[*] Security improvements.
Archive for Releases
[*]Security improvements.
[*] (Windows only) MailEnable was upgraded to version 7.50. (141274)
[*] (Windows only) Panel is shipped with Tomcat 7.0.42 and Java Runtime libraries 7 update 25. (141273)
The following issues have been fixed:
[-] (Linux only) Customers could receive the “Mail Not Delivered” messages even if their email was delivered successfully. (119925)
[-] (Linux only) The virus definitions of Parallels Premium Antivirus by Dr. Web were not updated if the default trial license key was used. (139833)
[-] (Linux only) After Panel was upgraded from version 11.0, PHP scripts could no longer be processed by nginx if SELinux was turned on. The following error was recorded in /var/log/php-fpm/error.log: “php-fpm.sock failed (13: Permission denied)”. (140941) [-] (Linux only) In some cases, Panel did not validate DNS record conflicts if CNAME records were manually modified. The DNS server failed to start. (141147)
[-] (Linux only) The RoundCube webmail was not working due to various errors (PHP errors, memory exhaustion, and so on) if certain classes or functions such as ini_get were disabled in the server-wide php.ini file. (141201)
[-] (Linux only) After upgrading Plesk from version 9.5, customers could no longer back up domains that had subdomains. The following error occurred: “Cannot savedir: Permission denied”. (141214)
[-] (Linux only) The subscription command-line utility could not change the PHP handler for websites. (141238)
[-] (Linux only) Subscriptions could not be synchronized with a service plan if the plan was created using command-line utilities and access to shell was not allowed or was set to chroot. (141254)
[-] (Linux only) The allow and deny access directives of Apache .htaccess worked incorrectly if a reverse proxy in nginx was enabled. (141265)
[-] (Linux only) If Panel was installed without updates, and updates were installed afterwards, email messages could not be sent. The following error occurred: “Warning: the Postfix sendmail command must be installed without set-uid root file permissions”. (141283)
[-] (Linux only) Administrators were unable to turn off the nginx reverse proxy. The following error occurred: “Service /etc/init.d/nginx failed to stop”. (141297)
[-] (Linux only) Customers could not disable DomainKeys email signing on domains after it had been enabled. (141316)
[-] The help page of the dns command-line utility was not localized. (141368)
[-] The help page of the server_dns command-line utility contained errors. (141374)
[-] Backing up to external FTP repositories did not work properly. (141100 and 141338)
[-] Updating of reseller service plans via API-RPC could result in the following error: “PHP Fatal error: Call to undefined method”. (141439)
[-] After upgrading from Plesk 9 it was impossible to remove email accounts with mail forwarding. The following error occurred: “PHP Fatal error: Call to undefined method”. (141453)
[-] Customers could use webmail on their domains even if the domains were suspended. (84187)
[-] (Linux only) Qmail did not accept email messages sent to mailing lists on domain aliases. The following error occurred: “550 sorry, no mailbox here by that name. (#5.7.17)”. (107619)
[-] (Linux only) Panel failed to migrate the Mailman data and settings if the default locale of the source server was German. (133147)
[-] Panel failed to migrate mail relay settings from Plesk 9.x with the error “Unable to set relaying type”. (140277)
[-] (Linux only) Panel failed to migrate databases that use latin-1 character set. In the migrated databases, non-ASCII characters were replaced with question marks. (141027)
[-] Panel did not pass database user passwords to event handlers. (141261)
[-] (Linux only) When administrators executed the statistics utility for a single domain, Panel removed FTP log records for other domains. (141378)
[-] Email notifications about resource overuse that were sent on behalf of the administrator contained wrong sender email addresses. (141380)
[-] Administrators had to complete the post-install configuration of Panel before they could use the server_dns command-line utility. (141502)
[-] Security improvements. (141537)
[-] (Linux only) Kaspersky Antivirus could not be switched on via the API-RPC. (141491)
[-] (Linux only) Message submission did not work after installing updates on Panel 11.5.30. (141740)
[-] (Windows only) Domains could not be migrated from Plesk 9 if mail accounts on source servers had a password containing a quotation mark (“) (141054)
[-] (Windows only) AWStats statistics processed log files very slowly because of excessive DNS lookups. (137500)
[-] (Windows only) IP addresses that were no longer used could not be removed from the server IP pool. The following error occurred: “The IP address x.x.x.x is already used for hosting”. (141139)
[-] (Windows only) Panel did not include some DNS records from the server-wide DNS template into DNS zones of newly created domains. (132577)
[-] (Windows only) Users were unable to log in to Control Panel from Customer & Business Manager by clicking Business Operations > Subscriptions > <subscription name> > Log In. They encountered the following error: “Internal error: SQLSTATE[42S22]: Column not found: 1054 Unknown column ‘externalId’ in ‘where clause’.” (141454)
[-] (Windows only) Users were unable to import database backups through phpMyAdmin. (141524)
Flexibleres GUI erleichtert und vereinfacht die Verwaltung der weltweit populärsten Open Source Datenbank
The following issues have been fixed:
[-]Security improvements. We would like to thank Rack911.com for their help in investigating a number of security issues.
The following issues have been fixed:
[-]Security improvements. We would like to thank Rack911.com for their help in investigating a number of security issues.
The following features have been improved:
The following issues have been fixed:
[-] (Linux only) Data transfers from Plesk failed if a source server had an APS application and an SSL certificate installed on the main domain. The following error was encountered: “Line 2519 error: Element ‘certificates’: This element is not expected.” (138313)
[-] (Linux only) Configuration generated successfully for domains with the frame forwarding hosting type which were not assigned any IP addresses. (72945)
[-] (Linux only) Newly created domains were not accessible if Panel installation was moved to a new directory with a symbolic link from the old installation’s location. (78435)
[-] Panel UI processed operations with the list of customers very slowly if at least one customer had a large number (more than a thousand) of subscriptions. (93163)
[-] After upgrading from Plesk 9.5.4, the turned off mail forwarding operation became active again. (100438)
[-] (Linux only) Plesk Mobile Manager for iPhone was unable to connect to Panel. (114780)
[-] (Linux only) When Migration & Transfer Manager was trying to download data from the source server, the transfer operation could fail with the message: “Error: pmm utility ‘migration_handler’ raised an exception. Error code is: 1” (140299)
[-] (Linux only) The domain command-line utility failed to enable the mail service for a domain if this domain had been created while no mail service had been installed in Panel. Panel issued the message: “PHP Fatal error”. (140833)
[-] (Linux only) Administrators could not adjust mail server settings in Administrator’s Panel after switching from Qmail to Postfix if short mail account names were allowed in Qmail settings. (140837)
[-] (Linux only) After upgrading to Panel 11.5, Panel failed to generate the Apache configuration files if the PHP setting max_execution_time was set to “0”. Panel raised the error: “Template_Exception: Syntax error on line 64”. (140853)
[-] (Linux only) The command-line utilities domain and subscription raised errors on attempts to obtain information about domains with hosting type “No hosting”. (140924)
[-] Subscriptions suspended due to traffic overuse were not automatically unsuspended at the beginning of the next month. (140939)
[-] Customers without subscriptions could not use the Panel’s built-in search. They encountered an “Internal error”. (140989)
[-] (Windows only) Panel displayed an unclear error message on the File Sharing page if the system user account was changed or removed by administrator in the operating system settings. (105470)
[-] (Windows only) The installation of the Formmail APS application failed with the error: “Error: Installation of formmail at http://example.com/formmail failed.” (132784)
[-] (Windows only) AWStats did not calculate web statistics for a domain with the WWW prefix and all the domain’s aliases. (140882)
[-] (Windows only) Certificate signing requests could not be generated properly via Plesk XML-RPC API. (140900)
[-] (Windows only) Customers were unable to retrieve a forgotten password from Panel if Panel was configured to work with Microsoft SQL Server. They encountered the “Operation failed” error. (141099)
The following issue has been fixed:
[-] After the upgrade to Panel 11.5 from Panel 11.0 with installed Plesk Mobile extension v1.1, users were unable to log in to the Control Panel. Panel displayed errors beginning with “PHP Runtime Notice”. (141093)
[*] Improved the Objects To Transfer page for transfers from legacy products such as Ensim or Confixx. (139559)
[*] Security improvements. (140735)
The following issues have been fixed:
[-] (Linux only) Panel displayed confusing error messages when restoring backups created by Panel 9.5.4. (69420)
[-] After upgrading from Plesk 8.x or 9.x, mail users of a customer’s subscription could access other subscriptions of the same customer. (72902)
[-] Panel sent summary reports (Home > Tools & Settings > Summary Report) by email in plain text although they were supposed to be HTML pages. (139652)
[-] Administrators could not include domain names in the files of the default virtual host template using the @domain_name@ variable. (140092)
[-] (Linux only) Administrators could not create more user accounts after a successful creation of a large number of accounts (over 3000) because the allowed memory size was exhausted. (140167)
[-] Panel failed to save personal FTP repository settings if users specified a Directory for backup files storage that starts with ‘/’. (140209)
[-] Resellers could set resource limits of their customer’s subscriptions so that these limits would exceed the limits of resources available to the resellers. (140389)
[-] Customers could change their Preferred domain even if they did not have the Domain management permission. (140480)
[-] (Linux only) When administrator ran vzpkg update on a Parallels Virtuozzo Container with Panel, the following error occurred: “Dependencies cannot be resolved”. (140610)
[-] (Linux only) Users could not delete wildcard subdomains with mail service switched on. (138504)
[-] (Linux only) Panel failed to update and upgrade if PHP from the Webtatic repository was installed on the server. (138635)
[-] Panel did not warn users that all website content will be removed when they switched their domains’ hosting type from Website hosting to Forwarding or No web hosting. (140731)
[-] Security improvements. (140797)
[-] (Linux only) The statistics utility failed to calculate statistics for additional domains and subdomains. (140746)
[-] (Linux only) Administrators could not retrieve additional Parallels Premium Antivirus license keys through the Panel GUI. (140803)
[-] (Linux only) Customers could not set the value of the max_execution_time PHP setting to 0. The following error occurred: “Template_Exception: Syntax error on line 64 of /etc/apache2/plesk.conf.d/vhosts/.conf: FcgidIOTimeout must be greater than 0”. (140849)
[-] (Windows only) Administrators were unable to create domains with international domain names by means of API RPC or command line utilities if the Panel mail server supported ‘mbox_quota’ or ‘total_mboxes_quota’ limits (for example, the IceWarp Merak mail server). (71958)
[-] (Windows only) Panel failed to migrate data from Plesk 8.x or 9.x if Apache was running on the source server. (91307)
[-] (Windows only) Panel incorrectly transferred DNS SRV records when transferring domains from Panel 10.4.4. (139162)
[-] (Windows only) Administrators could not switch on the option Always assign one application pool to each subscription on the Tools & Settings > IIS Application Pool > Global Settings page if there was at least one subscription with the Forwarding hosting type on the server. (140363)
[-] (Windows only) Panel failed to restore system users from backups if the users’ passwords contained the symbol ” (double quote). (140394)
[-] (Windows only) Additional administrators could not add mass email templates. Panel raised the error “500 – Internal server error. There is a problem with the resource you are looking for, and it cannot be displayed.” (140478)
[-] (Windows only) When transferring data from another server, Panel failed to transfer mail content of mailboxes that had subfolders within the Inbox folder. (140616)
[-] (Windows only) The utility web_statistics_executor.exe stopped generating web statistics for all domains if an error occurred while processing a domain. (140717)
[-] (Windows only) Panel failed to migrate FTP accounts created for subdomains from Plesk 9.5. The following error occurred: “Unable to create FTP account: There are no available resources of this type (additional FTP accounts) left. Requested: 1; available: 0.” (140725)
The following issues have been fixed:
[-] (Windows only) Security fix: BIND has been updated to version 9.8.5-P2, that also fixes CVE-2013-4854
[-] Security improvements. We would like to thank Rack911.com for their help in investigating a number of security issues.
The following issues have been fixed:
[-] (Windows only) Security fix: BIND has been updated to version 9.9.3-P2, that also fixes CVE-2013-4854
[-] Security improvements. We would like to thank Rack911.com for their help in investigating a number of security issues.
[-] Plesk provisioning through Parallels Automation may not work after upgrade from older Plesk versions (140589)
Joomla! 2.5.14 Released
The Joomla Project is pleased to announce the immediate availability of Joomla 2.5.14. This is a security release addressing a critical level security issue. The Production Leadership Team’s goal is to continue to provide regular, frequent updates to the Joomla community. Learn more about Joomla! development at the Developer Site.
The update process is very simple, and complete instructions are available here. Note that there are now easier and better ways of updating than copying the files with FTP.
Joomla 1.5 is also impacted by this security issue. Additional information may be found at http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=31626
Download
New Installations: Click here to download Joomla 2.5.14 (Full package) »
Update Package: Click here to download Joomla 2.5.14 (Update package) »
Note: Please read the update instructions before updating.
Instructions
*Please clear your browser’s cache after ugprading
Want to test drive Joomla? Try the online demo or the Joomla JumpBox. Documentation is available for beginners.
Release Notes
Check the Joomla 2.5.14 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.
Statistics for the 2.5.14 release period
- Joomla 2.5.14 contains 1 security issue and 1 tracker issue fixed
See http://developer.joomla.org/version-2-5-14-release-notes.html for details of the tracker items fixed.
Security Issues Fixed
- Critical Priority – Core – Unauthorised Upload. More information »
Joomla! Bug Squad
Thanks to the Joomla Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla, please report it on the Joomla! CMS Issue Tracker.
Active members of the Joomla Bug Squad during past 3 months include: Achal Aggarwal, Adelene Teh, Aleksander Linkov, Angelika Reisiger, Anibal Sanchez, Anja Hage, Artur Alves, Ashan Fernando, Beat , Brian Teeman, Chad Windnagle, Constantin Romankiewicz, Daniel Kanchev, David Hurley, Dennis Hermacki, Dimitar Genchev, Duong Nguyen, Edwin Cheront, Elin Waring, George Wilson, Gunjan Patel, Hans Kuijpers, Hervé Boinnard, Hugh Messenger, Janich Rasmussen, Jason Rey, Jérôme GLATIGNY, Jean-Marie Simonet, Jern Wei Tan, Jerri Christiansen, Jozsef Tamas Herczeg, Khai Vu Dinh, klas 10, landor landor, Lao Neo, Lara Petersen, Le Van Thuyet, Loc Le Minh, Lu Nguyen, Marc Antoine Thevenet, Marijke Stuivenberg, Mario Proenca, Mark Dexter, Mark Lee, Matias Aguirre, Michael Babker, Mihail Irintchev, Mike Biolsi, Mike Veeckmans, Nha Bui, Nicholas Dionysopoulos, Nick Savov, Nik Faris Akmal, Ofer Cohen, Olaf Offick, Patrick Alt, Peter Martin, Peter van Westen, Peter Wiseman, Piotr Konieczny, Radek Suski, Richard McDaniel, Rob de Cleen, Robert Deutz, Robert Gastaud, Roberto Segura, Roland Dalmulder, Ronni Christiansen, Sam Teh, Sander Potjer, Sandra Thevenet, Sebastian Łuckoś, Sergio Iglesias, Seth Warburton, Shafiq Mazlan, Stefania Gaianigo, Thomas Hunziker, Tino Brackebusch, TJ Baker, Tobias Zulauf, tompap tompap, Troy Hall, Tu Diep The, Valentin Despa, Victor Drover, Viliam Kubis, Yiliang Yang.
Bug Squad Leadership: Mark Dexter and Nick Savov, Co-Coordinators. Super-star contributors and leaders by example: David Hurley, Jean-Marie Simonet, Brian Teeman, Elin Waring, Marc Antoine Thevenet, Michael Babker, and Roberto Segura.
Joomla! Security Strike Team
A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla secure. Members include: Airton Torres, Alan Langford, Beat, Bill Richardson, David Hurley, Don Gilbert, Elin Waring, Gary Brooks, Jason Kendall, Jean-Marie Simonet, Marijke Stuivenberg, Mark Boos, Mark Dexter, Matias Griese, Michael Babker, Nick Savov, Pushapraj Sharma, Rouven Weßling.
The Joomla Project is pleased to announce the immediate availability of Joomla 3.1.5. This is a security release addressing a critical level security issue. The Production Leadership Team’s goal is to continue to provide regular, frequent updates to the Joomla community. Learn more about Joomla! development at the Developer Site.
The update process is very simple, and complete instructions are available here. Note that there are now easier and better ways of updating than copying the files with FTP.
Joomla 1.5. is also impacted by this security issue. Additional information may be found at http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=31626
Download
New Installations: Click here to download Joomla 3.1.5 (Full package) »
Update Package: Click here to download Joomla 3.1.x to 3.1.5 (Update package) »
Note: Please read the instructions below.
Instructions
- New installation and technical requirements
- 3.x Upgrade instructions*
- FAQ on updating from 2.5.x (if desired)*. Please read the entire FAQ to get all the pertinent information.
- Migration from Joomla! 1.5.x
*Please be sure to clear your browser’s cache after upgrading.
Want to test drive Joomla? Try the online demo or the Joomla JumpBox. Documentation is available for beginners.
Please note that you should always backup your site before upgrading.
Release Notes
Check the Joomla 3.1.5 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.
Statistics for the 3.1.5 release period
- Joomla 3.1.5 contains:
- 1 security issue fixed
- 7 tracker issues fixed
Security issues fixed
- Critical Priority – Core – Unauthorised Upload. More information »
See http://developer.joomla.org/version-3-1-5-release-notes.html for details of the tracker items fixed.
What are the new features of the Joomla! 3 series?
- Incorporation of Twitter Bootstrap into a jui media package.
- A new responsive administrator template –Isis– and interface.
- A new front end template –Protostar– built using Twitter Bootstrap
- Updated accessible template called Beez3
- Tags (click here to see the recent blog post about it)
- PostgreSQL Driver. You will be able to run Joomla 3.1 sites using the PostgreSQL database.
- PHP Memcached Driver
- Use of JFeed for feed management rather than SimplePie
- Installation of language packages directly from the extension manager
- Guest user group present by default
- Saving blank articles allowed
- New administrator statistics module
- Update TinyMCE to version 3.5.6
- Continued clean up of older unused code, files and database fields and tables and improved standardization of tables.
- Improvements to Smart Search
- Extensive work on code style standardisation and consistency
- Unit testing in the CMS
- Updated system tests in the CMS
- Multilanguage: adding items associations in remaining core components.
- Language Installation tool for the Joomla Installer.
- Items associations in multi-language
- Allow different update packages for different version dev levels
- Added note form field
- Show logs in debug console
- Refactor installation to use new application and MVC classes
- Added pagination in COM_SEARCH component
- Added triggers on save for com_config
- JPlugin autoloadLanguage property
- Added SQL Server subclass for FinderIndexer
- Media wiki package
- OpenStreetMap package
- UNION ALL feature
How can I update from Joomla! 3.0 to 3.1?
Joomla 3.0 to 3.1 is a one-click upgrade with backward compatibility and is NOT a migration. The same is true is for any subsequent versions in the Joomla 3 series. Thus, if you’re running a Joomla 3.0 site, please one-click upgrade, within the Joomla! Update component, to Joomla 3.1 to get the new features and the latest bugs fixes.
Will I be able to update directly to Joomla! 3 from Joomla! 2.5?
Moving to Joomla 3.x from Joomla 2.5 will be a mini-migration not an upgrade, although for the core of Joomla! the migration should be simple. However, it is likely that templates for Joomla 2.5 will need modification to work with Joomla 3 as will many extensions. Always test prior to migrating and consult with the developers of any extensions and templates you use.
What is the status of Joomla! 2.5?
Version 2.5 of the Joomla! CMS is a Long Term Support release and support for it will continue until shortly after the release of Joomla 3.5 scheduled for Spring 2014. Joomla 2.5 users do not need to migrate to Joomla 3.1.
What is the status of Joomla! 1.5?
Support for Joomla 1.5 ended in April of 2012 and we continued to support it unofficially until the end of 2012 for medium to high priority security issues.
Does that mean your 1.5 site will suddenly stop working? No, your site will continue to work as it always has. However, Joomla’s developers will not be releasing new versions for Joomla 1.5, so you won’t be getting bug fixes or security fixes. For this reason, it’s recommended to migrate from 1.5.
Moving from 2.5 to any Joomla 3 version is relatively simple, since Joomla has made the process easy for newer versions. Unfortunately, moving from 1.5 is not a trivial task. Fortunately, there are two good extensions that make the process easier:jUpgrade and SPUpgrade.
You have a choice of going straight to Joomla 3.1 or going to 2.5 first. Both jUpgrade and SPUpgrade have versions ready for both versions. Please consult with their documentation on how to migrate from Joomla 1.5 to 3.1/2.5.
For most new/migrated sites, the Joomla! 3 series is the preferred series and starting on it avoids a mini-migration from Joomla 2.5 later down the road. Starting on the Joomla 3 series for a new/migrated site, also provides you with longer backward compatible support (with one-click upgrades) than starting a new site on 2.5 right now, because support for 3.x ends in 2016.
Joomla! Bug Squad
Thanks to the Joomla Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla, please report it on the Joomla! CMS Issue Tracker.
Active members of the Joomla Bug Squad during past 3 months include: Achal Aggarwal, Adelene Teh, Aleksander Linkov, Angelika Reisiger, Anibal Sanchez, Anja Hage, Artur Alves, Ashan Fernando, Beat , Brian Teeman, Chad Windnagle, Constantin Romankiewicz, Daniel Kanchev, David Hurley, Dennis Hermacki, Dimitar Genchev, Duong Nguyen, Edwin Cheront, Elin Waring, George Wilson, Gunjan Patel, Hans Kuijpers, Hervé Boinnard, Hugh Messenger, Janich Rasmussen, Jason Rey, Jérôme GLATIGNY, Jean-Marie Simonet, Jern Wei Tan, Jerri Christiansen, Jozsef Tamas Herczeg, Khai Vu Dinh, klas 10, landor landor, Lao Neo, Lara Petersen, Le Van Thuyet, Loc Le Minh, Lu Nguyen, Marc Antoine Thevenet, Marijke Stuivenberg, Mario Proenca, Mark Dexter, Mark Lee, Matias Aguirre, Michael Babker, Mihail Irintchev, Mike Biolsi, Mike Veeckmans, Nha Bui, Nicholas Dionysopoulos, Nick Savov, Nik Faris Akmal, Ofer Cohen, Olaf Offick, Patrick Alt, Peter Martin, Peter van Westen, Peter Wiseman, Piotr Konieczny, Radek Suski, Richard McDaniel, Rob de Cleen, Robert Deutz, Robert Gastaud, Roberto Segura, Roland Dalmulder, Ronni Christiansen, Sam Teh, Sander Potjer, Sandra Thevenet, Sebastian Łuckoś, Sergio Iglesias, Seth Warburton, Shafiq Mazlan, Stefania Gaianigo, Thomas Hunziker, Tino Brackebusch, TJ Baker, Tobias Zulauf, tompap tompap, Troy Hall, Tu Diep The, Valentin Despa, Victor Drover, Viliam Kubis, Yiliang Yang.
Bug Squad Leadership: Mark Dexter and Nick Savov, Co-Coordinators. Super-star contributors and leaders by example: David Hurley, Jean-Marie Simonet, Brian Teeman, Elin Waring, Marc Antoine Thevenet, Michael Babker, and Roberto Segura.
Joomla! Security Strike Team
A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla secure. Members include: Airton Torres, Alan Langford, Beat, Bill Richardson, David Hurley, Don Gilbert, Elin Waring, Gary Brooks, Jason Kendall, Jean-Marie Simonet, Marijke Stuivenberg, Mark Boos, Mark Dexter, Matias Griese, Michael Babker, Nick Savov, Pushapraj Sharma, Rouven Weßling.
How can you help Joomla! development?
There are a variety of ways in which you can get actively involved with Joomla! It doesn’t matter if you are a coder, an integrator, or merely a user of Joomla!. You can contact the Joomla! Community Development Manager, David Hurley, [email protected], to get more information, or if you are ready you can jump right into the Joomla! Bug Squad.
The Joomla Bug Squad is one of the most active teams in the Joomla development process and is always looking for people (not just developers) that can help with sorting bug reports, coding patches and testing solutions. It’s a great way for increasing your working knowledge of Joomla, and also a great way to meet new people from all around the world.
If you are interested, please read about us on the Joomla Wiki and, if you wish to join, email Mark Dexter, one of the Bug Squad co-coordinators.
You can also help Joomla development by thanking those involved in the many areas of the process. The project also wants to thank all of the people who have taken the time to prepare and submit work to be included in the Joomla CMS, and to those who have worked very hard on the Joomla Framework.
The following issue has been fixed:
[-] Security improvements.*
Important: Regular updates of Parallels Plesk Panel and third-party components guarantee that your server stays secure against malicious attacks.
* We would like to thank Rack911.com for their help in investigating a number of security issues.
[*] Now the mail service works on domains suspended through the Panel GUI.
Before | Now |
When a user suspended a domain in the Control Panel, the mail service stopped working. Hence, the owners of mail accounts on this domain could not send and receive emails. | When a user suspends a domain in the Control Panel, the mail service keeps working. Additionally, the user has an option to disable the domain. In this case, the mail service will be stopped as well. |
The following issues have been fixed:
[-] Customers were able to select the Mailbox option on the mail account creation page even if they already reached the limit on mailboxes in the corresponding subscription. (126052)
[-] (Linux only) After upgrading from Panel 11.0.9 to Panel 11.5, Panel did not report errors if it failed to convert mail accounts with mixed-case names to lowercase. (139484)
[-] Security improvements. (139537)
[-] (Linux only) Administrators could not restart nginx and PHP-FPM after changing the system user name of the owner of a website that uses PHP-FPM. (140075)
[-] (Linux only) On the transfer pre-check page, Panel did not inform administrators about potential problems that could occur when Mailman was installed on the source server and was not installed on the destination server. (120244)
[-] (Linux only) The plesk utility did not accept arguments in quotes. (140201)
[-] (Linux only) Panel firewall incorrectly blocked most of outgoing connections. (139010, 139011, 139012)
[-] (Linux only) The warning message on the Forgot your password page was unreadable in the Russian locale. (81562)
[-] Event handlers for the event Subdomain of a default domain created did not work if they were configured to run the subdomain utility. (122382)
[-] (Linux only) The help page for the admin command-line utility did not inform administrators that certain options work only in custom view. (139922)
[-] (Windows only) Customers saw the error 0x800710D8 if they had a subscription that contained a large number of domains (more than 200). (110658)
[-] (Windows only) Panel did not update license keys automatically. (92983)
[-] (Windows only) Panel failed to restore mailboxes with passwords that did not meet the server security requirements. (138318)
[-] (Windows only) The web_statistics_executor.exe utility did not generate statistics for individual domains. (140166)
The Joomla Project is pleased to announce the immediate availability of Joomla 3.1.4. This is a maintenance release with no security fixes. The Production Leadership Team’s goal is to continue to provide regular, frequent updates to the Joomla community. Learn more about Joomla! development at the Developer Site.
The update process is very simple, and complete instructions are available here. Note that there are now easier and better ways of updating than copying the files with FTP.
Download
New Installations: Click here to download Joomla 3.1.4 (Full package) »
Update Package: Click here to download Joomla 3.1.x to 3.1.4 (Update package) »
Note: Please read the instructions below.
Instructions
- New installation and technical requirements
- 3.x Upgrade instructions*
- FAQ on updating from 2.5.x (if desired)*. Please read the entire FAQ to get all the pertinent information.
- Migration from Joomla! 1.5.x
*Please be sure to clear your browser’s cache after upgrading.
Want to test drive Joomla? Try the online demo or the Joomla JumpBox. Documentation is available for beginners.
Please note that you should always backup your site before upgrading.
What are the new features of Joomla! 3.1.4?
- 29855 – Automatically set $db and $app properties on plugins
- 31349 – Display Error Message when Magic Quotes is Enabled
- 31488 – Added Observer pattern to JTable
- 31289 – Added JResponseJson as a CMS library class
- 31087 – Add SQL queries profiler in Debug zone
- 30966 – Added handling for punycode urls and email addresses
- 29945 – Show Joomla username in admin area
- 31130 – Added js files to protostar template
- 30370 – Added ability to add sprintf variables to JText string
- 30324 – Added ability to restrict the number of displayed results to mod_related_items
- 30525 – Added a PSR-0 compatible autoloader to JLoader
- 30931 – Allow folder names without ‘s’ at the end
- 31004 – Add JTwitter package to /libraries/joomla
Release Notes
Check the Joomla 3.1.4 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.
Statistics for the 3.1.4 release period
- Joomla 3.1.4 contains:
- no security issues fixed
- 247 tracker issues fixed
See http://developer.joomla.org/version-3-1-4-release-notes.html for details of the tracker items fixed.
What are the other new features of the Joomla! 3 series?
- Incorporation of Twitter Bootstrap into a jui media package.
- A new responsive administrator template–Isis– and interface.
- A new front end template–Protostar– built using Twitter Bootstrap
- Updated accessible template called Beez3
- Tags (click here to see the recent blog post about it)
- PostgreSQL Driver. You will be able to run Joomla 3.1 sites using the PostgreSQL database.
- PHP Memcached Driver
- Use of JFeed for feed management rather than SimplePie
- Installation of language packages directly from the extension manager
- Guest user group present by default
- Saving blank articles allowed
- New administrator statistics module
- Update TinyMCE to version 3.5.6
- Continued clean up of older unused code, files and database fields and tables and improved standardization of tables.
- Improvements to Smart Search
- Extensive work on code style standardisation and consistency
- Unit testing in the CMS
- Updated system tests in the CMS
- Multilanguage: adding items associations in remaining core components.
- Language Installation tool for the Joomla Installer.
- Items associations in multi-language
- Allow different update packages for different version dev levels
- Added note form field
- Show logs in debug console
- Refactor installation to use new application and MVC classes
- Added pagination in COM_SEARCH component
- Added triggers on save for com_config
- JPlugin autoloadLanguage property
- Added SQL Server subclass for FinderIndexer
- Media wiki package
- OpenStreetMap package
- UNION ALL feature
How can I update from Joomla! 3.0 to 3.1?
Joomla 3.0 to 3.1 is a one-click upgrade with backward compatibility and is NOT a migration. The same is true is for any subsequent versions in the Joomla 3 series. Thus, if you’re running a Joomla 3.0 site, please one-click upgrade, within the Joomla! Update component, to Joomla 3.1 to get the new features and the latest bugs fixes.
Will I be able to update directly to Joomla! 3 from Joomla! 2.5?
Moving to Joomla 3.x from Joomla 2.5 will be a mini-migration not an upgrade, although for the core of Joomla! the migration should be simple. However, it is likely that templates for Joomla 2.5 will need modification to work with Joomla 3 as will many extensions. Always test prior to migrating and consult with the developers of any extensions and templates you use.
What is the status of Joomla! 2.5?
Version 2.5 of the Joomla! CMS is a Long Term Support release and support for it will continue until shortly after the release of Joomla 3.5 scheduled for Spring 2014. Joomla 2.5 users do not need to migrate to Joomla 3.1.
What is the status of Joomla! 1.5?
Support for Joomla 1.5 ended in April of 2012 and we continued to support it unofficially until the end of 2012 for medium to high priority security issues.
Does that mean your 1.5 site will suddenly stop working? No, your site will continue to work as it always has. However, Joomla’s developers will not be releasing new versions for Joomla 1.5, so you won’t be getting bug fixes or security fixes. For this reason, it’s recommended to migrate from 1.5.
Moving from 2.5 to any Joomla 3 version is relatively simple, since Joomla has made the process easy for newer versions. Unfortunately, moving from 1.5 is not a trivial task. Fortunately, there are two good extensions that make the process easier: jUpgrade and SPUpgrade.
You have a choice of going straight to Joomla 3.1 or going to 2.5 first. Both jUpgrade and SPUpgrade have versions ready for both versions. Please consult with their documentation on how to migrate from Joomla 1.5 to 3.1/2.5.
For most new/migrated sites, the Joomla! 3 series is the preferred series and starting on it avoids a mini-migration from Joomla 2.5 later down the road. Starting on the Joomla 3 series for a new/migrated site, also provides you with longer backward compatible support (with one-click upgrades) than starting a new site on 2.5 right now, because support for 3.x ends in 2016.
Joomla! Bug Squad
Thanks to the Joomla Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla, please report it on the Joomla! CMS Issue Tracker.
Active members of the Joomla Bug Squad during past 3 months include: Achal Aggarwal, Adelene Teh, Aleksander Linkov, Angelika Reisiger, Anibal Sanchez, Anja Hage, Artur Alves, Ashan Fernando, Beat , Brian Teeman, Chad Windnagle, Constantin Romankiewicz, Daniel Kanchev, David Hurley, Dennis Hermacki, Dimitar Genchev, Duong Nguyen, Edwin Cheront, Elin Waring, George Wilson, Gunjan Patel, Hans Kuijpers, Hervé Boinnard, Hugh Messenger, Janich Rasmussen, Jason Rey, Jérôme GLATIGNY, Jean-Marie Simonet, Jern Wei Tan, Jerri Christiansen, Jozsef Tamas Herczeg, Khai Vu Dinh, klas 10, landor landor, Lao Neo, Lara Petersen, Le Van Thuyet, Loc Le Minh, Lu Nguyen, Marc Antoine Thevenet, Marijke Stuivenberg, Mario Proenca, Mark Dexter, Mark Lee, Matias Aguirre, Michael Babker, Mihail Irintchev, Mike Biolsi, Mike Veeckmans, Nha Bui, Nicholas Dionysopoulos, Nick Savov, Nik Faris Akmal, Ofer Cohen, Olaf Offick, Patrick Alt, Peter Martin, Peter van Westen, Peter Wiseman, Piotr Konieczny, Radek Suski, Richard McDaniel, Rob de Cleen, Robert Deutz, Robert Gastaud, Roberto Segura, Roland Dalmulder, Ronni Christiansen, Sam Teh, Sander Potjer, Sandra Thevenet, Sebastian Łuckoś, Sergio Iglesias, Seth Warburton, Shafiq Mazlan, Stefania Gaianigo, Thomas Hunziker, Tino Brackebusch, TJ Baker, Tobias Zulauf, tompap tompap, Troy Hall, Tu Diep The, Valentin Despa, Victor Drover, Viliam Kubis, Yiliang Yang.
Bug Squad Leadership: Mark Dexter and Nick Savov, Co-Coordinators. Super-star contributors and leaders by example: David Hurley, Jean-Marie Simonet, Brian Teeman, Elin Waring, Marc Antoine Thevenet, Michael Babker, and Roberto Segura.
Joomla! Security Strike Team
A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla secure. Members include: Airton Torres, Alan Langford, Beat, Bill Richardson, Brian Teeman, David Hurley, Don Gilbert, Elin Waring, Gary Brooks, Jason Kendall, Jean-Marie Simonet, Marijke Stuivenberg, Mark Boos, Mark Dexter, Matias Griese, Michael Babker, Nick Savov, Pushapraj Sharma, Rouven Weßling.
How can you help Joomla! development?
There are a variety of ways in which you can get actively involved with Joomla! It doesn’t matter if you are a coder, an integrator, or merely a user of Joomla!. You can contact the Joomla! Community Development Manager, David Hurley, [email protected], to get more information, or if you are ready you can jump right into the Joomla! Bug Squad.
The Joomla Bug Squad is one of the most active teams in the Joomla development process and is always looking for people (not just developers) that can help with sorting bug reports, coding patches and testing solutions. It’s a great way for increasing your working knowledge of Joomla, and also a great way to meet new people from all around the world.
If you are interested, please read about us on the Joomla Wiki and, if you wish to join, email Mark Dexter, one of the Bug Squad co-coordinators.
You can also help Joomla development by thanking those involved in the many areas of the process. The project also wants to thank all of the people who have taken the time to prepare and submit work to be included in Joomla 1.6,1.7, 2.5, & 3.0, 3.1, and to those who have worked very hard on the Joomla Framework.
Joomla! 2.5.13 Released
The Joomla Project is pleased to announce the immediate availability of Joomla 2.5.13. This is a maintenance release with no security fixes. The Production Leadership Team’s goal is to continue to provide regular, frequent updates to the Joomla community. Learn more about Joomla! development at the Developer Site.
The update process is very simple, and complete instructions are available here. Note that there are now easier and better ways of updating than copying the files with FTP.
Download
New Installations: Click here to download Joomla 2.5.13 (Full package) »
Update Package: Click here to download Joomla 2.5.13 (Update package) »
Note: Please read the update instructions before updating.
Instructions
*Please clear your browser’s cache after ugprading
Want to test drive Joomla? Try the online demo or the Joomla JumpBox. Documentation is available for beginners.
Release Notes
Check the Joomla 2.5.13 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.
Statistics for the 2.5.13 release period
- Joomla 2.5.13 contains 25 tracker issues fixed
See http://developer.joomla.org/version-2-5-13-release-notes.html for details of the tracker items fixed.
Security Issues Fixed
- Joomla 2.5.13 is a maintenance release. There were no security fixes fixed in this release.
Joomla! Bug Squad
Thanks to the Joomla Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla, please report it on the Joomla! CMS Issue Tracker.
Active members of the Joomla Bug Squad during past 3 months include: Achal Aggarwal, Adelene Teh, Aleksander Linkov, Angelika Reisiger, Anibal Sanchez, Anja Hage, Artur Alves, Ashan Fernando, Beat , Brian Teeman, Chad Windnagle, Constantin Romankiewicz, Daniel Kanchev, David Hurley, Dennis Hermacki, Dimitar Genchev, Duong Nguyen, Edwin Cheront, Elin Waring, George Wilson, Gunjan Patel, Hans Kuijpers, Hervé Boinnard, Hugh Messenger, Janich Rasmussen, Jason Rey, Jérôme GLATIGNY, Jean-Marie Simonet, Jern Wei Tan, Jerri Christiansen, Jozsef Tamas Herczeg, Khai Vu Dinh, klas 10, landor landor, Lao Neo, Lara Petersen, Le Van Thuyet, Loc Le Minh, Lu Nguyen, Marc Antoine Thevenet, Marijke Stuivenberg, Mario Proenca, Mark Dexter, Mark Lee, Matias Aguirre, Michael Babker, Mihail Irintchev, Mike Biolsi, Mike Veeckmans, Nha Bui, Nicholas Dionysopoulos, Nick Savov, Nik Faris Akmal, Ofer Cohen, Olaf Offick, Patrick Alt, Peter Martin, Peter van Westen, Peter Wiseman, Piotr Konieczny, Radek Suski, Richard McDaniel, Rob de Cleen, Robert Deutz, Robert Gastaud, Roberto Segura, Roland Dalmulder, Ronni Christiansen, Sam Teh, Sander Potjer, Sandra Thevenet, Sebastian Łuckoś, Sergio Iglesias, Seth Warburton, Shafiq Mazlan, Stefania Gaianigo, Thomas Hunziker, Tino Brackebusch, TJ Baker, Tobias Zulauf, tompap tompap, Troy Hall, Tu Diep The, Valentin Despa, Victor Drover, Viliam Kubis, Yiliang Yang.
Bug Squad Leadership: Mark Dexter and Nick Savov, Co-Coordinators. Super-star contributors and leaders by example: David Hurley, Jean-Marie Simonet, Brian Teeman, Elin Waring, Marc Antoine Thevenet, Michael Babker, and Roberto Segura.
Joomla! Security Strike Team
A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla secure. Members include: Airton Torres, Alan Langford, Beat, Bill Richardson, Brian Teeman, David Hurley, Don Gilbert, Elin Waring, Gary Brooks, Jason Kendall, Jean-Marie Simonet, Marijke Stuivenberg, Mark Boos, Mark Dexter, Matias Griese, Michael Babker, Nick Savov, Pushapraj Sharma, Rouven Weßling.
The second release candidate for WordPress 3.6 is now available for download and testing. We’re down to only a few remaining issues, and the final release should be available in a matter of days. In RC2, we’ve tightened up some aspects of revisions, autosave, and the media player, and fixed some bugs that were spotted […]
The first release candidate for WordPress 3.6 is now available. We hope to ship WordPress 3.6 in a couple weeks. But to do that, we really need your help! If you haven’t tested 3.6 yet, there’s no time like the present. (But please: not on a live production site, unless you’re feeling especially adventurous.) Think […]
The following new features have been implemented:
[+] Staff member accounts for administrators. Administrators can create staff member accounts – accounts with limited administrative permissions. Owners of such accounts can help administrators with certain tasks allowed by their permissions.
[+] Adding new language packs. Administrators can add support of new languages to PPA by uploading new language packs.
– Added check
for extra configurations not owned by any object.
– Highlighting
extra configurations as erroneous.
– Added facility for configurations removal and ‘rebuild all’ button.
It’s time for our third annual user and developer survey! If you’re a WordPress user, developer, or business, we want your feedback. Just like previous years, we’ll share the data at the upcoming WordCamp San Francisco (WCSF). Results will also be sent to each survey respondent. It only takes a few minutes to fill out […]
New checks have been added to File System section:
– (Linux) If it’s impossible to read, write, change owner or group inside of DUMP_D folder (by defaults, /var/lib/psa/dumps) the upgrade procedure will be failed.
– (Windows) Check that PleskSQLServer service can be started before upgrade.
The following bugs have been fixed:
[-] Several issues related to the operation of Apache web server were resolved.
[-] Dedicated IIS application pool settings defined in service templates were not propagated to the subscriptions based on those templates.
Changelog:
– (Windows) Check for SQL Server Management Objects (SMO) is up-to-date.
– (Windows) Check for Average Disk Queue Length.
– Error reporting has been improved.
– Bug fixes: Wrong determining of paths for free disk space calculation on Windows, wrong warning of not installed outdated and not supported components.
This release resolves several security issues and introduces several enhancements. We would like to thank the team at Rack911.com for assistance with discovering some of those issues.
The following bug has been fixed:
[-] Fixed moderate security issue with leak of sensitive information. The issue can be exploited by authenticated users only. Authenticated users are users that have logins to Parallels Plesk Panel (such as your customers, resellers, or your employees). This MU is strongly recommended for all Parallels Plesk Panel users.