Joomla Announcements

A New Look for Joomla.org

Joomla08 TemplateYou may have noticed the new look of Joomla.org and it's just the beginning of our new facelift. Not only is it a new and pretty face, but deeper changes as well. Here are just a few of the highlights of the new design overhaul:
  1. More user-centric design: The top portion of the home page focuses on directing users in Joomla's three primary user groups: Beginner, Intermediate & Advanced. These are three top-level "funnels" for quickly getting users to relevant content.
  2. Consolidation of resources: As the previous sites grew, the architecture became more convoluted and pages with redundant resources were created or, conversely, related information was strewn across several pages. A consolidation of information should help users more logically find what they need.
  3. More resources brought up to the home page: The previous home page gave users Joomla news and not much more. The lower portion of the new home page brings forward content from many of Joomla's most important aspects. Repeat visitors can get the latest information from a multitude of sources all at a glance.
  4. More overall integration: Each of the Joomla sites has differing approaches to resolving unique informational and navigational aspects. When taking into consideration the evolution and overall growth of our group of sites, we have taken a hard look of the complexities and how to resolve those in a manner to give the best user experience.
  5. Compliance with W3 standards: Joomla template pages validate according to the XHTML 1.0 Transitional standard. Check it out.
The new design of the main Joomla.org site is the first in a series of upgrades to all the Joomla Web sites. The planned rollout will consist of:
  1. Joomla Shop at shop.joomla.org - Update planned by next week.
  2. Joomla Demo at demo.joomla.org - Update planned by next week.
  3. Joomla Community Portal at community.joomla.org - Coming soon.
  4. Joomla Developer Network at developer.joomla.org - Coming soon.
  5. Joomla Extensions Directory at extensions.joomla.org - Coming soon.
  6. Joomla Discussion Forums at forum.joomla.org - Coming soon.
  7. Joomla Documentation Wiki at docs.joomla.org - Coming soon.
If you'd like to share your feedback and comments on the new look and functionality, visit our Sites & Infrastructure Forum.

Why you should upgrade to Joomla 1.5.6

JoomlaThis morning, Joomla.org was defaced a few hours after releasing our new design. This is not a new security issue, but only poor system administration practices on our part. When we updated our Web sites with the Joomla 1.5.6 security fix released yesterday, we simply forgot to update one of our small, non-public development sites.
 
Now, we could offer many excuses why it was overlooked—we were focused on fixing this vulnerability, creating the packages, and getting the word out. But the truth is, there is no excuse. This is an obvious and sobering reminder to the Joomla Project that staying current with upgrades is the most important step towards protecting your Web site.
 
Nothing but good will come of this experience. There's nothing like first hand experience to remind us of the trust our end user community places in us and the importance of working harder and smarter towards improving security.
 
Please, upgrade to Joomla 1.5.6 now, if you have not already done so. In retrospect, we wish we'd followed our own advice more diligently.

Joomla! 1.5.6 Released

Joomla 1.5.6 Security Release

The Joomla! community is pleased to announce the immediate availability of Joomla! 1.5.6 [Vusani]. This is a quick turnaround security release to address a high level security issue and it is recommended all users upgrade immediately.

For more information about this exploit, click here to visit the Joomla Security Blog.

Instructions

Download the Joomla 1.5.6 full package now

Download update packages


Release Notes

  • SECURITY [HIGH] Fixed security hole in reset logic to check for proper token length.

Manual Installation

Download the Joomla! 1.5.6 Security Patch changed files only


For some users a manual installation of the 1.5.6 Security Patch is a faster process. To manually apply the 1.5.6 Security Patch, upload the following files, replacing the existing files:

		components/com_user/models/reset.php
		changelog.php
		includes/framework.php
		administrator/includes/framework.php
		libraries/joomla/version.php
		libraries/joomla/environment/uri.php

This patch will only update installations of Joomla 1.5.5. If you're using an earlier version, it is recommended you update prior to updating these files.

Subcategories