Release News

Joomla 1.5.7 Security Release Now Available

The Joomla Project is pleased to announce the immediate availability of Joomla 1.5.7 [Wovusani]. This is a security release and contains a number of bug fixes, improvements as well as security fixes. It is strongly recommended that users immediately upgrade. It has been nearly four weeks since Joomla 1.5.6 was released on August 12, 2008. The Development Working Group's goal is to continue to provide regular, frequent updates to the Joomla community.






Instructions

Click here to download Joomla 1.5.7 (Full package) »

Click here to find an update package. »


Want to test drive Joomla? Try the online demo. Documentation is available for beginners.

Release Notes

Security

  • Several security issues were fixed in this release. There was 1 critical, 1 major and 2 moderate security vulnerabilities fixed in 1.5.7. For more information, visit the Security Center.

Articles

  • com_content: Metadata handling; Alias not copied for Articles
  • String Escaping: External links; Titles; Alt tags missing on images
  • Blog Layout: Article Page break; new Left-to-Right option; Breadcrumbs; Archive Intro Text formatting issues; Section Blog Article links
  • Submit Article: Article Order Drop-Down List on Front End Shows Archived and Trashed Articles; Preview edited Article does not use Template Editor.css
  • RSS Feed: Publish Date fix; External URLs rendering incorrectly
  • SEO: Index and Follow Meta Tag for Print View

Modules

  • Show_noauth problem; Module Deletion after uninstall; Colspan in mod_latest; Copy Newsflash Module
  • Name and Username in mod_login; Menu item is locked after closing
  • Search: Textfield Width Parameter; Show Search Results option; Category Search

Legacy

  • Menu Access Rights Corrections; Menu Separator shows as Link

Templates

  • Beez: Contact Image; Typo in Attribute value; Newsflash Article URL
  • ja_purity: e-Mail and Print Button files; Default Article Layout does not display Edit Icon for Authors; Site Logo Text goes under Header background; Top menu
  • UPDATE (Sept. 10, 2008): New function countMenuChildren() added for hiding empty split menus

Administrator

  • $row is not Initialized
  • Help: Latest Version check; Help Key Reference Update for Modules: New Screen
  • Configuration: Time Zone correction
  • Media Manager: Base path missing slashes
  • Sample Content: Outdated Links in "Welcome to Joomla", Newsfeed Fixes, several updated articles and statistics
  • Installation: Remove confusing error message about language files for extension installations

System

  • IIS 6 and IIS 7: JRoute::_() and Application Redirect() fixes
  • Parameter Types: SQL, Textarea for Templates
  • E-mail: JMail class ignores JConfig.sendmail path for sendmail; Incorrect SEF URLs for outgoing recommendation e-mails
  • API: JHTMLSelect fix; queryBatch logging in debug mode; JSite::getParams(); strpos(); setMetadata creates duplicate meta tags; $row is not initialized
  • XML-RPC client ID is too high; Profiling J1.5 framework; $row is not initialized
  • Cache: JCacheStorageFile::gc flawed logic in cache expiry; Clean Cache file with Cache Manager

UPDATE (Sept. 12, 2008): For FAQs about this release, see http://docs.joomla.org/Category:Version_1.5.7_FAQ


Read more: Joomla 1.5.7 Security Release Now Available

Joomla! 1.5.6 Released

Joomla 1.5.6 Security Release

The Joomla! community is pleased to announce the immediate availability of Joomla! 1.5.6 [Vusani]. This is a quick turnaround security release to address a high level security issue and it is recommended all users upgrade immediately.

For more information about this exploit, click here to visit the Joomla Security Blog.

Instructions

Download the Joomla 1.5.6 full package now

Download update packages


Release Notes

  • SECURITY [HIGH] Fixed security hole in reset logic to check for proper token length.

Manual Installation

Download the Joomla! 1.5.6 Security Patch changed files only


For some users a manual installation of the 1.5.6 Security Patch is a faster process. To manually apply the 1.5.6 Security Patch, upload the following files, replacing the existing files:

		components/com_user/models/reset.php
		changelog.php
		includes/framework.php
		administrator/includes/framework.php
		libraries/joomla/version.php
		libraries/joomla/environment/uri.php

This patch will only update installations of Joomla 1.5.5. If you're using an earlier version, it is recommended you update prior to updating these files.

Joomla! 1.5.5 Released

Image

The Joomla! community is pleased to announce the immediate availability of Joomla! 1.5.5 [Mamni]. This is a quick turnaround release to address the Duplicate Title error from 1.5.4 . This release also contains important SEF URL improvements and fixes for com_content in addition to a number of bug fixes and improvements. It has been nearly three weeks since Joomla! 1.5.4 was released on July 8, 2008. The Development Working Group 's goal is to continue to provide regular, frequent updates to the Joomla! community.

Instructions

Download Joomla! 1.5.5 and update packages

Want to test drive Joomla!? Try the online demo . Documentation is available for beginners.

Release Notes

  • Fix Duplicate Titles Bug
  • SEF URL improvements and fixes for com_content
  • Fixed error restricting Search to Article content, only
  • Archived Articles now link correctly with SEF URLs
  • Category Blog pagination and Link List corrected
  • Category List Menu Item and Frontend now allow List length selection
  • Fixed Contact Item Bad Word parameter that prevented email
  • Private Messaging Search now returns results
  • SWF Banner correction allowing definition of dimensions
  • Improved 403 reporting for Submit Article and Web link permission issues
  • "Register to Read More" fixes for Newsflash
  • Page Break and Read More fixes
  • JA Purity Hornav position, login token code, and language string fixes
  • BEEZ fieldset alignments for Search and Read More link corrections
  • Installer fixes for updates to Components and Modules
  • mosmsg now used by 1.0.x extensions

Read more: Joomla! 1.5.5 Released