Ike.ninja

The Joomla Project is pleased to announce the immediate availability of Joomla 2.5.4. This is a security release. The Production Leadership Team’s goal is to continue to provide regular, frequent updates to the Joomla community. Learn more about Joomla! development at the Developer Site.

The update process is very simple, and complete instructions are available here. Note that there are now easier and better ways of updating than FTPing the files.

Download

New Installations: Click here to download Joomla 2.5.4 (Full package) »

Update Package: Click here to download Joomla 2.5.4 (Update package) »

Note: Please read the update instructions before updating.

Instructions

• New installation and technical requirements
  
• Migration from Joomla! 1.5.x

Want to test drive Joomla? Try the online demo or the Joomla JumpBox. Documentation is available for beginners.

Please note that you should always backup your site before upgrading.

Release Notes

Check the Joomla 2.5.4 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.

Statistics for the 2.5.4 release period

• Joomla 2.5.4 contains:
  • 3 new features added
  • 157 tracker issues fixed

Joomla 2.5.4 uses version 11.4 of the Joomlal Platform.

New Features Added

The following new features have been added, with links to the Feature tracker issue.

• Add option to show full CMS version number in generator tag (Mark Dexter)
• Implementing Access levels for Content Languages (JM Simonet, Dennis Hermatski, Christophe Demko)
• Make the auto-update process more reliable across different hosts (Nicholas Dionysopoulos)

Security Issues Fixed

• Low Priority – Core – Information Disclosure. More information »
• Low Priority – Core – XSS Vulnerability. More information »

Tracker Issues Fixed

ID	Summary/Link	Category
27941	Add warning/no warning icons on Database screen	Administration
27842	Batch processing broken	Administration
28175	Calendar readonly=”true” status prevents loading custom calendars.	Administration
27923	com_menus item model calls non-existing method	Administration
28190	com_search: Show Search Results results in PHP fatal error	Administration
27052	Content menu displayed when disable component content	Administration
28252	Don’t show the site secret and optimize ConfigModelApplication	Administration
28180	fix for com_modules getListQuery returning too many rows [patch attached]	Administration
28158	Fix for override manager regarding plugins	Administration
27868	Joomla 1.7.x batch processing allow move items to trashed categories	Administration
28007	Languages overrides not showing content when showing is set to all	Administration
27893	New version module interferes with license notice in Hathor	Administration
28269	Protected extensions can be disabled through the toolbar	Administration
27844	Version Module for Admin to show Joomla version in Footer admin Template	Administration
28237	PHP Notice in back end login when cache enabled.	Authentication and Login
27600	Editor-XTD buttons Issues in FireFox 9	Browsers
28314	#28299 can cause performance issue if root category is loaded in non multilanguage mode	CMS Libraries
24338	Autoupdate fails for components after applying a patch from issue #24305	CMS Libraries
28226	Incorrect SQL statement for MenuItems in menuitem library	CMS Libraries
28093	JVersion::getHelpVersion() unnecessarily checks the version	CMS Libraries
28091	Move the check if multilang is enabled to the libraries	CMS Libraries
28299	SEF issue when using article button in multilanguage	CMS Libraries
27829	$app variable can possibly not be set, causing a PHP error	Code Quality
25423	$message not initialized in ~/components/com_users/controllers/reset.php	Code Quality
28023	Backport JSession::checkToken() from the platform	Code Quality
28262	Bug with Rebuild button in the Menu Manager	Code Quality
28125	Database change broke JUser getGroups() API	Code Quality
27410	Don’t use DS anymore	Code Quality
28286	Fix @since tags for 2.5.4. Code style in CMS libraries.	Code Quality
28265	Fix use of deprecated API in com_installer	Code Quality
27870	Joomla 2.5 com_content generates non-valid xhtml	Code Quality
28186	PHP Strict Standards: Non-static method UsersHelperRoute::getResetRoute() should not be called statically, assuming $this from incompatible context	Code Quality
28088	Strict error with JSite::getMenu()	Code Quality
27818	Update 1.7 strings to 2.5	Code Quality
27886	An unpublished linked contact leads to articles not being displayed.	Components
27581	Basic Search contact search is broken	Components
26986	Batch processing of articles doesn’t work for users with restricted rights	Components
27700	com_redirect redirects should use 301 redirect, not 303	Components
28174	com_wrapper doesn’t support iframe without border	Components
27780	Dublicate Template Styles	Components
27872	Error in Banner Track Clicks	Components
27853	error notice using search in joomla 2.5	Components
27956	Missing security check of file default_links.php	Components
28187	Notice in com_contact when sendEmail fails	Components
23021	Notice message in banners model	Components
28280	Regression in the com_installer warnings	Components
28206	Result Description “if condition” was missing in com_finder	Components
28154	RSS feed of com_finder throws fatal error	Components
27716	Saving ‘Start Publishing’ updates ‘Finish Publishing’ not ‘Start Publishing’	Components
28277	Wrong ‘category’ tag in category feed	Components
28172	Backslashes are added every time you save Wrapper menu item	Database
27774	Joomla on Windows Azure – Load time is slow	Database
28001	path delimiter doesn’t work properly on SQL Server and SQL Azure	Database
28318	Remove duplicate SQL Server directories.	Database
28266	Sql error generated in menus	Database
28222	SQL error generated in system redirect plugin	Database
28008	sql syntax error in libraries/joomla/database/table/session.php:137	Database
27961	Template is not displayed in the Styles (backend)	Database
27960	Unable to create an article	Database
27888	users notes categories	Database
26602	Front end article creation in unpublished category	Forms
28150	ContentBuildRoute does not remove layout if link attached to menu item	Front End
27890	mod_menu invalid rendering of items of type alias and url	Front End
27824	Offline image overflow	Front End
27931	Profile fields not available in edit, only registration	Front End
28134	Typo in com_content view	Front End
28145	Add uninstall support for possibly installed media files	Installation
28323	com_joomlaupdate does not delete joomla.xml file in root folder	Installation
28325	Deleted files not being deleted during version update	Installation
28259	Error in Database tab in Extension Manager	Installation
28261	Error message contains the string Joomla 1.7	Installation
27919	Extension Manager: Database does not fix text filter problem	Installation
27887	Extension Manager: Database does not fix update problem	Installation
28122	Fix installation for Joomla 3.0	Installation
27751	Installation – Check to ensure the schema file exists	Installation
28188	Javascript issue on IE7 during install	Installation
27916	Path of home sub-menu items contain “News Feeds”	Installation
27568	Remove the use of all deprecated functions (except JRequest and JException) in the installation.	Installation
28132	Typo in joomla-cms / installation / models / configuration.php	Installation
26468	Unable to install multiple updates at once	Installation
27920	Update SQL query requires temp table permissions	Installation
27895	Version Number Module Not Assigned to Menus	Installation
28329	Joomla Update component requires Purge Cache to change Update Server	Installation
27863	JHtmlGrid::sort broken	Javascript
27843	media.php jInsertFieldValue	Javascript
27880	Please first make a selection from the lis’t: Huge error on 40+ sites	Javascript
28268	Update MooTools to 1.4.5	Javascript
28046	Update MooTools to version 1.4.4	Javascript
27905	Upgrade MooTools to version 1.4.3	Javascript
27889	Change permissions in language manager changes default language to english	Languages
28090	Changes to the Administrator Language Strings	Languages
27796	COM_USERS_FITLER_NOTES	Languages
28072	Content Languages ordering broken	Languages
28098	Entering link to article via Article button -making it Multilanguage aware	Languages
28036	Implementing Access levels for Content Languages	Languages
28157	Inconsistent Language Constants in the Beez_20 Language Files	Languages
27929	Installing sample data and defining as site lang another lang then English breaks links	Languages
28151	Joomla! 2.5 – Multilanguage feature – external links end with 404	Languages
28115	PHP 5.3.8 Notice for some language packs with iconv	Languages
27975	smart search author not translated.	Languages
27966	Wrong constants in article menu item	Languages
27959	Wrong redirection when login on multilang site with SEF on.	Languages
27779	Articles; H1 tag appearing before the article title…	Layouts
27864	User profile page does not HTML escape the user’s name	Layouts
23414	Flash uploader rtl – browse button disabled	Media Manager
28199	Archive module error when no articles are archived	Modules
28099	Editor buttons in Custom HTML module	Modules
28000	Featured articles parameter does not work in mod_articles_popular	Modules
28316	Incorrect ordering value if editing last module	Modules
28017	JModuleHelper All but selected does not work correctly when there is no itemid	Modules
27659	joomla 2.5beta1 module alternative layout on admin side don’t work	Modules
27536	mod_articles_category ordering	Modules
27902	mod_languages html 5 validation error empty action attribute	Modules
28021	mod_login module does not HTML escape the user’s name	Modules
27896	mod_search head search link title not escaped	Modules
28068	Module weblinks does not import needed JModel class	Modules
28086	No access to params “images” in mod_articles_news	Modules
28181	Notice in weblinks module	Modules
27150	PHP Fatal error when detele a article category assigned to a artcle categories module**	Modules
27873	The related articles modules (mod_related_items) are not showing	Modules
27972	Multilanguage Status module report version 1.7.1 should be 2.5.x	None
27802	The package installer insert two database entries on templates	None
27784	Use less deprecated functions	None
28120	XHTML 1.0 Transitional	None
28303	Change 28026 so it doesn’t modify platform files	Platform
28264	Fix JSession::checkToken() to be forward compatible with Joomla 3.0	Platform
27706	JAccess::getGroupsByUser doesn’t work as expected in case of guest user	Platform
28133	JMail addAttachment ignores parameters (filename, encoding, type)	Platform
27951	Missing parameter handling in magic proxy methods for name quotes	Platform
26346	Sync some changes from the platforum	Platform
26906	Zip Archive native unpack wrong result	Platform
27662	Can’t update #__update_sites table at extension install on SQL Server	Plugins
27990	Captcha Typo (with solution)	Plugins
27862	Code error plgUserProfile line 188	Plugins
27918	Date format in /plugins/usr/profile/profile.php is wrong	Plugins
28179	JText values in js of quick icons force to escape single quotes	Plugins
27477	languagefilter: build rule is deleting “option” param	Plugins
27770	loadposition strips the $ character from html modules	Plugins
28118	Notice ‘Only variable references should be returned by reference’	Plugins
28044	Plugin Loadmodule ignores selected style	Plugins
28075	Recapthca image doesnt show up, maybe because of https secure website	Plugins
27898	System cache throws warning on Ajax requests with JSON response	Plugins
28284	System messages included in cached pages	Plugins
28255	Update TinyMCE to version 3.4.9 + optimizations	Plugins
28028	Entering an article link via the Article button=>links broken in SEF	Search Engine Friendly
27759	Alternative Sample Data Files (blog and brochure)	SQL Files
28121	Empty trash not trashing some sample data articles	SQL Files
27885	TinyMCE settings in SQL don’t reflect recent changes in options.	SQL Files
27992	Beez 2.0 has one css file still hardcoded with template name	Templates
28198	Beez 5 generating warings/notices	Templates
28117	Hathor forgotten in #28072	Templates
28140	JText values in js beez templates force to escape single quotes	Templates
27938	labels missing for Smart Search / Finder module	Templates
28114	missing css .icon-32-print class in bluestork template	Templates
27907	Sitename not escaped	Templates
28263	27052 does not work as should for System Links menu items	User Interface
28162	Creating menu items saves selection when it shouldn’t	User Interface

 

Joomla! Bug Squad

Thanks to the Joomla Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla, please report it on the Joomla! CMS Issue Tracker.

Active members of the Joomla Bug Squad during this last release cycle include: A Firoozmandan, Akarawuth Tamrareang, Alain Rivest, Andrea Tarr, Andrew Eddie, Ashwin Date, Bill Richardson, Brian Teeman, Chris Davenport, Christophe Demko, Denise McLaurin, Dennis Hermacki, Elin Waring, Emerson Rocha Luiz, Francisco Marzoa, Ian MacLennan, Jacob Waisner, Jacques Rentzke, James Brice, Janich Rasmussen, Jean-Marie Simonet, Jennifer Marriott, Jeremy Wilken, Kevin Griffiths, Loyd Headrick, Mark Dexter, Matt Thomas, Michael Babker, Mutuga Kigumi, Neil McNulty, Nikolai Plath, Ofer Cohen, Prasit Gebsaap, Rachmat Wakjaer, Rob Clayburn, Roland Dalmulder, Rouven Weßling, Rune Sjøen, Samuel Moffatt, Shaun Maunder, Sudhi Seshachala, Tim Plummer, Tom Fuller, Troy Hall, Viet Hoang Vu, Holger Brandt, Leo Lammerink, Herve Boinnard.

Bug Squad Leadership: Mark Dexter Coordinator; Elin Waring and Marijke Stuivenberg, Team Leaders.

Joomla! Security Strike Team

A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla secure. Members include: Airton Torres, Alan Langford, Bill Richardson, Elin Waring, Jason Kendall, Marijke Stuivenberg, Mark Dexter, Omar Ramos, Rouven Weßling, Samuel Moffatt.