WordPress 3.8.2 is now available. This is an important security release for all previous versions and we strongly encourage you to update your sites immediately. This releases fixes a weakness that could let an attacker force their way into your site by forging authentication cookies. This was discovered and fixed by Jon Cave of the WordPress […]
Archive for CMS
1021 results.
The Joomla! Project is pleased to announce the availability of Joomla! CMS 3.3 Beta 1. Community members are asked to download and install the package in order to provide quality assurance for the forthcoming 3.3 release, which is scheduled for release on or around April 22nd, 2014.
A big thank you goes out to everyone that contributed to the 3.3 release! Joomla! CMS 3.3 will be our most stable release ever. Right now we’re at about 290 commits since 3.2.3’s release with 39 different people contributing to those commits (not including testers and other non-coding activities). Best of all is that the new features are awesome!
The 3.x release series is the latest major release of the Joomla! CMS, with 3.3 the fourth standard-term support release in this series. Please note that going from 3.2 to 3.3 is a one-click upgrade and is NOT a migration. The same is true is for any subsequent versions in the 3.x series of the CMS. That being said, please do not upgrade any of your production sites to the beta version as beta is ONLY intended for testing and there is no upgrade path from Beta.
Comment
The April issue of the Joomla Community Magazine is here! Our stories this month:
Editors Introduction
What’s New in the Joomla! Community Magazine?, by Alice Grevet
Project News
Leadership Highlights April 2014, by Marijke Stuivenberg
Roundup from JUG Corner – March 2014, by Ruth Cheesley
Developers
Practical Development 3: Project, by Marco Dings
Sitebuilders
10 Tips for a Fast Joomla Website, by Simon Kloostra
Core Features I want from the Components I Choose, by Randy Carey
Migration SEO Tips Series – Part 1 – Planning Your Link Migration Strategy, by Ruth Cheesley
Feature Stories
Case Study – CrimeSuspect.Net, by Alice Grevet
Events
Joomla! World Conference – 2014, by Dianne Henning
JoomlaDay Boston 2014, by Dianne Henning
Joomla! at CeBIT 2014 – Big Business!, by David Jardin
Help Wanted
Joomla! Q&A Site on Stack Exchange, by Craig Phillips
Extensions and Services Evaluations
JFBConnect: Let’s do more with Social Networks, by Mike Veeckmans
International Stories
Arabic
Français
Joomleur, je t’aime !
Encore sous Joomla 1.5, il devient urgent de migrer
Migration complexe d’un site Joomla! 1.5…
Un système de sécurité pour Joomla!
Le CMS, le Framework Joomla! et les licences
10 meilleures astuces pour un site Joomla! rapide
Pratique du développement (épisode 2) : l’environnement de travail
Spanish
Qué hacer cuando Joomla no encuentra las actualizaciones
Override del mes: Metamorfosis al mod_menu
Migración compleja de Joomla! 1.5 con tiempo de inactividad…
¿Por qué actualizar las extensiones de terceros?
Usando Joomla para hacer Joomla!. Empezando por JDatabase
In our next issue
We want to publish your Joomla! story in the next JCM issue! So take a look at our Author Resources content to get a better idea of what we are looking for, and then register to become a JCM author and submit your Joomla! story!
WordPress 3.9 Beta 3
Mar29
The third (and maybe last) beta of WordPress 3.9 is now available for download. Beta 3 includes more than 200 changes, including: New features like live widget previews and the new theme installer are now more ready for prime time, so check ‘em out. UI refinements when editing images and when working with media in the editor. We’ve also brought […]
WordPress 3.9 Beta 2
Mar20
WordPress 3.9 Beta 2 is now available for testing! We’ve made more than a hundred changes since Beta 1, but we still need your help if we’re going to hit our goal of an April release. For what to look out for, please head on over to the Beta 1 announcement post. Some of the changes in […]
WordPress 3.9 Beta 1
Mar11
I’m excited to announce that the first beta of WordPress 3.9 is now available for testing. WordPress 3.9 is due out next month — but in order to hit that goal, we need your help testing all of the goodies we’ve added: We updated TinyMCE, the software powering the visual editor, to the latest version. […]
Joomla! 3.2.3 Released
Mar06
The Joomla! Project and the Production Leadership Team are proud to announce the release of Joomla! 3.2.3 which is a security release and also resolves a significant number of issues and bugs.
If you are currently running Joomla! 3.2, we urge you to apply this update immediately via either the one-click update or the update downloads available at http://www.joomla.org/download.html. For other versions of the 3.x series, applying the update is recommended as soon as possible.
- Project: Joomla!
- SubProject: CMS
- Severity: Moderate
- Versions: 2.5.18 and earlier 2.5.x versions, 3.2.2 and earlier 3.x versions
- Exploit type: XSS Vulnerability
- Reported Date: 2014-March-05
- Fixed Date: 2014-March-06
- CVE Number: Pending
Description
Inadequate escaping leads to XSS vulnerability.
Affected Installs
Joomla! CMS versions 2.5.18 and earlier 2.5.x versions, 3.2.2 and earlier 3.x versions
Solution
Upgrade to version 2.5.19 or 3.2.3
Contact
The JSST at the Joomla! Security Center.
Reported By: JSST
- Project: Joomla!
- SubProject: CMS
- Severity: Moderate
- Versions: 2.5.18 and earlier 2.5.x versions, 3.2.2 and earlier 3.x versions
- Exploit type: Unauthorised Logins
- Reported Date: 2014-February-21
- Fixed Date: 2014-March-06
- CVE Number: Pending
Description
Inadequate checking allowed unauthorised logins via GMail authentication.
Affected Installs
Joomla! CMS versions 2.5.18 and earlier 2.5.x versions, 3.2.2 and earlier 3.x versions
Solution
Upgrade to version 2.5.19 or 3.2.3
Contact
The JSST at the Joomla! Security Center.
Reported By: Stefania Gaianigo
Joomla! 2.5.19 Released
Mar06
The Joomla Project is pleased to announce the immediate availability of Joomla 2.5.19.
Joomla 2.5.19 is a security release addressing two medium level vulnerabilities.
The update process is very simple, and complete instructions are available here. Note that there are now easier and better ways of updating than copying the files with FTP.
Download
New Installations: Click here to download Joomla 2.5.19 (Full package) »
Update Package: Click here to download Joomla 2.5.19 (Update package) »
Note: Please read the update instructions before updating.
Instructions
*Please clear your browser’s cache after upgrading
Want to test drive Joomla? Try the online demo. Documentation is available for beginners.
Release Notes
Check the Joomla 2.5.19 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.
Statistics for the 2.5.19 release period
- 6 tracker issues fixed
See http://developer.joomla.org/version-2-5-19-release-notes.html for details of the tracker items fixed.
Security Issues Fixed
- Medium Priority – Core XSS Vulnerability More information »
- Medium Priority – Core XSS Vulnerability More information »
How can you help Joomla! development?
There are a variety of ways in which you can get actively involved with Joomla! It doesn’t matter if you are a coder, an integrator, or merely a user of Joomla!. You can contact the Joomla! Community Development Manager, David Hurley, to get more information, or if you are ready you can jump right into the Joomla! Bug Squad.
The Joomla! Bug Squad is one of the most active teams in the Joomla! development process and is always looking for people (not just developers) that can help with sorting bug reports, coding patches and testing solutions. It’s a great way for increasing your working knowledge of Joomla!, and also a great way to meet new people from all around the world.
If you are interested, please read about us on the Joomla! Documentation Wiki and, if you wish to join, email Mark Dexter or Nick Savov, our Bug Squad co-coordinators.
You can also help Joomla! development by thanking those involved in the many areas of the process. In the past year, for example, over 1,100 bugs have been fixed by the Bug Squad.
Contributors
Thank you to the code contributors and active Bug Squad members that created and tested this release:
Ben Charlton, Benjamin Trenkle, Brian Teeman, Carsten Wirtz, Christiane Maier-Stadtherr, Cyril Rezé, Denise McLaurin, Eino Mäkitalo, Fedik Zinchuk, George Wilson, Gunjan Patel, Hannes Papenberg, Ionut Lupu, Javier Gomez, Jean-Marie Simonet, Jonathan Cameron, Leo Lammerink, Marc Antoine Thevenet, Marco Richter, Marko Đedović, Matt Thomas, Michael Babker, Nikolai Plath, Peter van Westen, Piotr Mocko, Roberto Segura, Sander Potjer, Simon Asika, Thomas Hunziker, Tobias Zulauf, Toivo Talikka, Valentin Despa, Yannick Gaultier.
Joomla! Bug Squad
Thank you to the Joomla! Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla!, please report it on the Joomla! CMS Issue Tracker.
Active members of the Joomla! Bug Squad during past 3 months include: Achal Aggarwal, Anderson Martins, Anibal Sanchez, Ben Charlton, Ben Griffin, Brian Teeman, Camden Narzt, Christiane Maier-Stadtherr, Cyril Rezé, Daniel Dimitrov, Denise McLaurin, Dennis Hermacki, easteregg easteregg, Edwin Cheront, Elijah Madden, Fedik Zinchuk, Gary Mort, George Wilson, Hannes Papenberg, Jean-Marie Simonet, Jozsef Tamas Herczeg, Jurian Even, Kevin Griffiths, Kunal Bajpai, Lao Neo, Leo Lammerink, Marc Antoine Thevenet, Marcel van Beelen, Marco Richter, Marko Đedović, Matt Thomas, Max Sarte, Melih Tas, Michael Babker, Mohammad Hasani Eghtedar, Nicholas Dionysopoulos, Nikolai Plath, Parth Lawate, Peter van Westen, Piotr Gasiorowski, Piotr Mocko, Robert Gastaud, Roberto Segura, Samuel Moffatt, Sander Potjer, Serge Litvinov, Simon Asika, Stefania Gaianigo, Thomas Hunziker, Thomas Jackson, Thomas Kuschel, Tino Brackebusch, Tobias Zulauf, Toivo Talikka, Valentin Despa, Yannick Gaultier.
Bug Squad Leadership: Mark Dexter and Nick Savov, Co-Coordinators.
Joomla! Security Strike Team
A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla! secure. Members include: Airton Torres, Alan Langford, Beat, Bill Richardson, Claire Mandville, David Hurley, Don Gilbert, Gary Brooks, Jason Kendall, Javier Gomez, Jean-Marie Simonet, Marijke Stuivenberg, Mark Boos, Mark Dexter, Matias Griese, Michael Babker, Nick Savov, Pushapraj Sharma, Roberto Segura, Rouven Weßling, Thomas Hunziker.
- Project: Joomla!
- SubProject: CMS
- Severity: High
- Versions: 3.1.0 through 3.2.2
- Exploit type: SQL Injection
- Reported Date: 2014-February-06
- Fixed Date: 2014-March-06
- CVE Number: Pending
Description
Inadequate escaping leads to SQL injection vulnerability.
Affected Installs
Joomla! CMS versions 3.1.0 through 3.2.2
Solution
Upgrade to version 3.2.3
Contact
The JSST at the Joomla! Security Center.
Reported By: ??
- Project: Joomla!
- SubProject: CMS
- Severity: Moderate
- Versions: 3.1.2 through 3.2.2
- Exploit type: XSS Vulnerability
- Reported Date: 2014-March-04
- Fixed Date: 2014-March-06
- CVE Number: Pending
Description
Inadequate escaping leads to XSS vulnerability in com_contact.
Affected Installs
Joomla! CMS versions 3.1.2 through 3.2.2
Solution
Upgrade to version 3.2.3
Contact
The JSST at the Joomla! Security Center.
Reported By: ??
The March issue of the Joomla Community Magazine is here! Our stories this month:
Editors Introduction
Joomla! CMS, Joomla! Framework, and Licenses, by Guillermo Bravo
Project News
Leadership Highlights March 2014, by Marijke Stuivenberg
Joomla Certification – We Keep On Moving!, by Irene López
Developers
Practical Development 2: Working Environment, by Marco Dings
Sitebuilders
Building Joomla! Web-Help Systems – Part 2, by Matt Majeske
Using Hidden Menus, by Duke Speer
Joomla! in Education
Why Universities Should Consider Joomla, by Randy Carey
Administrators
Explaining Joomla! to Non-Technologists (Part III), by Pedro F. Vidal Lopez
RTL Administrator Template, and More!, by Shirat Goldstein
Complex Joomla! 1.5 Migration With Minimal Downtime, by Sander Potjer
Events
Joomla! Winter Weekend Podlasie (Poland), by Marek Dylewicz
JoomlaDay Boston 2014, by Dianne Henning
Joomla’s Got Talent – Have you got the J Factor?, by Brian Teeman
International Stories
Browse the international articles submitted this month.
In our next issue
We want to publish your Joomla! story in the next JCM issue! So take a look at our Author Resources content to get a better idea of what we are looking for, and then register to become a JCM author and submit your Joomla! story!
Joomla! 2.5.18 Released
Feb06
The Joomla Project is pleased to announce the immediate availability of Joomla 2.5.18.
Joomla 2.5.18 is a maintenance release. Most notably this release fixes errors that have been reported including:
- Articles missing for admins in front end
- Modules disappear at frontpage after clicking the article title
Also with this release, the enhanced password hashing via PHPass, available in Joomla 3.2.1, is now used with the 2.5 series.
The update process is very simple, and complete instructions are available here. Note that there are now easier and better ways of updating than copying the files with FTP.
Download
New Installations: Click here to download Joomla 2.5.18 (Full package) »
Update Package: Click here to download Joomla 2.5.18 (Update package) »
Note: Please read the update instructions before updating.
Instructions
*Please clear your browser’s cache after upgrading
Want to test drive Joomla? Try the online demo. Documentation is available for beginners.
Release Notes
Check the Joomla 2.5.18 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.
Statistics for the 2.5.18 release period
- 7 tracker issues fixed
See http://developer.joomla.org/version-2-5-18-release-notes.html for details of the tracker items fixed.
How can you help Joomla! development?
There are a variety of ways in which you can get actively involved with Joomla! It doesn’t matter if you are a coder, an integrator, or merely a user of Joomla!. You can contact the Joomla! Community Development Manager, David Hurley, to get more information, or if you are ready you can jump right into the Joomla! Bug Squad.
The Joomla! Bug Squad is one of the most active teams in the Joomla! development process and is always looking for people (not just developers) that can help with sorting bug reports, coding patches and testing solutions. It’s a great way for increasing your working knowledge of Joomla!, and also a great way to meet new people from all around the world.
If you are interested, please read about us on the Joomla! Documentation Wiki and, if you wish to join, email Mark Dexter or Nick Savov, our Bug Squad co-coordinators.
You can also help Joomla! development by thanking those involved in the many areas of the process. In the past year, for example, over 1,100 bugs have been fixed by the Bug Squad.
Contributors
Thank you to the code contributors and active Bug Squad members that created and tested this release:
Achal Aggarwal, Amy Stephen, Brian Teeman, Camden Narzt, Chris Davenport, Cyril Rezé, Daniel Dimitrov, David Hurley, Dennis Hermacki, Don Gilbert, Edwin Cheront, Elijah Madden, Gary Mort, George Wilson, Gunjan Patel, Hannes Papenberg, Javier Gómez, Jean-Marie Simonet, Jozsef Tamas Herczeg, Kevin Griffiths, Kunal Bajpai, leo lammerink, Marc Antoine Thevenet, Matt Thomas, Max Sarte, Melih Tas, Michael Babker, Mohammad Hasani Eghtedar, Parth Lawate, Peter van Westen, Piotr Mocko, Puneet Kala, Robert Gastaud, Roberto Segura, Samuel Moffatt, Sander Potjer, Serge Litvinov, Simon Asika, Thomas Hunziker, Thomas Kuschel, Tino Brackebusch, Tobias Zulauf, Valentin Despa, Yannick Gaultier.
Joomla! Bug Squad
Thank you to the Joomla! Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla!, please report it on the Joomla! CMS Issue Tracker.
Active members of the Joomla! Bug Squad during past 3 months include: Achal Aggarwal, Anderson Martins, Artur StÄpieÅ, Ashan Fernando, Beat, Brian Teeman, Bruno Batista, Buddhima Wijeweera, Camden Narzt, Christelle Olivier, Constantin Romankiewicz, Cyril Rezé, Daniel Dimitrov, David Beuving, David Jardin, Demis Palma, Dennis Hermacki, easteregg easteregg, Edwin Cheront, Elijah Madden, Florian DAL FITTO, Gary Mort, George Wilson, Gunjan Patel, Hannes Papenberg, irbian irbian, Isabelle eff, Jérôme GLATIGNY, Jean-Marie Simonet, jelle kok, Jisse Reitsma, Jozsef Tamas Herczeg, Jurian Even, Kevin Griffiths, Kunal Bajpai, Lao Neo, leo lammerink, Marc Antoine Thevenet, Marcel van Beelen, Marijke Stuivenberg, Mark Dexter, Marko Đedović, Matias Aguirre, Matt Thomas, Max Sarte, Melih Tas, Michael Babker, Michael Dunkle, MIG Manickam, Mohammad Hasani Eghtedar, Nicholas Dionysopoulos, Ofer Cohen, Parth Lawate, patrick kohl, Peter van Westen, Piotr Gasiorowski, Piotr Mocko, Ray Lawlor, Robert Gastaud, Roberto Segura, Samuel Moffatt, Sander Potjer, Serge Litvinov, Simon Asika, Skullbock Skullbock, Stefania Gaianigo, Steve Binkowski, Thomas Hunziker, Thomas Jackson, Thomas Kuschel, Tino Brackebusch, Tobias Zulauf, Tom Hutchison, Valentin Despa, Yannick Gaultier.
Bug Squad Leadership: Mark Dexter and Nick Savov, Co-Coordinators.
Joomla! Security Strike Team
A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla! secure. Members include: Airton Torres, Alan Langford, Beat, Bill Richardson, Claire Mandville, David Hurley, Don Gilbert, Gary Brooks, Jason Kendall, Javier Gomez, Jean-Marie Simonet, Marijke Stuivenberg, Mark Boos, Mark Dexter, Matias Griese, Michael Babker, Nick Savov, Pushapraj Sharma, Rouven Weßling.
Joomla! 3.2.2 Released
Feb06
The Joomla! Project and the Production Leadership Team are proud to announce the release of Joomla! 3.2.2 which resolves a significant number of issues and bugs.
If you are currently running Joomla! 3.2, we recommend that you apply this update immediately via either the one-click update or the update downloads available at http://www.joomla.org/download.html. For other versions of the 3.x series, applying the update is recommended at the next convenient opportunity.
The February issue of the Joomla Community Magazine is here! Our stories this month:
Editors Introduction
All You Need is (Joomla!) Love…, by Dianne Henning
Feature Stories
Women in Joomla!, by Shirat Goldstein
Interview with Chad Windnagle, by Alice Grevet
What Exactly Goes Into Making a Release of the CMS?, by Michael Babker
Developers
Practical Development, by Marco Dings
Administrators
Some Tips for SEO in Joomla 3.0, by David Hoang
Events
CMS Africa Goes to Nairobi, Kenya, by Njenga Hakeenah
Save the Date!, by David Hurley
Project News
Leadership Highlights February 2014, by Marijke Stuivenberg
Roundup from JUG Corner – January 2014, by Ruth Cheesley
Sitebuilders
Joomla! 3.2 New Features: Extension Finder, by Nicola Galgano
Building Joomla Web-Help Systems – Part 1: Choosing an Environment, by Matt Majeske
To LTS or STS?… That is the Question!, by Duke Speer
International Stories
Browse the international articles submitted this month.
In our next issue
We want to publish your Joomla! story in the next JCM issue! So take a look at our Author Resources content to get a better idea of what we are looking for, and then register to become a JCM author and submit your Joomla! story!
After six weeks and more than 9.3 million downloads of WordPress 3.8, we’re pleased to announce WordPress 3.8.1 is now available. Version 3.8.1 is a maintenance releases that addresses 31 bugs in 3.8, including various fixes and improvements for the new dashboard design and new themes admin screen. An issue with taxonomy queries in WP_Query […]
The January issue of the Joomla Community Magazine is here! Our stories this month:
Editors Introduction
Looking to the Future, by Alice Grevet
Feature Stories
Joomla!-Based New Year’s Resolution Ideas, by Jennifer Gress
Project News
Roundup from JUG Corner – December 2013, by Ruth Cheesley
More About Joomla! Certification, by Irene López
Designers
Do You Know Who You Are?, by Ian Nelson
Events
First Joomla! User Group Meeting in Poland, by Danuta Idzik
Developers
Review: Component Creator for Joomla!, by Carlos Rodríguez
Lessons in Good Coding Practices: Don’t Repeat Yourself, by David Hurley
Sitebuilders
Explaining Joomla! for Non-Techies (Part II), by Pedro F. Vidal Lopez
Go that Extra Mile to Deliver Simplicity!, by Gene Page
Using Joomla! as a Help Development Tool, by Matt Majeske
Administrators
Facebook And Your Joomla! Website, by Nicole Ouellette
Google Summer of Code
Google Summer of Code 2013 Summary, by Chad Windnagle
International Stories
Browse the international articles submitted this month.
In our next issue
We want to publish your Joomla! story in the next JCM issue! So take a look at our Author Resources content to get a better idea of what we are looking for, and then register to become a JCM author and submit your Joomla! story!
Joomla! 3.2.1 Released
Dec18
The Joomla! Project and the Production Leadership Team are proud to announce the release of Joomla! 3.2.1 which resolves a significant number of issues and bugs.
If you are currently running Joomla! 3.2, we recommend that you apply this update immediately via either the one-click update or the update downloads available at http://www.joomla.org/download.html. For other versions of the 3.x series, applying the update is recommended at the next convenient opportunity.
Joomla! 2.5.17 Released
Dec18
The Joomla Project is pleased to announce the immediate availability of Joomla 2.5.17.
Joomla 2.5.17 is a maintenance release. Most notably this release fixes errors that have been reported including:
- Registration emails in multilingual websites
- The 2.5.14 to 2.5.16 update errors
- Recaptcha function updated after Google’s API update causing broken captcha
The update process is very simple, and complete instructions are available here. Note that there are now easier and better ways of updating than copying the files with FTP.
Download
New Installations: Click here to download Joomla 2.5.17 (Full package) »
Update Package: Click here to download Joomla 2.5.17 (Update package) »
Note: Please read the update instructions before updating.
Instructions
*Please clear your browser’s cache after upgrading
Want to test drive Joomla? Try the online demo. Documentation is available for beginners.
Release Notes
Check the Joomla 2.5.17 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.
Statistics for the 2.5.17 release period
- 19 tracker issues fixed
See http://developer.joomla.org/version-2-5-17-release-notes.html for details of the tracker items fixed.
How can you help Joomla! development?
There are a variety of ways in which you can get actively involved with Joomla! It doesn’t matter if you are a coder, an integrator, or merely a user of Joomla!. You can contact the Joomla! Community Development Manager, David Hurley, to get more information, or if you are ready you can jump right into the Joomla! Bug Squad.
The Joomla! Bug Squad is one of the most active teams in the Joomla! development process and is always looking for people (not just developers) that can help with sorting bug reports, coding patches and testing solutions. It’s a great way for increasing your working knowledge of Joomla!, and also a great way to meet new people from all around the world.
If you are interested, please read about us on the Joomla! Documentation Wiki and, if you wish to join, email Mark Dexter or Nick Savov, our Bug Squad co-coordinators.
You can also help Joomla! development by thanking those involved in the many areas of the process. In the past year, for example, over 1,150 bugs have been fixed by the Bug Squad.
Contributors
Thank you to the code contributors and active Bug Squad members that created and tested this release:
Achal Aggarwal, Alan Hicks, Amy Stephen, Anderson Martins, Andy Kirk, Artur Stępień, Ashan Fernando, Beat, Brian Teeman, Bruno Batista, Buddhima Wijeweera, Carlos pt, Chris Davenport, Christelle Olivier, Daniel Dimitrov, Daniele Rosario, David Beuving, David Hurley, David Jardin, Demis Palma, Dennis Hermacki, Don Gilbert, Elijah Madden, Elin Waring, Florian Dal Fitto, Gaurav Jain, George Wilson, Gunjan Patel, Hannes Papenberg, Isabelle Eff, Javier Gómez, Jérôme Glatigny, Jean-Marie Simonet, Jelle Kok, Jisse Reitsma, Jozsef Tamas Herczeg, Jurian Even, Kevin Griffiths, Klas Berlič, Lao Neo, Leo Lammerink, Marc Antoine Thevenet, Marcel van Beelen, Marijke Stuivenberg, Mario Proenca, Mark Dexter, Marko Đedović, Matt Thomas, Michael Babker, Mohammad Hasani Eghtedar, Nicholas Dionysopoulos, Nikolai Plath, Ofer Cohen, Panayiotis Halouvas, Patrick Kohl, Peter Bui, Peter Martin, Peter van Westen, Phương Lê, Piotr Cz, Rafael Logvinski, Ray Lawlor, Robert Gastaud, Robert Gregor, Roberto Segura, Simon Asika, Stefania Gaianigo, Steve Binkowski, Thomas Hunziker, Tobias Zulauf, Tom Hutchison, Valentin Despa, Viet Vu, Vitalij Lokucijevskij.
Joomla! Bug Squad
Thank you to the Joomla! Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla!, please report it on the Joomla! CMS Issue Tracker.
Active members of the Joomla! Bug Squad during past 3 months include: Achal Aggarwal, Adelene Teh, Aleksander Linkov, Angelika Reisiger, Anibal Sanchez, Anja Hage, Artur Alves, Ashan Fernando, Beat , Brian Teeman, Chad Windnagle, Constantin Romankiewicz, Daniel Kanchev, David Hurley, Dennis Hermacki, Dimitar Genchev, Duong Nguyen, Edwin Cheront, Elin Waring, George Wilson, Gunjan Patel, Hans Kuijpers, Hervé Boinnard, Hugh Messenger, Janich Rasmussen, Jason Rey, Jérôme GLATIGNY, Jean-Marie Simonet, Jern Wei Tan, Jerri Christiansen, Jozsef Tamas Herczeg, Khai Vu Dinh, klas 10, landor landor, Lao Neo, Lara Petersen, Le Van Thuyet, Leo Lammerink, Loc Le Minh, Lu Nguyen, Marc Antoine Thevenet, Marijke Stuivenberg, Mario Proenca, Mark Dexter, Mark Lee, Matias Aguirre, Michael Babker, Mihail Irintchev, Mike Biolsi, Mike Veeckmans, Nha Bui, Nicholas Dionysopoulos, Nick Savov, Nik Faris Akmal, Ofer Cohen, Olaf Offick, Patrick Alt, Peter Martin, Peter van Westen, Peter Wiseman, Piotr Konieczny, Radek Suski, Richard McDaniel, Rob de Cleen, Robert Deutz, Robert Gastaud, Roberto Segura, Roland Dalmulder, Ronni Christiansen, Sam Teh, Sander Potjer, Sandra Thevenet, Sebastian Łuckoś, Sergio Iglesias, Seth Warburton, Shafiq Mazlan, Stefania Gaianigo, Thomas Hunziker, Tino Brackebusch, TJ Baker, Tobias Zulauf, tompap, Troy Hall, Tu Diep The, Valentin Despa, Victor Drover, Viliam Kubis, Yiliang Yang.
Bug Squad Leadership: Mark Dexter and Nick Savov, Co-Coordinators.
Joomla! Security Strike Team
A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla! secure. Members include: Airton Torres, Alan Langford, Beat, Bill Richardson, Claire Mandville, David Hurley, Don Gilbert, Gary Brooks, Jason Kendall, Javier Gomez, Jean-Marie Simonet, Marijke Stuivenberg, Mark Boos, Mark Dexter, Matias Griese, Michael Babker, Nick Savov, Pushapraj Sharma, Rouven Weßling.
WordPress 3.8 “Parker”
Dec12
Version 3.8 of WordPress, named “Parker” in honor of Charlie Parker, bebop innovator, is available for download or update in your WordPress dashboard. We hope you’ll think this is the most beautiful update yet. Introducing a modern new design WordPress has gotten a facelift. 3.8 brings a fresh new look to the entire admin dashboard. […]
3.8 RC2
Dec10
Release candidate 2 of WordPress 3.8 is now available for download. This is the last pre-release, and we expect it to be effectively identical to what’s officially released to the public on Thursday. This means if you are a plugin or theme developer, start your engines! (If they’re not going already.) Lots of admin code […]
The Joomla! Project and Community is excited to announce the release of the Joomla Framework! The Joomla Framework is a major step forward in the evolution of the Joomla! Project. Taking advantage of years of experience in creating the Joomla! CMS and later the Joomla! Platform, the development team has extracted and refactored many of the essential functions necessary to create, manage and deploy a modern PHP web application and compiled them into a library of modular packages that can be easily mixed and matched with other PHP frameworks and packages using Composer for dependency management.
This step enables two major areas of growth for the Joomla! project:
First, it makes several packages, inspired by the demanding needs of the Joomla! CMS, available to the larger PHP developer community, paving the way to build new web applications and services. These packages are distributed via Packagist.org for use with Composer and can be combined with packages from other best-of-breed PHP frameworks such as Symfony, Zend, and Laravel. Web Applications built on a server with the Joomla! Framework will have the advantage of creating, managing and authenticating user accounts; retrieving, managing and displaying content retrieved from one or more databases; and taking advantage of many social media integration features. For example, the social media packages for Facebook, Google, LinkedIn, and Twitter are well executed. They have a common API that interacts with each of the services, and offers good coverage of each service’s program interface.
Second, it allows a future version of the Joomla! CMS to be built upon this Framework and thereby benefit from the broader base of PHP developers that adopt and can contribute back to the Framework, as well as the dependency management features of Composer. The Framework will bring new rapid development tools to CMS extension developers that will allow them to create and maintain more sustainable and robust extensions.
Together these areas of growth combine to increase the development velocity of the Joomla! project and facilitates project collaboration and growth for the Open Source community as a whole.
What does this mean for the typical user of the Joomla! CMS for their website? Not much at this moment as the Framework is a toolkit for software designers and developers. Downloading the Framework will do nothing to enhance your current Joomla! website. It is, however, a great promise of things to come for future versions of the Joomla! CMS.
A new era of rapid web application development is ahead and the many lightweight, modular and decoupled packages within the Joomla Framework positions the Joomla! Project to be an even more prominent leader in the larger community of Open Source PHP solution developers.
For more information about the Joomla! Framework, please visit http://framework.joomla.org.
WordPress 3.8 RC1
Dec04
We’re entering the quiet but busy part of a release, whittling down issues to bring you all of the new features you’re excited about with the stability you expect from WordPress. There are just a few days from the “code freeze” for our 3.8 release, which includes a number of exciting enhancements, so the focus […]
The December issue of the Joomla Community Magazine is here! Our stories this month:
Editors Introduction
JWC13: Signed, Sealed and Delivered, by Dianne Henning
Feature Stories
So a Joomla! Guy Walks in to a WordCamp…, by Jon Neubauer
Dropping the Joomla! Torch, by Gene Page
WordPress and Drupal at the Joomla! World Conference, by Steve Burge
Administrators
10 Arguments That Threaten the Security of Your Website, by Peter Martin
Sitebuilders
Introduction to the Power of Bootstrap in Joomla!, by Alice Grevet
Developers
Joomla! 3.2 New Features: Post-Install Messages, by Nicola Galgano
Events
One Year of Joomla! Events, by Sigrid Suski
Yeah Baby, I Went to Harvard!, by Helvecio da Silva
Fires were Lit at the First Joomla!Ignite, by Duke Speer
Business Matters
Joomla! Web Development: A Game Changer for Young Entrepreneurs, by Abdulkadir Shehu
Project News
Leadership Highlights – December 2013, by Alice Grevet
Roundup from JUG Corner – November 2013, by Ruth Cheesley
International Stories
Browse the international articles submitted this month.
In our next issue
We want to publish your Joomla! story in the next JCM issue! So take a look at our Author Resources content to get a better idea of what we are looking for, and then register to become a JCM author and submit your Joomla! story!
WordPress 3.8 Beta 1
Nov21
The first beta of the 3.8 is now available, and the next dates to watch out for are code freeze on December 5th and a final release on December 12th. 3.8 brings together several of the features as plugins projects and while this isn’t our first rodeo, expect this to be more beta than usual. […]
- Project: Joomla!
- SubProject: All
- Severity: Moderate
- Versions: 2.5.14 and earlier 2.5.x versions. 3.1.5 and earlier 3.x versions.
- Exploit type: XSS Vulnerability
- Reported Date: 2013-October-26
- Fixed Date: 2013-November-06
- CVE Number:
Description
Inadequate filtering leads to XSS vulnerability in com_contact.
Affected Installs
Joomla! version 2.5.14 and earlier 2.5.x versions; and version 3.1.5 and earlier 3.0.x versions.
Solution
Upgrade to version 2.5.16, 3.1.6 or 3.2.
Contact
The JSST at the Joomla! Security Center.
Reported By: Osanda Malith
Joomla! 2.5.16 Released
Nov07
The Joomla Project is pleased to announce the immediate availability of Joomla 2.5.16. 2.5.16 addresses three critical issues reported after the release of 2.5.15 earlier today. Aside from the links to the download packages, the text of the rest of this article is the same as that of today’s 2.5.15 release.
For users on 2.5.15 who are unable to update to 2.5.16 via the core update component, please download the patch package from http://joomlacode.org/gf/download/frsrelease/18859/91475/Joomla_2.5.15_to_2.5.16-Stable-Patch_Package.zip and install it via your Extension Manager to update.
This is a security release addressing three security issues. The Production Leadership Team’s goal is to continue to provide regular, frequent updates to the Joomla community. Learn more about Joomla! development at the Developer Site.
The update process is very simple, and complete instructions are available here. Note that there are now easier and better ways of updating than copying the files with FTP.
Download
New Installations: Click here to download Joomla 2.5.16 (Full package) »
Update Package: Click here to download Joomla 2.5.16 (Update package) »
Note: Please read the update instructions before updating.
Instructions
*Please clear your browser’s cache after ugprading
Want to test drive Joomla? Try the online demo or the Joomla JumpBox. Documentation is available for beginners.
Release Notes
Check the Joomla 2.5.15 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.
Statistics for the 2.5.15 release period
- Joomla 2.5.15 contains 3 security issues and 32 tracker issues fixed
See http://developer.joomla.org/version-2-5-15-release-notes.html for details of the tracker items fixed.
Security Issues Fixed
- High Priority – Core XSS Vulnerability More information »
- Medium Priority – Core XSS Vulnerability More information »
- Medium Priority – Core XSS Vulnerability More information »
Joomla! Bug Squad
Thanks to the Joomla Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla, please report it on the Joomla! CMS Issue Tracker.
Active members of the Joomla Bug Squad during past 3 months include: Achal Aggarwal, Adelene Teh, Aleksander Linkov, Angelika Reisiger, Anibal Sanchez, Anja Hage, Artur Alves, Ashan Fernando, Beat , Brian Teeman, Chad Windnagle, Constantin Romankiewicz, Daniel Kanchev, David Hurley, Dennis Hermacki, Dimitar Genchev, Duong Nguyen, Edwin Cheront, Elin Waring, George Wilson, Gunjan Patel, Hans Kuijpers, Hervé Boinnard, Hugh Messenger, Janich Rasmussen, Jason Rey, Jérôme GLATIGNY, Jean-Marie Simonet, Jern Wei Tan, Jerri Christiansen, Jozsef Tamas Herczeg, Khai Vu Dinh, klas 10, landor landor, Lao Neo, Lara Petersen, Le Van Thuyet, Loc Le Minh, Lu Nguyen, Marc Antoine Thevenet, Marijke Stuivenberg, Mario Proenca, Mark Dexter, Mark Lee, Matias Aguirre, Michael Babker, Mihail Irintchev, Mike Biolsi, Mike Veeckmans, Nha Bui, Nicholas Dionysopoulos, Nick Savov, Nik Faris Akmal, Ofer Cohen, Olaf Offick, Patrick Alt, Peter Martin, Peter van Westen, Peter Wiseman, Piotr Konieczny, Radek Suski, Richard McDaniel, Rob de Cleen, Robert Deutz, Robert Gastaud, Roberto Segura, Roland Dalmulder, Ronni Christiansen, Sam Teh, Sander Potjer, Sandra Thevenet, Sebastian Łuckoś, Sergio Iglesias, Seth Warburton, Shafiq Mazlan, Stefania Gaianigo, Thomas Hunziker, Tino Brackebusch, TJ Baker, Tobias Zulauf, tompap tompap, Troy Hall, Tu Diep The, Valentin Despa, Victor Drover, Viliam Kubis, Yiliang Yang.
Bug Squad Leadership: Mark Dexter and Nick Savov, Co-Coordinators.
Joomla! Security Strike Team
A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla secure. Members include: Airton Torres, Alan Langford, Beat, Bill Richardson, David Hurley, Don Gilbert, Elin Waring, Gary Brooks, Jason Kendall, Jean-Marie Simonet, Marijke Stuivenberg, Mark Boos, Mark Dexter, Matias Griese, Michael Babker, Nick Savov, Pushapraj Sharma, Rouven Weßling.
Joomla! 2.5.15 Released
Nov06
The Joomla Project is pleased to announce the immediate availability of Joomla 2.5.15. This is a security release addressing three security issues. The Production Leadership Team’s goal is to continue to provide regular, frequent updates to the Joomla community. Learn more about Joomla! development at the Developer Site.
The update process is very simple, and complete instructions are available here. Note that there are now easier and better ways of updating than copying the files with FTP.
Download
New Installations: Click here to download Joomla 2.5.15 (Full package) »
Update Package: Click here to download Joomla 2.5.15 (Update package) »
Note: Please read the update instructions before updating.
Instructions
*Please clear your browser’s cache after ugprading
Want to test drive Joomla? Try the online demo. Documentation is available for beginners.
Release Notes
Check the Joomla 2.5.15 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.
Statistics for the 2.5.15 release period
- Joomla 2.5.15 contains 3 security issues and 32 tracker issues fixed
See http://developer.joomla.org/version-2-5-15-release-notes.html for details of the tracker items fixed.
Security Issues Fixed
- High Priority – Core XSS Vulnerability More information »
- Medium Priority – Core XSS Vulnerability More information »
- Medium Priority – Core XSS Vulnerability More information »
Joomla! Bug Squad
Thanks to the Joomla Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla, please report it on the Joomla! CMS Issue Tracker.
Active members of the Joomla Bug Squad during past 3 months include: Achal Aggarwal, Adelene Teh, Aleksander Linkov, Angelika Reisiger, Anibal Sanchez, Anja Hage, Artur Alves, Ashan Fernando, Beat , Brian Teeman, Chad Windnagle, Constantin Romankiewicz, Daniel Kanchev, David Hurley, Dennis Hermacki, Dimitar Genchev, Duong Nguyen, Edwin Cheront, Elin Waring, George Wilson, Gunjan Patel, Hans Kuijpers, Hervé Boinnard, Hugh Messenger, Janich Rasmussen, Jason Rey, Jérôme GLATIGNY, Jean-Marie Simonet, Jern Wei Tan, Jerri Christiansen, Jozsef Tamas Herczeg, Khai Vu Dinh, klas 10, landor landor, Lao Neo, Lara Petersen, Le Van Thuyet, Loc Le Minh, Lu Nguyen, Marc Antoine Thevenet, Marijke Stuivenberg, Mario Proenca, Mark Dexter, Mark Lee, Matias Aguirre, Michael Babker, Mihail Irintchev, Mike Biolsi, Mike Veeckmans, Nha Bui, Nicholas Dionysopoulos, Nick Savov, Nik Faris Akmal, Ofer Cohen, Olaf Offick, Patrick Alt, Peter Martin, Peter van Westen, Peter Wiseman, Piotr Konieczny, Radek Suski, Richard McDaniel, Rob de Cleen, Robert Deutz, Robert Gastaud, Roberto Segura, Roland Dalmulder, Ronni Christiansen, Sam Teh, Sander Potjer, Sandra Thevenet, Sebastian Łuckoś, Sergio Iglesias, Seth Warburton, Shafiq Mazlan, Stefania Gaianigo, Thomas Hunziker, Tino Brackebusch, TJ Baker, Tobias Zulauf, tompap tompap, Troy Hall, Tu Diep The, Valentin Despa, Victor Drover, Viliam Kubis, Yiliang Yang.
Bug Squad Leadership: Mark Dexter and Nick Savov, Co-Coordinators.
Joomla! Security Strike Team
A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla secure. Members include: Airton Torres, Alan Langford, Beat, Bill Richardson, David Hurley, Don Gilbert, Elin Waring, Gary Brooks, Jason Kendall, Jean-Marie Simonet, Marijke Stuivenberg, Mark Boos, Mark Dexter, Matias Griese, Michael Babker, Nick Savov, Pushapraj Sharma, Rouven Weßling.
- Project: Joomla!
- SubProject: All
- Severity: High
- Versions: 2.5.14 and earlier 2.5.x versions. 3.1.5 and earlier 3.x versions.
- Exploit type: XSS Vulnerability
- Reported Date: 2013-October-25
- Fixed Date: 2013-November-06
- CVE Number:
Description
Inadequate filtering leads to XSS vulnerability in com_contact.
Affected Installs
Joomla! version 2.5.14 and earlier 2.5.x versions; and version 3.1.5 and earlier 3.0.x versions.
Solution
Upgrade to version 2.5.15, 3.1.6 or 3.2.
Contact
The JSST at the Joomla! Security Center.
Reported By: Osanda Malith