.joomla.org/security/news/288-20090102-core-plgxstandard-directory-traversal.html”More inform »/a/li
liLow Priority: SSL Session Token Disclosure. When regulating the site as SSL ONLY, if the non-SSL ask is made, an assailant can acquire the event token. There is NO risk for Web sites which make make use of of both HTTP as well as HTTPS. the rel=’nofollow’ href=”http://developer.joomla.org/security/news/287-20090101-core-jsession-ssl-session-disclosure.html”More inform »/a/li
/ul
pFor one some-more information, revisit the a rel=’nofollow’ href=”http://developer.joomla.org/security.html”Joomla Security Center/a./p
h3Components/h3
ul
liFixed Contact Page so which the vacant page is not displayed when vCard is not enabled, though is comparison in the Contact Parameters (10680)/li
liResolved complaint with Category View Table where filter did not work when cache was enabled (10840)/li
livCard no longer displays additional spaces (11871)/li
liSmall shift in components/com_banners/models/banner.php (12577)/li
liResolved shabby XHTML 1.0 Transitional issues introduced in 1.5.7 for the Contact form (12868)/li
liFixed complaint which resulted in erring ’404 – Contact not found’ page for dropdown in Contact View (12989)/li
liFixed Contact Category URL problems (13045)/li
liFulltext Search for Uncategorized as well as Archived Articles is right away operative (13490)/li
lionPrepareContent emanate for non-com_content Components ensuing in the notice summary has been resolved (13505)/li
li’Change Contact Details’ couple right away loads scold page (13542)/li
liContact picture not displaying in front finish (13643)/li
liFront-end essay acquiescence no longer auto-populates, finish edition date with same date as begin edition (13673)/li
liMedia Manager Javascript error: “Object doesn’t await this skill or method” which presented for IE has been bound (13761)/li
liSpace in between meta keywords no longer private when saving Articles (13794)/li
licom_installer Module View right away rightly displays Author e-mail as well as URL (13942)/li
liRobots as well as Author meta defended when duplicating Articles (13949)/li
liArticle Archive pagination bound (14070)/li
liCorrection so which unregistered site visitors can no longer entrance PDF for purebred Articles (14196)/li
liHits filter in Category List bound (14390)/li
liResolved complaint where “Register to review more” wrongly redirected to Front Page, rsther than than Article (14392)/li
liPoll blunder summary resolved (14394)/li
liResolved complaint where Category List unsuccessful to keep Column Sort welfare when navigating to the opposite page (14398)/li
liResolved complaint in Category List where becoming different Display # to All in page 2 of list would arrangement no formula (12932)/li
liCategory List right away rightly shows filtering choice in make make use of of (14402)/li
liCorrected 404 blunder which resulted when menu entrance was set to Public as well as Contact Item is Registered (14412)/li
/ul
h3Modules/h3
ul
liNew modules can right away be added, even when there have been no modules entries already tangible (11874)/li
liInconsistency private for Login/Logout Redirection page of mod_login (13611)/li
liJMenu getMenu() doc blunder prepared (13617)/li
liArchive Module Count Parameter as well as Tool Tip corrections (13694)/li
liSTRPOS blunder prepared when modifying Alias Menu Item (13909)/li
liToolbar Image right away points to an existent picture (14171)/li
/ul
h3Plugins/h3
ul
liOpenID upgraded to 2.0 protocol, right away functions with Yahoo (12217)/li
liplgSystemCache plugin right away apply oneself site as well as page denunciation (12115)/li
liPage fibre in plugins/content/pagebreak.php is right away scrupulously externalized (12730)/li
liLegacy Plugin – Login Timeout resolved (13662)/li
liAccess turn for Plugins bound (14106)/li
liFixed OpenID Transition issues (14433)/li
/ul
h3Legacy/h3
ul
liNo issues bound for this release/li
/ul
h3Templates/h3
ul
liRTL feeds PARAM is right away saved in database which corrects RTL feeds in Milkyway as well as Beez (11235)/li
liCSS as well as XHTML current blunder in JA_Purity resolved, as was shabby CSS validator couple (12887)/li
liJA_Purity default standing for Modules tangible for right upon all sides right away fall correctly, when brand new (12925)/li
liFixed CSS errors in rhuk_milkyway/css/template_rtl.css (13517)/li
liMissing H1 text-align in rhuk_milkyway/css/template_rtl.css bound (13570)/li
liBeez template overrule for com_search right away displays blunder messages rightly (13584)/li
liCorrected Last Updated date for Beez Template (13632)/li
liResolved inconsistencies for Beez Template Override Page Titles (13634)/li
liContact picture changes for Beez overrule (13700)/li
liIncorrect File Reference prepared for Beez Template (13859)/li
liShort PHP Notation in Beez Windows hosting bug introduced in 12798 has been bound (14313)/li
lien-GB.com_statistics.ini have been right away rightly deleted (14391)/li
liRemoved nonessential fibre in JA_Purity template (14414)/li
liRemoved nonessential strings in rhuk_Milkyway template (14415)/li
/ul
h3Language/h3
ul
liLanguage INI files which were wrongly encoded regulating UTF-8 with BOM have been bound (13499)/li
liUntranslated strings in en-GB.ini after SVN 11236 have been bound (13514)/li
liFixed untranslated strings in com_weblinks (13608)/li
liFixed untranslated strings in com_contact (13626)/li
liFixed untranslated Strings in admin/mod_feed (13666)/li
liSpacer values have been right away translatable (14308)/li
liFixed emanate with JA_Purity spacer so which it is right away translatable (14360)/li
liResolved superfluous English fibre hard-coded in mod_search (14374)/li
liString blank in en-GB.com_installer.ini (14389)/li
liResolved untranslated denunciation fibre for “Email the Friend” underline (14395)/li
liTooltip denunciation fibre in com_config prepared (13633)/li
/ul
h3Administrator/h3
ul
liAdded improved tooltip calm for the Help Server Reset symbol in Global Configuration System Settings (12023)/li
liToolbar amp; worth bound for Media Manager symbol (12841)/li
liJInstallerHelper Class Function outline has been prepared (13574)/li
liHelp screens done (13616)/li
liRemove default filter for Super Admininistrator as well as repair filter whitelist complaint (13770)/li
liCorrected blunder where Editor deleted calm for default filter; UTF-8 harmony is right away enforced with JInputFilter (13901)/li
liRemoved aged dev.joomla.org links (14227)/li
/ul
h3System/h3
ul
liquery_batch prepared for SQL blunder (12247)/li
liuri.php changes done in 1.5.7 no longer mangle back-end URLs if $live_site=Http has an uppercase H (12812)/li
liJFolder::delete bug bound when printed matter enclose mystic links upon folders (12939)/li
liTypo in sample_data.sql resolved (13549)/li
liLicense improvement for PHPMailer in CREDITS.php (13811)/li
liFixed blunder which resulted from invoking JDatabase::Query() some-more than once (13860)/li
liCache space is right away rightly expelled (14317)/li
liString bug for strspn() resolved (14339)/li
liWeird characters private from LICENSES.php record (14408)/li
liRemoved old-fashioned couple in the installer denunciation record (14410)/li
liFixed typo in Cache Manager (14434)/li
liUpdated Archive_Tar to relicensed BSD chronicle (12746)/li
/ul
h2Statistics/h2
pStatistics for the 1.5.9 recover period:/p
ul
liJoomla 1.5.9 contains:
ul
li81 issues bound in SVN/li
li55 commits/li
/ul
/li
liTracker wake up resulted in the net diminution of 1 active issue:
ul
li169 brand new reports/li
li92 closed/li
li81 bound in SVN/li
/ul
/li
liAt the time the 1.5.9 recover was packaged, the tracker had 113 active issues:
ul
li63 open/li
li47 confirmed/li
li3 pending/li
/ul
/li
/ul
h2Joomla! Bug Squad/h2
pThanks to the a rel=’nofollow’ href=”http://docs.joomla.org/Bug_Squad”Joomla Bug Squad/a for their dedicated efforts questioning reports, regulating problems, as well as requesting rags to Joomla. If we find the bug with Joomla, the rel=’nofollow’ href=”http://docs.joomla.org/Filing_bugs_and_issues”find out some-more inform here/a upon how to inform the bug./p
pstrongActive members of the Joomla Bug Squad during this final recover cycle include:/strong#160;Ian MacLennan as well as Mark Dexter co-coordinators; Airton Torres, Arno Zijlstra, Akarawuth Tamrareang, Alan Langford, Anthony Ferrara, Amy Stephen, Andrew Eddie, Eduardo Diaz, Elin Waring, Ercan Ozkaya, Gergo Erdosi, Hannes Papenberg, Kevin Devine, Marijke Stuivenberg, Mickael Maison, Robin Muilwijk, Samuel Moffatt, Shantanu Bala, Tibor Toth, as well as Wilco Jansen./p
pstrongA comfortable acquire to the newest members of the Joomla Bug Squad:/strong#160;Joe Sonne, Klas Berli?, as well as Mithun Kumar./p
pa rel=’nofollow’ href=”http://feedads.googleadservices.com/~a/SkLhMturdQYd8pABptKYi_UkEZY/a”img src=”http://feedads.googleadservices.com/~a/SkLhMturdQYd8pABptKYi_UkEZY/i” border=”0″ ismap=”true”/img/a/pdiv class=”feedflare”
a rel=’nofollow’ href=”http://feedproxy.google.com/~f/JoomlaAnnouncements?a=UmSJVI1N”img src=”http://feedproxy.google.com/~f/JoomlaAnnouncements?d=41″ border=”0″/img/a the rel=’nofollow’ href=”http://feedproxy.google.com/~f/JoomlaAnnouncements?a=5DZBv3WM”img src=”http://feedproxy.google.com/~f/JoomlaAnnouncements?i=5DZBv3WM” border=”0″/img/a
/div
