(Sep 8) Multiple vulnerabilities have been discovered in qemu-kvm, a full virtualization solution on x86 hardware. The Common Vulnerabilities and Exposures project identifies the following problems: [More…]
Archive for September, 2012
(Sep 10) XML-RPC for C and C++ could be made to cause a denial of service by consumingexcessive CPU and memory resources.
(Sep 10) The system could be made to crash under certain conditions.
Joomla 2.5.9 Released
The Joomla Project is pleased to announce the immediate availability of Joomla 2.5.9. This is a security release. The Production Leadership Team’s goal is to continue to provide regular, frequent updates to the Joomla community. Learn more about Joomla! development at the Developer Site.
The update process is very simple, and complete instructions are available here. Note that there are now easier and better ways of updating than copying the files with FTP.
Download
New Installations: Click here to download Joomla 2.5.9 (Full package) »
Update Package: Click here to download Joomla 2.5.9 (Update package) »
Note: Please read the update instructions before updating.
Instructions
Want to test drive Joomla? Try the online demo or the Joomla JumpBox. Documentation is available for beginners.
Please note that you should always backup your site before upgrading.
Release Notes
Check the Joomla 2.5.9 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.
Statistics for the 2.5.9 release period
- Joomla 2.5.9 contains:
- 1 Security issue fixed
- 22 tracker issues fixed
Security Issues Fixed
- Low Priority – Core – Information Disclosure. More information »
Tracker Issues Fixed
Joomla! Bug Squad
Thanks to the Joomla Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla, please report it on the Joomla! CMS Issue Tracker.
Active members of the Joomla Bug Squad during past 3 months include: Aaron Schmitz, Akarawuth Tamrareang, Aleksander Linkov, Andrea Tarr, Andrew Eddie, Angelika Reisiger, Brian Teeman, Constantin Romankiewicz, Cristina Solana, Daria Mikhailova, Dennis Hermacki, Elin Waring, Harald Leithner, Jacob Waisner, James Brice, Jan Kuchař, Janich Rasmussen, Jean-Marie Simonet, Jonathan M. Cameron, Kevin Griffiths, Lukas Polak, Mark Dexter, Mark Lee, Michael Babker, Milton Bryant, Moises Jafet Cornelio-Vargas, Nicholas Antimisiaris, Nicholas K. Dionysopoulos, Nick Savov, Nikolai Plath, Ofer Cohen, Omar Ramos, Peter van Westen, Peter Wiseman, Rob Clayburn, Roberto Segura, Roland Dalmulder , Soheil Novinfard, Tessa Mero, Troy Thomas Hall, Viet Hoang Vu.
Bug Squad Leadership: Mark Dexter, Coordinator. Super-star contributors and leaders by example: Jean-Marie Simonet and Elin Waring.
Joomla! Security Strike Team
A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla secure. Members include: Airton Torres, Alan Langford, Bill Richardson, Elin Waring, Gary Brooks, Jason Kendall, Jean-Marie Simonet, Jeremy Wilken, Marijke Stuivenberg, Mark Boos, Mark Dexter, Michael Babker, Pushapraj Sharma, Rouven Weßling.
Joomla 2.5.7 Released
The Joomla Project is pleased to announce the immediate availability of Joomla 2.5.7. This is a security release. The Production Leadership Team’s goal is to continue to provide regular, frequent updates to the Joomla community. Learn more about Joomla! development at the Developer Site.
The update process is very simple, and complete instructions are available here. Note that there are now easier and better ways of updating than copying the files with FTP.
Download
New Installations: Click here to download Joomla 2.5.7 (Full package) »
Update Package: Click here to download Joomla 2.5.7 (Update package) »
Note: Please read the update instructions before updating.
Instructions
Want to test drive Joomla? Try the online demo or the Joomla JumpBox. Documentation is available for beginners.
Please note that you should always backup your site before upgrading.
Release Notes
Check the Joomla 2.5.7 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.
Statistics for the 2.5.7 release period
- Joomla 2.5.7 contains:
- 1 new feature added
- 2 Security issues fixed
- 42 tracker issues fixed
New Feature Added
- Installing Language packs from Extension Manager in 2.5.x. Javier Gómez. Click here to read a blog about this new feature.
Security Issues Fixed
- Low Priority – Core – XSS Vulnerability. More information »
- Low Priority – Core – XSS Vulnerability. More information »
Tracker Issues Fixed
Joomla! Bug Squad
Thanks to the Joomla Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla, please report it on the Joomla! CMS Issue Tracker.
Active members of the Joomla Bug Squad during this last release cycle include: Aaron Wood, Andrea Tarr, Bill Richardson, Brian Teeman, Christophe Demko, Dean Clarke, Dennis Hermacki, Elin Waring, Emerson Rocha Luiz, Harald Leithner, Itamar Elharar, Jacob Waisner, James Brice, Janich Rasmussen, Jean-Marie Simonet, Kevin Griffiths, Loyd Headrick, Marijke Stuivenberg, Marius van Rijnsoever, Mark Dexter, Matt Thomas, Michael Babker, Neil McNulty, Nicholas Dionysopoulos, Nick Savov, Nikolai Plath, Ofer Cohen, Peter Wiseman, rachmat wakjaer, Radek Suski, rob clayburn, Roland Dalmulder, Rouven Weßling, Rune Sjøen, Samuel Moffatt, Shaun Maunder, Soheil Novinfard, Troy Hall, Viet Vu.
Bug Squad Leadership: Mark Dexter, Coordinator; Elin Waring and Marijke Stuivenberg, Team Leaders.
Joomla! Security Strike Team
A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla secure. Members include: Airton Torres, Alan Langford, Bill Richardson, Elin Waring, Gary Brooks, Jason Kendall, Jean-Marie Simonet, Jeremy Wilken, Marijke Stuivenberg, Mark Dexter, Michael Babker, Rouven Weßling, Samuel Moffatt.
(Sep 8) Multiple vulnerabilities have been discovered in xen-qemu-dm-4.0, the Xen Qemu Device Model virtual machine hardware emulator. The Common Vulnerabilities and Exposures project identifies the following problems: [More…]
(Sep 11) Timo Warns discovered that the EAP-TLS handling of freeradius, a high-performance and highly configurable RADIUS server, is not properly performing length checks on user-supplied input before copying to a local stack buffer. As a result, an unauthenticated attacker can exploit this [More…]
(Sep 10) The system could be made to crash under certain conditions.
(Sep 11) USN-1548-1 introduced a regression in Firefox.
(Sep 6) Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More…]
(Sep 11) Updated libexif packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate [More…]
(Sep 8) Multiple vulnerabilities have been discovered in qemu, a fast processor emulator. The Common Vulnerabilities and Exposures project identifies the following problems: [More…]
(Sep 8) Multiple denial of service vulnerabilities have been discovered in xen, an hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems: [More…]
(Sep 10) Applications using Django could be made to crash or expose sensitiveinformation.
(Sep 10) ubiquity-slideshow-ubuntu would allow unintended access to files over thenetwork during system installation.
(Sep 7) Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More…]
(Sep 7) Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More…]
In the September 2012 survey we received responses from 620,132,319 sites, a decrease of 8M sites since last month’s survey. A large portion of this drop was caused by a large network of linkfarmed domains disappearing from under the .com TLD, causing Apache numbers to suffer the most, with a loss of 10M sites. This resulted […]
The length of an RSA public key gives an indication of the strength of the encryption — the shorter the public key is; the easier it is for an attacker to brute-force. An attacker, armed with a compromised private key derived from a short public key, would be able to decrypt both past and future […]
What’s Changed
[*] Major security enhancements.
The update delivers Major security fixes that is strongly recommended for all Plesk users.
The update delivers Major security fixes that is strongly recommended for all Plesk users.
What’s Changed
[*] Major security enhancements.
What’s Changed
[*] Major security enhancements.
The September issue of the Joomla Community Magazine is here! Our stories this month:
Editor’s Introduction
Back to Life…, by Dianne Henning
Feature Stories
All Together Now: The Process and People Behind Joomla! 3.0, by Bernie Bernstein
Joomla! 3.0 – JUX Doing It, by Alice Grevet
A Spy in the Camp, by Brian Teeman
Why You Should be Paying Attention to Google+, by Ruth Cheesley
The Tale of a South African Joomla! Enthusiast, by Mark Atkinson
A Visit to Bootstrap Headquarters, by Alice Grevet
You Decide: Educational or Advertisement, by Luke Summerfield
Events
JoomlaDAy Events in September 2012, by Jacques Rentzke
Joomla! World Conference 2012, by Jon Neubauer
Developers
The Update Notification System for EXtensions, by Nicola Galgano
Administrators
Implementing Role-Based ACL, by Randy Carey
Sitebuilders
Part 1 – Review 9 Free Web Hosting Services to Make Your Joomla! Site LIVE, by Tuan Bui
Project News
Leadership Highlights – September 2012, by Alice Grevet
Developers: Joomla! 3 Update, by Nick Savov
Business Matters
Don’t Get Fired! 6 Common Reasons Client Relationships Go Bad, by Gabe Wahhab
Amazing Takeaways for Joomla Users from Inbound 2012, by Luke Summerfield
Selling Joomla, by Justin Kerr
Help Wanted
The Joomla! Project Wants You – September 2012, by Paul Orwig
Volunteers needed for the Trademark Team, by Jacques Rentzke
Help Wanted: Community Development Manager, by Mark Dexter
Google Summer of Code
A Library to Compress & Combine Javascript & CSS Files, by Kavith Thiranga Lokuhewage
GSoC Conclusion, by Aaron Schmitz
Petri Net API, by Florian Voutzinos
Joomla! Books
Free Book “Going Mobile with Joomla!”, by Hagen Graf
The Joomla! Haikus
Post your Haikus for September, by Dianne Henning
In our next issue
We want to publish your Joomla! story in the next JCM issue! So take a look at our Author Resources content to get a better idea of what we are looking for, and then register to become a JCM author and submit your Joomla! story!
Enterprise Monitor product. You can subscribe to RSS or Atom feeds, linked from this page, to
(Sep 3) Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical [More…]
Rank Company site OS Outagehh:mm:ss FailedReq% DNS […]
(Sep 6) It was discovered that Zabbix, a network monitoring solution, does not properly validate user input used as a part of an SQL query. This may allow unauthenticated attackers to execute arbitrary SQL commands (SQL injection) and possibly escalate privileges. [More…]
(Aug 30) Multiple security issues were fixed in Thunderbird.