Joomla Announcements

Joomla 1.5.11 Security Release Now Available

Details

Category: Project Release News

Created on Wednesday, 03 June 2009 06:00

The Joomla Project announces the immediate availability of Joomla 1.5.11 [Vea]. This is a security release and users are strongly encouraged to upgrade immediately.

This release contains 26 bug fixes, two moderate-level security fixes and one low-level security fix. It has been 11 weeks since Joomla 1.5.10 was released on March 28, 2009. The Development Working Group's goal is to continue to provide regular, frequent updates to the Joomla community.

Download

Click here to download Joomla 1.5.11 (Full package) »

Click here to find an update package. »

Instructions

• New installation and technical requirements
• Upgrade from an existing Joomla 1.5 version
• Migration from Joomla! 1.0.x

Want to test drive Joomla? Try the online demo or the Joomla JumpBox. Documentation is available for beginners.

Please note that you should always backup your site before upgrading.

Release Notes

Check the Joomla 1.5.11 Post-Release Notes to see if there are important items and helpful hints discovered after the release.

If you have modified core template overrides, please be sure to back them up before upgrading.

Security

One low-level and two moderate-level security issues were fixed in this release:

• Moderate Priority: Core - com_users XSS. More information »
• Moderate Priority: Core - ja_purity XSS. More information »
• Low Priority: Core - Front-end XSS. More information »

For additional information, visit the Joomla Security Center.

Components

• Prev and Next links no longer create duplicate content with SEF URLs (13890)
• Atom feed validates for Contact Category and Weblinks Category layouts (15446)
• Article Category layout sorts correctly (15541)
• Form correctly uses JRoute for action (15551)
• Improved control over who is able to upload files (15691)
• Search results work correctly for multiple search terms with SEF URLs enabled (15853)
• RSS 2.0 feeds try to turn mailto links into absolute URLs (15909)
• Atom link in RSS feed causes validation problems (16211)

Modules

• Login correctly uses view=register (15740)
• Module cache, ID, ItemID (15727)

Plugins

• No plugin issues were fixed in this release.

Legacy

• No legacy issues were fixed for this release

Templates

• Khepri template has correct CSS icon for Article (15912)
• Align attribute in mod_mainmenu no longer causes problems for some templates (15963)
• Updated the helpsites.xml files (16397)

Language

• Translated description for Component, Module, Plugin, etc. after installation (13898)  
• Change in Montenegrin language ISO Code (16112)
• Modified Montenegrin language code to be ME from SLA for consistency (16349)
• Install language changes (16405)

Administrator

• Global Configuration "Undefined Variable" warning now resolved (15699)
• Legacy code in installer premigration system causes unrelated errors (16236)

System

• Installation of some packages no longer fails (15701)
• Installation Version Display corrected (15913)
• JFile::getName() loses first character (16007)
• db->updateObject function outdated (15417)
• PHPDoc Comment for JFactory getDocument method incorrect (16314)
• offline.php file now has correct stylesheet (16500)

Statistics

Statistics for the 1.5.11 release period:

• Joomla 1.5.11 contains:
  • 26 issues fixed in SVN
  • 33 commits
• Tracker activity resulted in a net increase of 13 active issues:
  • 76 new reports
  • 27 closed
  • 25 fixed in SVN
• At the time the 1.5.11 release was packaged, the tracker had 157 active issues:
  • 90 open
  • 49 confirmed
  • 18 pending

Joomla! Bug Squad

Thanks to the Joomla Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug with Joomla, please report it on the 1.5 Bug Tracker.

Active members of the Joomla Bug Squad during this last release cycle include: Ian MacLennan and Mark Dexter co-coordinators; Airton Torres, Amy Stephen, Dennis Hermacki, Elin Waring, Ercan Ozkaya, Flavia Tarzwell, Gergő Erdősi, Hannes Papenberg, Jennifer Nodwell, Joe Palmer, Kevin Devine, Klas Berlič, Marieke van der Tuin, Marijke Stuivenberg, Marius van Rijnsoever, Mark Smeed, Mati Kochen, Ole Bang Ottosen, Pete Nurse, Rajesh Dhanusu, Samuel Moffatt, Shantanu Bala, Anthony Ferrera, and Wilco Jansen.

A warm welcome to the newest members of the Joomla Bug Squad: Flavia Tarzwell, Jason Johnston, Jason Powers, Julio Pontes, Mark Smeed, Omar Ramos, and Ricardo Accioly.

Community Showcase Now Online

Details

Category: General News

Created on Wednesday, 08 April 2009 17:04

The Joomla Project is pleased to announce our latest undertaking to promote sites using Joomla—our new Joomla Community Showcase. The showcase is a hub for community users to share sites they've discovered or built themselves.

Launching today with just over 100 sites, the showcase has a wide range of categories—arts, education, business, sports, non-profits and more. It's designed in the same familiar layout as the Joomla Extensions Directory so users will be able to quickly find what they're looking for.

Submitting a Web Site

It's easy to submit a site for inclusion in the showcase. You'll need to register first on the showcase site and be sure to read the Guidelines for Submission before submitting. Make sure the site isn't already in the showcase by doing a search first. Not all sites will be accepted into the showcase so make sure your site meets the guidelines. Ideally, it's a site that shows off the power and extensibility of Joomla.

We also expect you to add site thumbnails (not logos) to your submission. If you only have one, that's fine. But if you have more, make sure they show off a variety of layouts—otherwise all your thumbnails will look identical.

Remember, it takes time to verify each site submission we receive so sites will not be automatically added immediately. Careful not to add too many of your own sites at once or you might be considered a spammer. We recommend you submit no more than 10 sites each month.

Site of the Month

Each month, we will highlight a Web site that demonstrates exemplary quality, flexibility, and design. If you want your site to be considered, make sure you fill out all the site information accurately and thoroughly.

Site Case Studies

While site descriptions are a general overview of the site and/or company, case studies are a way to delve deeper into the mechanics of the site, how it was built, what problems it solved, and how it fit into the overall strategy of the company. It's a way to give other Joomla users insight into the process and what extensions were used. We encourage site creators to write detailed case studies. If your site has a good case study, you'll exponentially increase your chances of being awarded the Site of the Month.

Tagging your Submissions

The showcase also has a built-in tagging system to more clearly identify site traits. Add as many tags as you want (up to 80 characters) but don't repeat tags or add redundant information.

Room to Grow

We feel that this site will grow rapidly so have started with a small number of basic site categories wth the expectation that they will become more refined and extensive over time, adpating to the needs of the community. So get started submitting Joomla sites now!

Joomla 1.5.10 Security Release Now Available

Details

Category: Project Release News

Created on Saturday, 28 March 2009 01:16

The Joomla Project announces the immediate availability of Joomla 1.5.10 [Wohmamni]. This is a security release and users are strongly encouraged to upgrade immediately.

This release contains 66 bug fixes, one low-level security fix, and one moderate-level security fix. It has been 11 weeks since Joomla 1.5.9 was released on January 10, 2009. The Development Working Group's goal is to continue to provide regular, frequent updates to the Joomla community.

Download

Click here to download Joomla 1.5.10 (Full package) »

Click here to find an update package. »

Instructions

• New installation and technical requirements
• Upgrade from an existing Joomla 1.5 version
• Migration from Joomla! 1.0.x

Want to test drive Joomla? Try the online demo or the Joomla JumpBox. Documentation is available for beginners.

Release Notes

Check the Joomla 1.5.10 Post-Release Notes to see if there are important items and helpful hints discovered after the release.

Security

One low-level and one moderate-level security issue were fixed in this release:

• Moderate Priority: A series of XSS and CSRF faults exist in the administrator application. Affected administrator components include com_admin, com_media, com_search. Both com_admin and com_search contain XSS vulnerabilities, and com_media contains 2 CSRF vulnerabilities. More information »
• Low Priority: A XSS vulnerability exists in the category view of com_content. More information »

For additional information, visit the Joomla Security Center.

Components

• Article Alias no longer missing from Category Views (14228)
• Section List now drills down correctly to a Category List with Global Content Filters (14510)
• Web link Router now uses correct Category value (14705)
• Article HTML filtering correct when only one Filter group selected (14758)
• Tooltip Help corrected for Section, Category, and Article Alias (15007)
• Sorting lists by values other than Order corrected (15107)
• Archived Article Filter Function works correctly (15124)
• Ampersand in site name no longer breaks Position value in vCard (15143)
• Added "/" before URL in Remind Me and Password links for com_user (15215)
• Search works properly using international characters with SEF enabled (15233)
• Register to Read More in redirect URL correct for Section and Category Menu Items (15266)
• Multiple Search Menu Items now return correct ItemID (15293)
• com_media no longer incorrectly loads CSS files from the backend (15354)
• Fixed invalid XHTML output in com_content and com_contact (15362)
• Small errors in code comments corrected for com_user (15461)

Modules

• Changing the module's 'Position' value now correctly changes the value for the 'Order' listbox. (12119)
• When Module is saved, Module's cache is now cleared (12137)
• Encoding behavior for quotes and ampersands corrected in Modules (13111)
• Menu image alignment resolved (14071)
• Menu Alias respects Active setting (14767)
• Resolved tag error in mod_feed (14948)
• Login Redirect returns to current page when no Redirect URL is specified (15376)

Plugins

• Fixed ID tags used by openid.js (13285)
• Pagebreak works correctly with JCE (14525)
• Pagebreak outputs correct XHTML elements (14496)
• Pagebreak accurately tracks active page (14558)
• Pagebreak works correctly with Section tables (14827)
• Caching error resolved for Remember Me function (14857)
• Menu Item changes are now cached properly (14896)
• SEF Plugin correctly handles "Data" attribute (15137)
• Load Position no longer deletes dollar sign and next two positions, in Module output (15237)

Legacy

• No legacy issues fixed for this release.

Templates

• Beez: Correct Last Updated date used in Section Blog (14571)
• JA Purity: All Article text no longer linked when Category presented (14286)
• rhuk Milkyway: Correct authorEmail value (14439)
• Corrected RTL issue for Site Title when mouse hovering over Template Logo (14945)

Language

• Localization for user name corrected in registration form (14468)
• Corrected localization issue for new Module (13999)
• User details translatable (14710)
• Localization corrected for installation of Component  (14859)
• Copy Menu Items function is now translatable (14944)
• Pagebreak now translatable (15300)
• Uninstalling a Component now has all Language Strings (15375)

Administrator

• Categories are now sortable in reverse order by Order data element (14004)
• Parameter Element ID for folderlist and filelist are correct (14514)
• Date format correct for 'checked out date'  (14381)

System

• Installation of Extensions no longer fails when zip files are included (9701)
• No longer missing l10n in JApplicationHelper::parseXMLInstallFile() (11798)
• Resolved Javascript errors created by previous SEF Background Image Fix (13973)
• Resolved problem with error handling in JFactory::getXMLParser (14022)
• Case-sensitive image extensions (14059)
• Atom feed validates correctly (14515)
• JString::RTrim method is correct (14491)
• Removed short open tag in admin.categories.html.php (14660)
• JInstallerComponent::_rollback_menu() error resolved when getting DB Connector (14795)
• File move now correctly returns "false" when not read or writable (14818)
• Directory Permissions listed correctly for Temp and Log Folders (14865)
• JFolder::folders no longer returns unnecessary warning (14875)
• Setting Tooltip Offset works correctly (15006)
• JArchiveZip::_extractNative() correctly identifies zip_open() failure (15044)
• Installer.php parseMedia points to correct folder (15047)
• Custom Install file upgraded on Component installation (15217)
• Undefined index HTTP_USER_AGENT error fixed in behavior.php (15282)

Statistics

Statistics for the 1.5.10 release period:

• Joomla 1.5.10 contains:
  • 68 issues fixed in SVN
  • 281 commits
• Tracker activity resulted in a net decrease of 8 active issues:
  • 176 new reports
  • 133 closed
  • 68 fixed in SVN
• At the time the 1.5.10 release was packaged, the tracker had 95 active issues:
  • 44 open
  • 40 confirmed
  • 11 pending

Joomla! Bug Squad

Thanks to the Joomla Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug with Joomla, find out more information here on how to report the bug.

Active members of the Joomla Bug Squad during this last release cycle include: Ian MacLennan and Mark Dexter co-coordinators; Airton Torres, Akarawuth Tamrareang, Arno Zijlstra, Amy Stephen, Andrew Eddie, Anthony Ferrara, Ashwin Date, Dan Walker, Dennis Hermacki, Edvard Ananyan, Elin Waring, Ercan Ozkaya, Gergő Erdősi, Hannes Papenberg, Kevin Devine, Kevin Sookocheff, Klas Berlič, Marieke van der Tuin, Marijke Stuivenberg, Mati Kochen, Niels Braczek, Pete Nurse, Rosario Buste, Samuel Moffatt, Shantanu Bala, and Wilco Jansen.

A warm welcome to the newest members of the Joomla Bug Squad: Amit Kumar Singh, Andrew Rose, Ashwin Date, Edvard Ananyan, Joe Palmer, Kashyap Puranik, Niels Braczek, Parth Lawate, Pete Nurse, Philip Walton, Richard Malinowski, and Srinivas Chilukuri.