(Apr 3) Nicolas Gregoire discovered that libxslt, an XSLT processing runtime library, is prone to denial of service vulnerabilities via crafted xsl stylesheets. [More…]
(Apr 4) Several security issues were fixed in PostgreSQL.
(Apr 4) Libav could be made to crash or run programs as your login if it opened aspecially crafted file.
(Apr 4) Updated openstack-keystone packages that fix two security issues and various bugs are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having moderate [More…]
(Apr 4) Updated openstack-glance packages that fix one security issue and various bugs are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having moderate [More…]
(Apr 4) Several vulnerabilities were discovered in PostgreSQL database server. CVE-2013-1899 [More…]
(Apr 4) A vulnerability was discovered in PostgreSQL database server. Random numbers generated by contrib/pgcrypto functions may be easy for another database user to guess. [More…]
(Apr 4) Firefox could be made to crash or run programs as your login if itopened a malicious website.
(Apr 4) This update provides a compatible version of Unity Firefox Extension forFirefox 20.
(Apr 4) Updated openstack-nova packages that fix two security issues and various bugs are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having moderate [More…]
(Apr 4) Updated puppet packages that fix several security issues are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having [More…]
Following check item has been added:
WordPress 3.6 Beta 1 is now available! This is software still in development and we really don’t recommend that you run it on a production site — set up a test site just to play with the new version. To test WordPress 3.6, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the beta here (zip). We’ve […]
Mulberry — well known for its luxury fashion accessories — is currently being impersonated by fake online stores which have successfully promoted themselves to the first page of search engine results by planting malign JavaScript on hacked websites.
(Apr 2) Applications using poppler could be made to crash or possibly run programsas your login if they opened a specially crafted file.
(Apr 2) Several security issues were fixed in the kernel.
(Apr 2) An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having [More…]
(Apr 2) An updated jenkins package that fixes one security issue is now available for Red Hat OpenShift Enterprise 1.1.3. The Red Hat Security Response Team has rated this update as having moderate [More…]
Over the last few months, the Platform team of maintainers and developers have been talking about future directions. One of our goals for this year is to introduce namespacing. This has been a very large undertaking and as work has progressed, it became obvious that backward compatibility was going to be a constant battle. One of the negative side-effects of this would be that the Joomla CMS wouldn’t be able to use the planned 13.1 release of the Platform for some time if we introduced namespacing in that version.
After a lot of discussion both internally and with other developers in the community, in order to address the problem, as well as to take advantage of some new opportunities, we’ve decided to make some changes to the Platform.
Bitcoin, a distributed digital currency that cryptographically verifies transactions, has recently seen a large increase in usage — the total amount of Bitcoins in circulation is now well over $1B US Dollars and each Bitcoin is today worth more than $100. By way of comparison, Gibraltar — a British Overseas Territory and a conventional tax […]
The April issue of the Joomla Community Magazine is here! Our stories this month:
Listen Up!, by Alice Grevet
Interview with Community Development Manager David Hurley, by John Rampton
Joomla! is the People, by Helvecio da Silva
Interview with CMSExpo Founder John Coonen, by John Rampton
The X Factor and Women in Tech, by Dianne Henning
JoomlaDay Boston, No Blarney!, by Dianne Henning
Leadership Highlights – April 2013, by Marijke Stuivenberg
Progressive Enhancement: Flip the Script on Your Responsive Ways, by Ryan Boog
Tips to Find a Joomla Developer, by Johans Empuerto
Creating Call-to-Actions that Will Actually Get Action, by Hannah Kaufman
Easy To Use Joomla Search Operator Commands, by John Rampton
Head in the Tag Clouds, by Elin Waring
4 Ways Joomla Developers Can Monetize Free Extensions, by Pravin Daryani
Joomla! 3.0 Extension Development Series: More Functionality, by David Hurley
Joomla! 3.1.0 Tag Field, by Roberto Segura
CDNs for Joomla – A Beginners Guide, by Steven Johnson
Community Choice Extensions – UPDATE, by Dianne Henning
Post your Haikus for April, by Dianne Henning
Browse the international articles submitted this month.
We want to publish your Joomla! story in the next JCM issue! So take a look at our Author Resources content to get a better idea of what we are looking for, and then register to become a JCM author and submit your Joomla! story!
In the April 2013 survey we received responses from 649,072,682 sites, 17.6M more than last month. This month, market leader Apache lost 9.9M sites, or 3 percentage points of market share. A major contributor to this loss was the movement of a large affiliate referral network consisting of around 8M sites now being served by nginx. […]
The Joomla! Project is pleased to announce the availability of Joomla! CMS 3 Beta3. Community members are asked to download and install the package in order to provide quality assurance for Joomla 3.1. Joomla 3.1 is scheduled for release on April 15th, 2013.
Joomla 3 is the latest major release of the Joomla CMS, with Joomla 3.1 the second short term support release in this series. Please note that going from Joomla 3.0 to 3.1 is a one-click upgrade and is NOT a migration. The same is true is for any subsequent versions in the Joomla 3 series. That being said, please do not upgrade any of your production sites to the beta version as beta is ONLY intended for testing.
This is a beta release and not for use on production sites.
Extension developers are encouraged to work with this release in order to prepare extensions for the General Availability release of Joomla 3.1, though there shouldn’t be any backward compatibility issues. Users are encouraged to test the package for issues and to report issues in the Joomla! issue tracker.
Miscellaneous: 28574 – Removed the GeSHi plug-in
Version 2.5 of the Joomla! CMS is a Long Term Support release and support for it will continue until shortly after the release of Joomla 3.5 scheduled for Spring 2014. Joomla 2.5 users do not need to migrate to Joomla 3.0 or 3.1.
Moving to Joomla 3.x from Joomla 2.5 will be a mini-migration not an upgrade, although for the core of Joomla! the migration should be simple. However, it is likely that templates for Joomla 2.5 will need modification to work with Joomla 3 as will many extensions. Always test prior to migrating and consult with the developers of any extensions and templates you use.
Support for Joomla 1.5 ended in April of 2012 and we continued to support it unofficially until the end of 2012 for medium to high priority security issues.
Does that mean your 1.5 site will suddenly stop working? No, your site will continue to work as it always has. However, Joomla’s developers will not be releasing new versions for Joomla 1.5, so you won’t be getting bug fixes or security fixes. For this reason, it’s recommended to migrate from 1.5.
Moving from 2.5 to any Joomla 3 version is relatively simple, since Joomla has made the process easy for newer versions. Unfortunately, moving from 1.5 is not a trivial task. Fortunately, there are two good extensions that make the process easier: jUpgrade and SPUpgrade.
You have a choice of going straight to Joomla 3.0 or going to 2.5 first. Both jUpgrade and SPUpgrade have versions ready for both versions. Please consult with their documentation on how to migrate from Joomla 1.5 to 3.0/2.5.
For most new/migrated sites, the Joomla! 3 series is the preferred series and starting on it avoids a mini-migration from Joomla 2.5 later down the road. Starting on the Joomla 3 series for a new/migrated site, also provides you with longer backward compatible support (with one-click upgrades) than starting a new site on 2.5 right now, because support for 3.x ends in 2016.
There are a variety of ways in which you can get actively involved with Joomla! It doesn’t matter if you are a coder, an integrator, or merely a user of Joomla!. You can contact the Joomla! Community Development Manager, David Hurley, [email protected], to get more information, or if you are ready you can jump right into the Joomla! Bug Squad.
The Joomla Bug Squad is one of the most active teams in the Joomla development process and is always looking for people (not just developers) that can help with sorting bug reports, coding patches and testing solutions. It’s a great way for increasing your working knowledge of Joomla, and also a great way to meet new people from all around the world.
If you are interested, please read about us on the Joomla Wiki and, if you wish to join, email Mark Dexter, one of the Bug Squad co-coordinators.
You can also help Joomla development by thanking those involved in the many areas of the process. The project also wants to thank all of the people who have taken the time to prepare and submit work to be included in Joomla 1.6,1.7, 2.5, & 3.1, and to those who have worked very hard on the Joomla Platform separation project.
If you are an extension developer, please make sure you subscribe to the general developer mailing list as this is a place where you can discuss extension development and news that may affect custom development will be posted from time to time.
Following is a list of previous news and information about Joomla and other sites of interest:
This beta release is the result of thousands of hours of work by dozens of volunteers. Thank you so very much for making Joomla the best CMS on the planet!
cPanel has published security updates for all supported versions of cPanel & WHM. These updates contain fixes for a problem with the Roundcube webmail application. We recommend all customers update to the latest build of each version as soon as possible. The cPanel Security Team has assigned a rating of …
Rank Company site OS Outagehh:mm:ss FailedReq% DNS […]
(Mar 30) Matthew Horsfall of Dyn, Inc. discovered that BIND, a DNS server, is prone to a denial of service vulnerability. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or [More…]
(Mar 31) With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerabl …
(Mar 29) Bind could be made to consume memory or crash if it received speciallycrafted network traffic.
58 queries. 8.75 mb Memory usage. 1.306 seconds.