Joomla Announcements

Why you should upgrade to Joomla 1.5.6

JoomlaThis morning, Joomla.org was defaced a few hours after releasing our new design. This is not a new security issue, but only poor system administration practices on our part. When we updated our Web sites with the Joomla 1.5.6 security fix released yesterday, we simply forgot to update one of our small, non-public development sites.
 
Now, we could offer many excuses why it was overlooked—we were focused on fixing this vulnerability, creating the packages, and getting the word out. But the truth is, there is no excuse. This is an obvious and sobering reminder to the Joomla Project that staying current with upgrades is the most important step towards protecting your Web site.
 
Nothing but good will come of this experience. There's nothing like first hand experience to remind us of the trust our end user community places in us and the importance of working harder and smarter towards improving security.
 
Please, upgrade to Joomla 1.5.6 now, if you have not already done so. In retrospect, we wish we'd followed our own advice more diligently.

Joomla! 1.5.6 Released

Joomla 1.5.6 Security Release

The Joomla! community is pleased to announce the immediate availability of Joomla! 1.5.6 [Vusani]. This is a quick turnaround security release to address a high level security issue and it is recommended all users upgrade immediately.

For more information about this exploit, click here to visit the Joomla Security Blog.

Instructions

Download the Joomla 1.5.6 full package now

Download update packages


Release Notes

  • SECURITY [HIGH] Fixed security hole in reset logic to check for proper token length.

Manual Installation

Download the Joomla! 1.5.6 Security Patch changed files only


For some users a manual installation of the 1.5.6 Security Patch is a faster process. To manually apply the 1.5.6 Security Patch, upload the following files, replacing the existing files:

		components/com_user/models/reset.php
		changelog.php
		includes/framework.php
		administrator/includes/framework.php
		libraries/joomla/version.php
		libraries/joomla/environment/uri.php

This patch will only update installations of Joomla 1.5.5. If you're using an earlier version, it is recommended you update prior to updating these files.

August 2008 Issue of Joomla Community Magazine

Joomla! Community MagazineThe August 2008 Joomla Community Magazine is available now and it's loaded with cool stuff about the World's Greatest Open Source CMS. (Biased? pfff!) Month after month, you will find articles on Joomla 1.5 Web sites, GPL-compatiable extensions, events, communities around the world, ways to get involved, learning resources for beginners, site integrators, and developers, and the latest buzz on what's happening in the Joomla! project.

ImageWhat kind of buzz, you ask? Well, this month, it's all about JoomlaConnect™, a brand new service that aggregates Joomla! community news from all around the world. Joomla Core Team member and Communications Team Lead Louis Landry developed this nifty new tool for us to use. Smile So, if you are interested in some RSS action, get your blog firing J!, and see Getting Connected to JoomlaConnect.

Feature Articles

This month, Joomla Core Team member and Development Working Group Coordinator, Andrew Eddie kicks off the Features Section by revealing an encouraging external market survey that shows Joomla!, WordPress, and Drupal as leading Open Source CMSs worldwide. Hat tip to our friends and partners in free software. Andrew also discusses training resources for developers and calls on the faithful to lend a hand updating our dev doc. Come on, it'll make you feel good.

ImageThis is very cool --> International award winning author and illustrator Sarah Verroken shares her creative process that resulted in a captivating Joomla 1.5 Web site showcasing her unique and beautiful work. Then, more cool design --> Per Andre Ronsen combines creative talents in theology, music, and design into a hot Joomla 1.5 Web site for Soul Kids.

This month's Joomla Forum Member of the Month is Marieke van der Tuin, undeniably one of the hardest working contributors in all of J! land. Oh, and make certain to check out the great, new GPL'ed extensions highlighted by our very own Toni Marie.



Involved Community

ImageJoomla is powered by an involved community all around the world. Case in point, Vancouver Joomla Day organizer Wendy Robinson shares Ten steps to a successful event. On the other side of the planet, Chorn Sokun and John T Denny highlight what's going on with the Cambodian Joomla! community. Then, from San Francisco, Ron Severdia, founder of PlayShakespeare.com, discusses his Joomla 1.5 site, also the subject of his recent CNN Comcast Newsmakers interview.

Then, Joomla! developer, Alan Langford of Toronto shares a thoughtful piece on why he participates in Open Source and Google Summer of Code participant, Mostafa Muhammad sends Greetings from Wikimania 2008 in Egypt. Core Team member and Fundraising Team Lead, Michelle Bisson, (Wait a minute! Isn't that a lot of Mounties?) invites the community to support Joomla! financially. Give until it hurts. Well, at least give, if you are able, knowing every little bit helps...

Joomla Learning

There are several great articles aimed at skill development for Joomla community members. Those just starting with Joomla 1.5 are encouraged to read the Learning Joomla using Sample Data written by Mark Dexter. Site Integrators will get good value from Sam Moffatt's Improve the Security of your Joomla Administrator article; practical tips from Andrew's Legacy Mode in Joomla 1.5 and Search in Joomla 1.5 pieces; and inspiration from J! talent Jennifer Marriott's Resources for Designers article.

For developers, Jens-Christian Skibakk's tutorial entitled Creating a single package for Admin and Site Languages will help you take advantage of recent Installer improvements introduced by Jens. If you are geek enough, check out the tutorial Dynamic loading of lists using AJAX in a MVC component written by the very talented, Mathieu Chauvinc.

Joomla Project

ImageReally good effort from the Joomla! project this month. Development Working Group Leads Sam Moffatt and Anthony Ferrara share this month's release updates on Joomla 1.5.4 and 1.5.5 . The Joomla! Extensions Directory takes the Working Group spotlight -- and exceeds 3,500 Joomla Extensions! And, finally, there is that very cool announcement about JoomlaConnect™.

Next month?

Much more, and even a bit more on top of that. So, come back and get some. September's line up is all firmed up but if you are interested in sharing an article with the Joomla Community Magazine for October, we might have a spot for that. Just contact us at This email address is being protected from spambots. You need JavaScript enabled to view it.  and let us know what you would like to share. Until then, have fun with Joomla.

Subcategories