(Sep 25) RubyGems could be made to download and install malicious gem files.
Comment
(Sep 25) Several security issues were fixed in ruby1.9.1
The update delivers Major Security fixes on Linux, package update for PHP 5.3.17 and phpMyAdmin 3.5 on Windows.
It is recommended for all PP users and includes general functionality fixes that improve the stability, compatibility, and security of your PP server.
I’m excited to announce the availability of WordPress 3.5 Beta 1.
This is software still in development and we really don’t recommend that you run it on a production site — set up a test site just to play with the new version. To test WordPress 3.5, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the beta here (zip).
In just three short months, we’ve already made a few hundred changes to improve your WordPress experience. The biggest thing we’ve been working on is overhauling the media experience from the ground up. We’ve made it all fair game: How you upload photos, arrange galleries, insert images into posts, and more. It’s still rough around the edges and some pieces are missing — which means now is the perfect time to test it out, report issues, and help shape our headline feature.
As always, if you think you’ve found a bug, you can post to the Alpha/Beta area in the support forums. Or, if you’re comfortable writing a reproducible bug report, file one on the WordPress Trac. There, you can also find a list of known bugs and everything we’ve fixed so far.
Here’s some more of what’s new:
- Appearance: A simplified welcome screen. A new color picker. And the all-HiDPI (retina) dashboard.
- Accessibility: Keyboard navigation and screen reader support have both been improved.
- Plugins: You can browse and install plugins you’ve marked as favorites on WordPress.org, directly from your dashboard.
- Mobile: It’ll be easier to link up your WordPress install with our mobile apps, as XML-RPC is now enabled by default.
- Links: We’ve hidden the Link Manager for new installs. (Don’t worry, there’s a plugin for that.)
Developers: We love you. We do. And one of the things we strive to do with every release is be compatible with all existing plugins and themes. To make sure we don’t break anything, we need your help. Please, please test your plugins and themes against 3.5. If something isn’t quite right, please let us know. (Chances are, it wasn’t intentional.) And despite all of the changes to media, we’re still aiming to be backwards compatible with plugins that make changes to the existing media library. It’s a tall task, and it means we need your help.
Here’s some more things we think developers will enjoy (and should test their plugins and themes against):
- External libraries updated: TinyMCE 3.5.6. SimplePie 1.3. jQuery 1.8.2. jQuery UI 1.9 (and it’s not even released yet). We’ve also added Backbone 0.9.2 and Underscore 1.3.3, and you can use protocol-relative links when enqueueing scripts and styles. (#16560)
- WP Query: You can now ask to receive posts in the order specified by
post__in. (#13729) - XML-RPC: New user management, profile editing, and post revision methods. We’ve also removed AtomPub. (#18428, #21397, #21866)
- Multisite: switch_to_blog() is now used in more places, is faster, and more reliable. Also: You can now use multisite in a subdirectory, and uploaded files no longer go through ms-files (for new installs). (#21434, #19796, #19235)
- TinyMCE: We’ve added API support for “views” which you can use to offer previews and interaction of elements from the visual editor. (#21812)
- Posts API: Major performance improvements when working with hierarchies of pages and post ancestors. Also, you can now “turn on” native custom columns for taxonomies on edit post screens. (#11399, #21309, #21240)
- Comments API: Search for comments of a particular status, or with a meta query (same as with WP_Query). (#21101, #21003)
- oEmbed: We’ve added support for a few oEmbed providers, and we now handle SSL links. (#15734, #21635, #16996, #20102)
We’re looking forward to your feedback. If you break it (find a bug), please report it, and if you’re a developer, try to help us fix it. We’ve already had more than 200 contributors to version 3.5 — come join us!
And as promised, a bonus:
We’re planning a December 5 release for WordPress 3.5. But, we have a special offering for you, today. The newest default theme for WordPress, Twenty Twelve, is now available for download from the WordPress themes directory. It’s a gorgeous and fully responsive theme, and it works with WordPress 3.4.2. Take it for a spin!
Joomla 3.0.0 Released
Sep27
The Joomla! Project is pleased to announce the immediate availability of Joomla 3.0.0. This is the next major release of the Joomla CMS in the Standard Term Support (STS) track. All 3.0 users will need to plan to update to the new versions available in the STS release cycle every six months until version 3.5 is released. These updates are expected to be simple and backwards compatible.
Who is this release for?
The standard-term releases are designed for users who need access to the new features. Most users with existing 2.5.x sites will not want to update to version 3.0. Users creating new sites can use either version 2.5 or 3.0, depending on which best suits their needs. Please consider the availability of third-party templates and extensions when deciding which Joomla version to use. Also, if you decide to use version 3.0, please be aware that you will need to update your site every six months (to 3.1, 3.2, and so on) until version 3.5 is available. These updates are expected to be simple and backwards compatible.
What is the status of Joomla! 2.5?
Version 2.5 of the Joomla! CMS is a Long Term Support (LTS) release and support for it will continue until shortly after the release of Joomla 3.5, scheduled for Spring 2014. Users on version 2.5 do not need to migrate to Joomla 3.0.
What is the status of Joomla! 1.5?
Support for Joomla 1.5 will end shortly after the release of Joomla 3.0. It is currently supported only for security issues.
Will I be able to update directly from 2.5 to Joomla! 3?
Yes. Any update issues will be a top priority and will likely be resolved early in the 3.x release train. However, it is likely that many templates and extensions for Joomla 2.5 will need modification to work with Joomla 3. Always test prior to migrating and consult with the developers of any extensions and templates you use. Be aware that the technical requirements for running Joomla 3.0 are different. In addition to requiring newer versions of software, certain settings that were once recommmened are now required such as requiring that magic quotes is off. See the Technical Requirements page for the specifications. See the Joomla 3.0.0 Post-Release FAQs for more detailed information about updating from 2.5 to 3.0.
What are the new features of Joomla! 3?
- Incorporation of Twitter Bootstrap into a jui media package.
- A new responsive, mobile device friendly administrator template–Isis– and interface.
- A new front end template–Protostar– built using Twitter Bootstrap.
- Updated accessible template called Beez3.
- A simplified 3-step installation process.
- PostgreSQL Driver. You will be able to run Joomla 3.0 sites using the PostgreSQL database.
- PHP Memcached Driver
- Use of JFeed for feed management rather than SimplePie
- Installation of language packages directly from the extension manager
- Guest user group present by default
- Saving blank articles allowed
- New administrator statistics module
- Update TinyMCE to version 3.5.6
- Continued clean up of older unused code, files and database fields and tables and improved standardization of tables.
- Improvements to Smart Search
- Extensive work on code style standardisation and consistency
- Unit testing in the CMS
- Updated system tests in the CMS
- Custom active menu item for menu module
- Let the SEF plug-in add the canonical url to the head
- Version 12.2 of the Joomla Platform
This release also includes the current version (12.2) of the Joomla! Platform, which includes a large number of new and improved packages.
Download
New Installations: Click here to download Joomla 3.0.0 (Full package) »
See the Download page for other packages and information on updating.
Note: Please read the Joomla 3.0 FAQ and the update instructions before updating.
Instructions
Want to test drive Joomla? Try the online demo or the Joomla JumpBox. Documentation is available for beginners.
Please note that you should always backup your site before upgrading.
Release notes
Check the Joomla 3.0.0 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.
Statistics for the 3.0.0 release
- Joomla 3.0.0 contains:
- 34 new features added (includes 15 features added in 2.5.1 – 2.5.7)
- No security issues fixed
- 491 tracker issues fixed
Joomla! Bug Squad
Thanks to the Joomla Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla, please report it on the Joomla! CMS Issue Tracker.
Active members of the Joomla Bug Squad during this last release cycle include: Aaron Wood, Andrea Tarr, Bill Richardson, Brian Teeman, Christophe Demko, Dean Clarke, Dennis Hermacki, Elin Waring, Emerson Rocha Luiz, Harald Leithner, Itamar Elharar, Jacob Waisner, James Brice, Janich Rasmussen, Jean-Marie Simonet, Kevin Griffiths, Loyd Headrick, Marijke Stuivenberg, Marius van Rijnsoever, Mark Dexter, Matt Thomas, Michael Babker, Neil McNulty, Nicholas Dionysopoulos, Nick Savov, Nikolai Plath, Ofer Cohen, Peter Wiseman, rachmat wakjaer, Radek Suski, rob clayburn, Roland Dalmulder, Rouven Weßling, Rune Sjøen, Samuel Moffatt, Shaun Maunder, Soheil Novinfard, Troy Hall, Viet Vu.
Bug Squad Leadership: Mark Dexter, Coordinator; Elin Waring and Marijke Stuivenberg, Team Leaders.
Joomla! Security Strike Team
A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla secure. Members include: Airton Torres, Alan Langford, Bill Richardson, Elin Waring, Gary Brooks, Jason Kendall, Jean-Marie Simonet, Jeremy Wilken, Marijke Stuivenberg, Mark Dexter, Michael Babker, Rouven Weßling, Samuel Moffatt.
How can you help Joomla development?
The great news is you don’t have to be a developer to help build Joomla. The Joomla Bug Squad is one of the most active teams in the Joomla development process and is always looking for people (not just developers) that can help with sorting bug reports, coding patches and testing solutions. It’s a great way for increasing your working knowledge of Joomla, and also a great way to meet new people from all around the world.
If you are interested, please read about us on the Joomla Wiki and, if you wish to join, email the Bug Squad coordinator.
You can also help Joomla development by thanking those involved in the many areas of the process. Since the release of Joomla 2.56, a whopping 4915 issues have been fixed by the JBS. The project also wants to thank all of the people that have taken the time to prepare and submit work to be included in Joomla 3.0, and to those that have worked very hard on the Joomla Platform project.
Related information
If you are an extension developer, please make sure you subscribe to the general developer mailing list as this is a place where you can discuss extension development and news that may affect custom development will be posted from time to time.
Following is a list of previous news and information about Joomla 3.0 and other sites of interest:
- Working with the Joomla Feature Tracker
- General developer mailing list
- Joomla developer network
- Joomla development strategy
A huge thank you to our volunteers!
This release is the result of thousands of hours of work by dozens of volunteers. Thank you so very much for making Joomla the best CMS on the planet!