(Oct 8) Security Report Summary
Archive for October, 2014
(Oct 8) Security Report Summary
Red Hat: 2014:1365-01: kernel: Important Advisory
(Oct 7) Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. Red Hat Product Security has rated this update as having Important security [More…]
Red Hat: 2014:1371-01: nss: Important Advisory
(Oct 10) Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise Linux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Extended Update Support, Red Hat Enterprise Linux 6.2 Advanced Update Support, and Red Hat [More…]
Joomla Community Magazine | October 2014
The October issue of the Joomla Community Magazine is here! Our stories this month:
Editors Introduction
Joomla! World Conference 2014, Get Your Tickets Now!
Feature Stories
Interview with Brian Teeman
A New and Improved Joomla! Resources Directory
A Dream, Which we Dream Together, is Reality
Events
Upcoming Joomla Events October/November 2014
Project News
Leadership Highlights October 2014
A Thank You to OSM & the Joomla Community from CloudAccess.net
A Thank You to CloudAccess.net
Administrators
Investing in HTTPS is Crucial to Your Joomla Site’s Integrity
International Stories
Catalan
Open Source Matters tria nova presidenta, Sarah Watz…
Actualitzar Joomla! de la versió 2.5 a la 3.x
Français
Retour sur le JoomlaDay™ Bénin 2014
La création d’un article avec Joomla! n’a jamais été aussi facile !
Joomla! World Conference 2014, achetez vos billets maintenant !
Joomla! pour mon entreprise (partie 1)
Revenons aux fondamentaux : la puissance du collaboratif
Annonce de la création du Update Working Group
Joomla! annonce un nouveau site de démo et une option…
German
Der neue Joomla! Release Zyklus
Spanish
Premios y reconocimientos del CMS Joomla!
ACL en Joomla!
Desenredando Warp 7 y UIKIT
Un Nuevo Directorio de Recursos
Joomla! en La Rioja
In our next issue
We want to publish your Joomla! story in the next JCM issue! So take a look at our Author Resources content to get a better idea of what we are looking for, and then register to become a JCM author and submit your Joomla! story!
In the October 2014 survey we received responses from 1,028,932,208 sites, which is nearly six million more than last month. Apache regains the lead Microsoft lost the lead to Apache this month, as the two giants continue to battle closely for the largest share of all websites. Apache gained nearly 30 million sites, while Microsoft […]
A recent spate of phishing attacks has taken to using the data URI scheme for evil. Supported in most browsers, these special URIs allow the content of a phishing page to be contained entirely within the URI itself, effectively eliminating the need to host the page on a remote web server and adding an additional […]
Most Reliable Hosting Company Sites in September 2014
Rank Performance Graph OS Outagehh:mm:ss FailedReq% DNS Connect Firstbyte Total 1 Qube Managed Services Linux 0:00:00 0.004 0.086 0.023 0.046 0.046 2 GoDaddy.com Inc Linux 0:00:00 0.013 0.149 0.012 0.200 0.205 3 Memset Linux 0:00:00 0.013 0.111 0.055 0.132 0.217 4 www.dinahosting.com Linux 0:00:00 0.013 0.242 0.080 0.159 0.159 5 Swishmail FreeBSD 0:00:00 0.022 0.124 […]
The Joomla! Project is pleased to announce the immediate availability of Joomla 3.3.6. This is a maintenance release addressing issues with yesterday’s 3.3.5 release. This release addresses an issue related to the core update component, one regression in the user password reset process, and adds a fallback upgrade mechanism for the update component. This release is considered a security release since it includes two resolved security issues associated with 3.3.5. A 3.2.7 release is also available for users who are still using Joomla! 3.2 which addresses the security issues and the upgrade component bug.
If you are currently running a Joomla! release on a server with PHP 5.3.10 or later, we encourage you to update immediately to Joomla! 3.3.6 via either the one-click update or the update downloads available at http://www.joomla.org/download.html.
Note that in order to update directly to 3.3.6 via the core update component, you must be running 3.2.2 or later due to the raised minimum supported PHP version and the update system not supporting checking the server’s PHP version in older releases. Older 3.x releases will be prompted to update to 3.2.7 before being presented the 3.3.6 update.
Special Download Instructions
Because of the issue with the update component, users who are running 3.2.6 or 3.3.5 will be unable to update to the next release using Joomla’s update component. These users will be required to update their Joomla! installation via the Extension Manager. Instructions for updating via the Extension Manager can be found on the Joomla! Documentation Wiki. Users who are running Joomla! 3.3.0 through 3.3.4 and 3.2.5 or earlier will be able to update using the update component. The Joomla! Documentation wiki contains full instructions on how to update your site.
The Joomla! Project is pleased to announce the immediate availability of Joomla 2.5.27. This is a maintenance release addressing issues with yesterday’s 2.5.26 release. This release addresses an issue related to the core update component. This release is considered a security release since it includes two resolved security issues associated with 2.5.26.
Special Download Instructions
Because of the issue with the update component, users who are running 2.5.26 will be unable to update to 2.5.27 using Joomla’s update component. These users will be required to update their Joomla! installation via the Extension Manager. Instructions for updating via the Extension Manager can be found on the Joomla! Documentation Wiki. Users who are running Joomla! 2.5.25 or earlier will be able to update using the update component. The Joomla! Documentation Wiki contains full instructions on how to update your site.
2.5 End of Life Update
As previously noted, the 2.5 series will reach end of life at the end of 2014, which will mark the end of support for this series. At this time, we project that 2.5.28 will be the last scheduled maintenance release, due in approximately six to eight weeks, the typical timeframe between Joomla! releases.
Download
New Installations: Download Joomla 2.5.27 (Full package) »
Update Package: Download Joomla 2.5.27 (Update packages) »
Note: Please read the update instructions before updating.
Instructions
*Please clear your browser’s cache after upgrading
Want to test drive Joomla? Try the online demo. Documentation is available for beginners.
Release Notes
Check the Joomla 2.5.27 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.
Statistics for the 2.5.27 release period
- 4 tracker issues fixed
See the Joomla! 2.5.26 Milestone on GitHub for details of the items fixed.
Security Issues Fixed
- High Priority – Core – Remote File Inclusion More information »
- Medium Priority – Core – Denial of Service More information »
How can you help Joomla! development?
There are a variety of ways in which you can get actively involved with Joomla! It doesn’t matter if you are a coder, an integrator, or merely a user of Joomla!. You can contact the Joomla! Community Development Manager, David Hurley, to get more information, or if you are ready you can jump right into the Joomla! Bug Squad.
The Joomla! Bug Squad is one of the most active teams in the Joomla! development process and is always looking for people (not just developers) that can help with sorting bug reports, coding patches and testing solutions. It’s a great way for increasing your working knowledge of Joomla!, and also a great way to meet new people from all around the world.
If you are interested, please read about us on the Joomla! Documentation Wiki and, if you wish to join, email Nick Savov, our Bug Squad coordinator.
You can also help Joomla! development by thanking those involved in the many areas of the process. In the past year, for example, over 1,000 bugs have been fixed by the Bug Squad.
Contributors
Thank you to the community members who were active in the testing and resolution of the issues addressed in this release:
Constantin Romankiewicz, Dmitry Rekun, Jean-Marie Simonet, Johannes S-F, Michael Babker, Nicholas Dionysopoulos, Paulos Matos, Tobias Zulauf.
Joomla! Bug Squad
Thank you to the Joomla! Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla!, please report it on the Joomla! Issue Tracker.
Active members of the Joomla! Bug Squad during past 3 months include: A. Booij, Achal Aggarwal, Anja Hage, Beat , Benjamin Trenkle, Bernard Saulme, Brian Teeman, Christiane Maier-Stadtherr, Constantin Romankiewicz, David Jardin, Dennis Hermacki, Elijah Madden, George Wilson, Hans Kuijpers, Hilary Cheyne, Jean-Marie Simonet, Jelle Kok, Jisse Reitsma, Joe Steele, Josien Verreijt, Leo Lammerink, Marcel van Beelen, Marco Richter, Matt Thomas, Max Sarte, Michael Babker, Mikhail M, Nick Savov, Nicholas Dionysopoulos, Niels van der Veer, Peter Lose, Peter Wiseman, Piotr Mocko, Robert Dam, Robert Gastaud, Roberto Segura, Roland Dalmulder, Sander Potjer, Sergio Manzi, Stefania Gaianigo, Thomas Hunziker, Thomas Jackson, Tobias Zulauf, Todor Iliev, Valentin Despa, Viktor Vogel.
Bug Squad Leadership: Nick Savov, Coordinator.
Joomla! Security Strike Team
A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla! secure. Members include: Airton Torres, Alan Langford, Beat, Bill Richardson, Claire Mandville, David Hurley, Don Gilbert, Gary Brooks, Jason Kendall, Javier Gomez, Jean-Marie Simonet, Marijke Stuivenberg, Mark Boos, Mark Dexter, Matias Griese, Michael Babker, Nick Savov, Pushapraj Sharma, Roberto Segura, Rouven Weßling, Thomas Hunziker.