Ubuntu: 1562-1: Linux kernel (Natty backport) vulnerability

Sep13
by Ike on September 13, 2012 at 5:02 am
Posted In: Uncategorized

(Sep 10) The system could be made to crash under certain conditions.

 Comment 

Joomla 2.5.9 Released

Sep13
by Ike on September 13, 2012 at 5:00 am
Posted In: Uncategorized

Security Release

The Joomla Project is pleased to announce the immediate availability of Joomla 2.5.9. This is a security release. The Production Leadership Team’s goal is to continue to provide regular, frequent updates to the Joomla community. Learn more about Joomla! development at the Developer Site.

The update process is very simple, and complete instructions are available here. Note that there are now easier and better ways of updating than copying the files with FTP.

Download

New Installations: Click here to download Joomla 2.5.9 (Full package) »

Update Package: Click here to download Joomla 2.5.9 (Update package) »

Note: Please read the update instructions before updating.

Instructions

Want to test drive Joomla? Try the online demo or the Joomla JumpBox. Documentation is available for beginners.

Please note that you should always backup your site before upgrading.

Release Notes

Check the Joomla 2.5.9 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.

Statistics for the 2.5.9 release period

  • Joomla 2.5.9 contains:
    • 1 Security issue fixed
    • 22 tracker issues fixed

Security Issues Fixed

Tracker Issues Fixed

ID Summary/Link
27709 Saving in backend very slow when many user groups. Thanks Elin.
29705 Blank login page J3.x beez3.
29999 Fix fatal error in JInstallerFile::uninstall(). Thanks Matias Griese.
28714 Authentication – Gmail: Apply Username suffix does not allow user to login with suffix already applied. Thanks Janich Rasmussen. 
30031 *Notice: Undefined index: title in /plugins/content/pagebreak/pagebreak.php on line 197. Thanks Bernard
29731 RSS feed gets corrupted when ampersand (&) or other escapable characters exist in Site Meta Description. Thanks Jan
29998 Problem with grid sort. Thanks Zhevron
28841 Username modification in frontend (Profile Edit) is not saved. Thanks Jisse Reitsma.
29904 *With plugin Language Filter enabled, user articles parameter in frontend shows all articles.
29848 UTF8 SEF URLs are causing browser too many redirects failures – additional patch. Thanks Nicholas
29964 Files upload problem
28778 Incorrect Rendering of Breadcrumb Trail for Home Page Sub-Items. Thanks James and Peter
29962 *303 when not using URL Language code in multilanguage – again. Thanks Yannick
29939 *Fatal error when displaying any Categories Menu item
29911 *Com_content feed read more links broken. Thanks Jurian
25337 site on unc path, path.php removes
29919 User Profile Plugin – Required field not enforced
29799 com_contacts – FormField Modal . Thanks Mark
29887 *Disable System redirect breaks 404.  Thanks Yannick
27903 invalid call to parent::getStoreId in getStoreId of NewsfeedsModelCategories (unused). Thanks Michael and Peter
29567 UTF8 SEF URLs are causing browser too many redirects failures. Thanks Dennis and Nicholas
29715 Submit an Article doesn’t work. Thanks Jean-Marie.

 

Joomla! Bug Squad

Thanks to the Joomla Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla, please report it on the Joomla! CMS Issue Tracker.

Active members of the Joomla Bug Squad during past 3 months include: Aaron Schmitz, Akarawuth Tamrareang, Aleksander Linkov, Andrea Tarr, Andrew Eddie, Angelika Reisiger, Brian Teeman, Constantin Romankiewicz, Cristina Solana, Daria Mikhailova, Dennis Hermacki, Elin Waring, Harald Leithner, Jacob Waisner, James Brice, Jan Kuchař, Janich Rasmussen, Jean-Marie Simonet, Jonathan M. Cameron, Kevin Griffiths, Lukas Polak, Mark Dexter, Mark Lee, Michael Babker, Milton Bryant, Moises Jafet Cornelio-Vargas, Nicholas Antimisiaris, Nicholas K. Dionysopoulos, Nick Savov, Nikolai Plath, Ofer Cohen, Omar Ramos, Peter van Westen, Peter Wiseman, Rob Clayburn, Roberto Segura, Roland Dalmulder , Soheil Novinfard, Tessa Mero, Troy Thomas Hall, Viet Hoang Vu.

Bug Squad Leadership: Mark Dexter, Coordinator. Super-star contributors and leaders by example: Jean-Marie Simonet and Elin Waring.

Joomla! Security Strike Team

A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla secure. Members include: Airton Torres, Alan Langford, Bill Richardson, Elin Waring, Gary Brooks, Jason Kendall, Jean-Marie Simonet, Jeremy Wilken, Marijke Stuivenberg, Mark Boos, Mark Dexter, Michael Babker, Pushapraj Sharma, Rouven Weßling.

 Comment 

Joomla 2.5.7 Released

Sep13
by Ike on September 13, 2012 at 5:00 am
Posted In: Uncategorized

Security Release

The Joomla Project is pleased to announce the immediate availability of Joomla 2.5.7. This is a security release. The Production Leadership Team’s goal is to continue to provide regular, frequent updates to the Joomla community. Learn more about Joomla! development at the Developer Site.

The update process is very simple, and complete instructions are available here. Note that there are now easier and better ways of updating than copying the files with FTP.

Download

New Installations: Click here to download Joomla 2.5.7 (Full package) »

Update Package: Click here to download Joomla 2.5.7 (Update package) »

Note: Please read the update instructions before updating.

Instructions

Want to test drive Joomla? Try the online demo or the Joomla JumpBox. Documentation is available for beginners.

Please note that you should always backup your site before upgrading.

Release Notes

Check the Joomla 2.5.7 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.

Statistics for the 2.5.7 release period

  • Joomla 2.5.7 contains:
    • 1 new feature added
    • 2 Security issues fixed
    • 42 tracker issues fixed

New Feature Added

Security Issues Fixed

Tracker Issues Fixed

ID Summary/Link
24628 htmlspecialchars() and multiple menu modules of the same menu. Thanks Rouven
27806 *User with spaces as password can not log in. Thanks Rouven
27933 Smart Search module does not read static filter setting from module parameters. Thanks Chris
28405 Smart Search – CLI Indexer doesn’t catch exceptions. Thanks Michael
28863 Custom sample data install issue with driver mysql. Thanks Mihaly and Michael
28858 Com_finder missing show_advanced_tips parameter => can’t hide advanced tips. Thanks Michael
28853 Template fails to copy. Thanks Mark
28985 JFile class not loaded when use cache handler != file. Thanks Julio.
28449 captcha cause fatal error when the “captcha” field is not present in “configuration.php” after an upgrade. Thanks Elin.
28951 Increase stability in language installer. Thanks Javier. Prevents non installable packs to display in Install Languages manager
28039 Using Chrome for Android generates an error in browser.php (line 562)
25295 Email exposed through RSS and Atom feeds. Thanks Elin and Peter
28795 mod_articles_category “read more” truncation not functioning properly. Thanks Elin.
28855 Fix Array to string conversion notices (PHP 5.4 only).Thanks Rouven
25663 Can’t build admin menu item error while (re)installing component. Thanks Nicholas.
28877 Overriding settings in the language xx-XX.localise.php
28846 *When URL Language Code is removed language switcher module redirects to URL without .html suffix. Thanks Dennis
28837 Can’t get past step 4 “Database Configuration”. Thanks Shaun.
28535 Joomla 2.5.4 Timezones being doubled. Thanks Christophe and Andrea
28034 White page on contact form with SEO enabled. Thanks Nikolai
28743 Update TinyMCE to version 3.5.4.1. Thanks Rouven
28510 DB error “session” table Duplicate entry. Thanks Rob
28785 mod_wrapper doesn’t support iframe without border. Thanks Andrea Sisti
28770 Loss of data when editing an article through the front end. Thanks Franz
28779 *JS error in page 6 of installation. Thanks Michael
28741 E_STRICT: JArrayHelper::pivot should be declared as static. Thanks Christophe.
28776 Replace DS with DIRECTORY_SEPARATOR in com_media. Thanks Michael
28763 Make the field for installing sample data easier to use (Elin Waring)
28751 *Copy Template Feature – language files have capital letters (Jean-Marie Simonet)
28647 Registration form: language override for “Name” label causes side effects (Johannnes S-F)
28759 Undefined property: JSite::$registeredurlparams (Rouven Weßling)
28713 Article Media Manager: ‘This file is too large to upload’ appears in a Media Manager screen
28733 administrator/mod_menu Bug! Thanks Sebastian
28745 mailto fatal error when sending article-mail in joomla 2.5.6. Thanks Rouven.
28682 Articles appearing in title. Thanks Christophe
28730 Use the MVC legacy aliases in the administrator (Rouven Weßling)
28683 Replace uses of JHtml::core() (Michael Babker)
28736 Don’t use APIs not present in Platform 12.2 (Rouven Weßling)
28690 Wrong Content Type for JSON response (Elijah Madden)
28651 Security concern: passwords should not be sent via email (Johannes S-F)
28738 Add more sniffs to the code style checker (Rouven Weßling)
28709 Commit of progress bar feature missed a layout file. Thanks Mark

 

Joomla! Bug Squad

Thanks to the Joomla Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla, please report it on the Joomla! CMS Issue Tracker.

Active members of the Joomla Bug Squad during this last release cycle include: Aaron Wood, Andrea Tarr, Bill Richardson, Brian Teeman, Christophe Demko, Dean Clarke, Dennis Hermacki, Elin Waring, Emerson Rocha Luiz, Harald Leithner, Itamar Elharar, Jacob Waisner, James Brice, Janich Rasmussen, Jean-Marie Simonet, Kevin Griffiths, Loyd Headrick, Marijke Stuivenberg, Marius van Rijnsoever, Mark Dexter, Matt Thomas, Michael Babker, Neil McNulty, Nicholas Dionysopoulos, Nick Savov, Nikolai Plath, Ofer Cohen, Peter Wiseman, rachmat wakjaer, Radek Suski, rob clayburn, Roland Dalmulder, Rouven Weßling, Rune Sjøen, Samuel Moffatt, Shaun Maunder, Soheil Novinfard, Troy Hall, Viet Vu.

Bug Squad Leadership: Mark Dexter, Coordinator; Elin Waring and Marijke Stuivenberg, Team Leaders.

Joomla! Security Strike Team

A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla secure. Members include: Airton Torres, Alan Langford, Bill Richardson, Elin Waring, Gary Brooks, Jason Kendall, Jean-Marie Simonet, Jeremy Wilken, Marijke Stuivenberg, Mark Dexter, Michael Babker, Rouven Weßling, Samuel Moffatt.


 Comment 

Debian: 2543-1: xen-qemu-dm-4.0: Multiple vulnerabilities

Sep12
by Ike on September 12, 2012 at 5:24 am
Posted In: Uncategorized

(Sep 8) Multiple vulnerabilities have been discovered in xen-qemu-dm-4.0, the Xen Qemu Device Model virtual machine hardware emulator. The Common Vulnerabilities and Exposures project identifies the following problems: [More…]

 Comment 

Debian: 2546-1: freeradius: stack-based buffer overflow

Sep12
by Ike on September 12, 2012 at 5:01 am
Posted In: Uncategorized

(Sep 11) Timo Warns discovered that the EAP-TLS handling of freeradius, a high-performance and highly configurable RADIUS server, is not properly performing length checks on user-supplied input before copying to a local stack buffer. As a result, an unauthenticated attacker can exploit this [More…]

 Comment 

58 queries. 8.5 mb Memory usage. 1.330 seconds.