(Jul 23) Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More…]
Archive for July, 2014
Joomla! 3.3.2 Released
The Joomla! Project and the Production Leadership Team are proud to announce the release of Joomla! 3.3.2. This is a maintenance release for the 3.x series of the Joomla! CMS.
If you are currently running a Joomla! release on a server with PHP 5.3.10 or later, we encourage you to update immediately to Joomla! 3.3.2 via either the one-click update or the update downloads available at http://www.joomla.org/download.html.
Note that in order to update directly to 3.3.2 via the core update component, you must be running 3.2.2 or later due to the raised minimum supported PHP version and the update system not supporting checking the server’s PHP version in older releases. Older 3.x releases will be prompted to update to 3.2.4 before being presented the 3.3.2 update.
Joomla! 2.5.23 Released
The Joomla Project is pleased to announce the immediate availability of Joomla 2.5.23. This is a maintenance release for the 2.5 series of the Joomla! CMS.
The update process is very simple, and complete instructions are available here. Note that there are now easier and better ways of updating than copying the files with FTP.
Download
New Installations: Click here to download Joomla 2.5.23 (Full package) »
Update Package: Click here to download Joomla 2.5.23 (Update package) »
Note: Please read the update instructions before updating.
Instructions
*Please clear your browser’s cache after upgrading
Want to test drive Joomla? Try the online demo. Documentation is available for beginners.
Release Notes
Check the Joomla 2.5.23 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.
Statistics for the 2.5.23 release period
- 8 tracker issues fixed
See http://developer.joomla.org/version-2-5-23-release-notes.html for details of the tracker items fixed.
How can you help Joomla! development?
There are a variety of ways in which you can get actively involved with Joomla! It doesn’t matter if you are a coder, an integrator, or merely a user of Joomla!. You can contact the Joomla! Community Development Manager, David Hurley, to get more information, or if you are ready you can jump right into the Joomla! Bug Squad.
The Joomla! Bug Squad is one of the most active teams in the Joomla! development process and is always looking for people (not just developers) that can help with sorting bug reports, coding patches and testing solutions. It’s a great way for increasing your working knowledge of Joomla!, and also a great way to meet new people from all around the world.
If you are interested, please read about us on the Joomla! Documentation Wiki and, if you wish to join, email Mark Dexter or Nick Savov, our Bug Squad co-coordinators.
You can also help Joomla! development by thanking those involved in the many areas of the process. In the past year, for example, over 1,000 bugs have been fixed by the Bug Squad.
Contributors
Thank you to the code contributors and active Bug Squad members that created and tested this release:
A. Booij, Achal Aggarwal, Aditya Didwania, Anja Hage, Bernard Saulme, Brian Coale, Brian Teeman, Constantin Romankiewicz, Craig Phillips, Cristiano Cucco, Cyril Rezé, Demis Palma, Denise McLaurin, Dennis Hermacki, Elijah Madden, Eugen Istoc, George Wilson, Hannes Papenberg, Hilary Cheyne, Izhar Aazmi, Jean-Marie Simonet, Jisse Reitsma, Joe Steele, Khanh Le, Kyle Luzny, Leo Lammerink, Marko Đedović, Matt Thomas, Max Sarte, Nicholas Dionysopoulos, Niels van der Veer, Nha Bui, Peter Lose, Robert Dam, Robert Gastaud, Roberto Segura, Roland Dalmulder, Sam Moffatt, Sander Potjer, Thomas Hunziker, Tobias Zulauf, Valentin Despa, Viktor Vogel, Vlad Zinculescu.
Joomla! Bug Squad
Thank you to the Joomla! Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla!, please report it on the Joomla! CMS Issue Tracker.
Active members of the Joomla! Bug Squad during past 3 months include: A. Booij, Achal Aggarwal, Anja Hage, Beat , Benjamin Trenkle, Bernard Saulme, Brian Teeman, Christiane Maier-Stadtherr, Constantin Romankiewicz, David Jardin, Dennis Hermacki, Elijah Madden, George Wilson, Hans Kuijpers, Hilary Cheyne, Jean-Marie Simonet, Jelle Kok, Jisse Reitsma, Joe Steele, Josien Verreijt, Leo Lammerink, Marcel van Beelen, Marco Richter, Matt Thomas, Max Sarte, Michael Babker, Mikhail M, Nick Savov, Nicholas Dionysopoulos, Niels van der Veer, Peter Lose, Peter Wiseman, Piotr Mocko, Robert Dam, Robert Gastaud, Roberto Segura, Roland Dalmulder, Sander Potjer, Sergio Manzi, Stefania Gaianigo, Thomas Hunziker, Thomas Jackson, Tobias Zulauf, Todor Iliev, Valentin Despa, Viktor Vogel.
Bug Squad Leadership: Mark Dexter and Nick Savov, Co-Coordinators.
Joomla! Security Strike Team
A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla! secure. Members include: Airton Torres, Alan Langford, Beat, Bill Richardson, Claire Mandville, David Hurley, Don Gilbert, Gary Brooks, Jason Kendall, Javier Gomez, Jean-Marie Simonet, Marijke Stuivenberg, Mark Boos, Mark Dexter, Matias Griese, Michael Babker, Nick Savov, Pushapraj Sharma, Roberto Segura, Rouven Weßling, Thomas Hunziker.
(Jul 22) Security Report Summary
(Jul 22) Security Report Summary
(Jul 22) Firefox could be made to crash or run programs as your login if itopened a malicious website.
(Jul 22) Several security issues were fixed in Thunderbird.
(Jul 23) Updated httpd24-httpd packages that fix multiple security issues are now available for Red Hat Software Collections 1. The Red Hat Security Response Team has rated this update as having [More…]
(Jul 23) Updated httpd packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having [More…]
EasyApache 3.26.2 Released
SUMMARY cPanel, Inc. has released EasyApache 3.26.2 with Apache version 2.4.10. This release addresses Apache vulnerabilities CVE-2014-0117, CVE-2014-0226, CVE-2014-0118, and CVE-2014-0231 by fixing bugs in the mod_proxy, mod_deflate, and mod_cgid modules. We encourage all Apache 2.4 users to upgrade to Apache version 2.4.10. AFFECTED VERSIONS All versions of Apache 2.4 …
(Jul 18) Security Report Summary
(Jul 21) CUPS could be made to expose sensitive information, leading to privilegeescalation.
(Jul 21) Updated java-1.6.0-sun packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 5, 6, and 7. The Red Hat Security Response Team has rated this update as having [More…]
(Jul 21) Updated java-1.6.0-openjdk packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5, 6, and 7. The Red Hat Security Response Team has rated this update as having [More…]
(Jul 19) Security Report Summary
(Jul 20) Security Report Summary
(Jul 16) Several security issues were fixed in the kernel.
(Jul 16) Several security issues were fixed in the kernel.
What’s Changed
[*] PPA now calculates disk usage for SmarterMail domains and mailboxes.
[*] The checker of service nodes for compatibility with Plesk Automation (check_service_node) was significantly improved.
[*] Before a PPA upgrade/update, the following conditions are checked: YUM is installed and properly configured, YUM repositories are accessible on the management and service nodes.
[-] Users could not search by Active at the Service Templates screen. A system error occurred. (PPA-1521)
[-] Mailboxes with names in mixed case stopped working after upgrade from PPA 11.1 to 11.5. (PPA-1232)
[-] Users could not switch on auto-reply for mailboxes on domains that had domain aliases. (PPA-1313)
[-] Administrators could not create a subscription with support for mail services if the webmail node was uninstalled. (PPA-1346)
[-] After upgrading or updating to PPA 11.5.*, the default Plesk license appeared in the License Manager. (PPA-1428)
[-] After updating to PPA 11.5.5, administrators could not set the ‘Allow overuse of disk space and traffic’ activation parameter for a subscription. The parameter did not appear in the list of the subscription’s resources. (PPA-1456)
[-] DNS PTR records for a subscription were not removed on the subscription removal. (PPA-1476)
[-] Users could not use the webmail service if they were subscribed to Roundcube webmail. (PPA-1497)
[-] When users modified a DNS zone and removed both A and NS records, the DNS zone synchronization failed. The following error occurred: NS record “<domain>. NS ns.<domain>.” has no address records (A or AAAA). (PPA-1560)
[-] Users could see uninformative error messages while managing domain aliases. (PPA-168)
[-] Administrators could not remove subscriptions with support for database services if the database service node was registered with a backnet IP address. (PPA-533)
[-] Update from PPA 11.5.1 was taking too much time. (PPA-653)
[-] Administrators could not install a node with the mixed ‘Apache + Postfix + MySQL + PostgreSQL’ role, if a hyphen was used in the PostgreSQL administrator’s username. They were not informed that the hyphen cannot be used for the PostgreSQL administrator’s username either. (PPA-695)
[-] Updates could fail and administrators had to restart the update because of slow restart. (PPA-725)
[-] Administrators could not add a server with already installed MSSQL as a new MSSQL service node. The error message did not explain how to register an existing database server in the system. (PPA-773)
[-] Administrators could not change the host name of a service node based on Windows Server 2012 R2. The following error occurred: Failed to retrieve the host name of the node: ERROR: Cannot open control pipe – NT_STATUS_INVALID_PARAMETER. (PPA-923)
[-] Restoration of a backup and migration failed if there were system users with the same name on different nodes. The following error occurred: System user <username> doesn’t belong to domain being restored. (PPA-1032)
[-] Administrators could not create a subscription if the SSL certificate for the domain was modified. The following error occurred: SSLCACertificateFile: file ‘/usr/local/psa/var/certificates/<cert-name>’ does not exist or is empty. (PPA-1042)
[-] Customers could see the ‘Access to subscriptions’ permission instead of ‘Access to webspaces’ in the Hosting Panel > Users > a user’s settings. (PPA-1118)
[-] A domain’s webmail configuration file /etc/httpd/conf/plesk.conf.d/webmails/<lwebmail>/<domain>_webmail.conf was not removed on the subscription removal if webmail was hosted on a service node. (PPA-1143)
[-] Administrators received the error message about the main PPA licence expiration when the PPA license was valid, but the POA license was uploaded separately and expired. (PPA-1152)
[-] Users with the Application user role and a mail account could access the Mail tab in the Hosting Panel even when the webspace was disabled and the redirection loop occurred on this tab. (PPA-1165)
[-] Customers could not recalculate actual disk space used by mailboxes through the Hosting Panel > Mail > Refresh Usage Stats. The zero usage for all mailboxes on the domain was shown. (PPA-1196)
[-] When administrators added an MSSQL service node, the Customer Data folder remained empty and was not used as the data directory for MSSQL node. (PPA-1225)
[-] The limit on the number of connections per IP in Courier IMAP server configuration was reset to default after upgrade from PPA 11.1 to 11.5. (PPA-1231)
[-] Administrators received an unclear error message when they tried to install a new Linux node and there was a duplicate host name record in /etc/hosts. (PPA-1576)
[-] When administrators changed the host name of a service node with the ppa.hostname utility, several occurrences of the old host name remained in the ‘plesk’ database. (PPA-1067)
The following issues have been resolved:
[-] Users could not access the website folder for managing files of the website if Classic List was selected in Websites & Domains > Domains List Settings. The following error occurred: “Invalid URL was requested”. (PPP-10818)
[-] (Linux) Administrators could not create a backup of the server. The error message about the wrong format of the backup file appeared. (PPP-10804)
[-] The administrator’s interface language switched back to default (English) after visiting the Tools & Settings > Backup Manager > Scheduled Backup Setting screen. (PPP-10784, PPPM-1738)
[-] If users customized their domain PHP settings and then the administrator modified other settings on their subscription, the domain PHP setting changed back to default. (PPP-10744, PPPM-1779)
[-] (Linux) Administrators could not migrate reseller’s subscriptions without migrating the reseller. (PPP-10691, PPPM-1754)
[-] (Windows) On Windows 2012 x64, Plesk administrators could not install a Plesk license key on Plesk inside a Hyper-V virtual machine. The error saying that the license key is invalid occurred.
[-] (Windows) Administrators could not migrate domains with a remote MSSQL database if the MSSQL server was running on any port other than default 1433. (PPP-10800, PPPM-1802)
cPanel TSR-2014-0005 Announcement cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having security impact …
The following functionality was improved:
[*]Security improvements (http://kb.parallels.com/en/122245)
Important: Regular updates of Parallels Plesk Panel and third-party components guarantee that your server stays secure against malicious attacks.
The following functionality was improved:
[*]Security improvements (http://kb.parallels.com/en/122245)
Important: Regular updates of Parallels Plesk Panel and third-party components guarantee that your server stays secure against malicious attacks.
(Jul 16) Several security issues were fixed in the kernel.
(Jul 16) Several security issues were fixed in the kernel.
(Jul 16) Several security issues were fixed in the kernel.
(Jul 16) Several security issues were fixed in the kernel.
(Jul 17) Security Report Summary
(Jul 17) Security Report Summary
(Jul 17) Several security issues were fixed in MySQL.