Joomla! 1.0.12 Released

Created on Monday, 11 December 2006 11:00

Image Joomla! 1.0.12 [ Sunfire ] is available as of Monday the 25th of December 2006 1:00 UTC for download here.

We suggest that all Joomla! users upgrade to this version.

Joomla! 1.0.12 features:

  • 140+ General Bug Fixes
  • Several low level security fixes
  • A full security audit of SQL queries
  • SSL switchover support

Although this release contains several security fixes, as they are of a low level nature, this release is still being characterized as a Stability Release.  If you are running a version of Joomla! older than 1.0.11, you should upgrade immediately to at least Joomla! 1.0.11 as that release addressed several important security issues.  If you are using Joomla! 1.0.11, we recommend that you upgrade to 1.0.12 as it addresses several long standing bugs and several low level security issues.

We are also pleased to announce the creation of a new Security Announcements Forum.  As the name suggests, this forum will be used for security announcements for the Joomla! core and third party extensions.  We strongly encourage that all Joomla! users register on forum.joomla.org and subscribe to this forum to ensure that they receive notification of important security issues as soon as possible.  We also encourage you to do same for all third-party extensions you use, where available.

Release Information 

1.0.12 is available as a Full Package, which contains all Joomla! files or Patch Packages which contain only the files that have changed since previous Joomla! 1.0.x version.

A More Secure Joomla! 

Joomla! security is getting consistently better.  We have dedicated many hours to ensuring that Joomla! is as secure as it can be.  To do this, we have adopted a two sided approach that includes automated security tools and manual auditing and revision.  For this release, we conducted a complete audit of all SQL queries, reviewed many aspects of our login and authentication systems, and conducted several automated scans in order to make this Joomla! release as secure as possible.

SSL Switchover Support 

Joomla! 1.0.12 has reintroduced SSL switchover support.  If your website is setup to serve the same files via HTTP or HTTPS you will now be able to create SSL secured logins, easily switch between secure and insecure navigation and do all of your administrative tasks via an SSL protected connection.  A FAQ on how to setup these features will be available soon in the Security FAQs section of the Joomla! forums.  

Joomla! Version Warning 

The version warning system that was added in Joomla! 1.0.11 has been removed from Joomla! 1.0.12.  This version of Joomla! is intended to be the last release in the 1.0.x series.  The 1.0.x is now in security mode which means that we will not be releasing any more stability updates.  There will only be another version in this series if a critical security vulnerability is discovered.  

Extension Installer Warning

It is essential that you take a moment after updating the core to check if your extensions are up to date, and update them if a newer version is available.

Often newer versions address not only bugs but security issues as well. You can do this by looking in the components, modules and mambots installer pages, which display a URL to the homepage of the authors, or by checking on extensions.joomla.org.

In order to better educate our users about the security risks that can arise from installing insecure extensions, we have added a warning message at the top of the extension installers.  Please remember, 3rd party extensions must be kept up to date just like Joomla! and updating your Joomla! installation(s) will not update the 3rd party extensions installed on your sites.

For a list of extensions that have known security issues please see the List of Vulnerable 3rd Party Extensions.

 


 

 

New to Joomla! or starting a new site

Are you a new Joomla! user?  Confused as to which of the 30 available packages to dowload? 

The answer is simple.  If you are creating a site for the first time, you will need the Full Package file:

The other packages are for those users who have already have an existing Joomla! site and wish to upgrade to the latest version.

Upgrade Instructions

Upgrading from any version of Joomla! 1.0.x to 1.0.12 simply involves overwriting your current sites files, with the files in the proper Patch Package that applies to your site. 
So if you are running Joomla! 1.0.9, you will need the 1.0.9 to 1.0.12 Patch Package
.

This can be done by either uncompressing the Patch Package and then using an FTP client to transfer these files to your server and overwriting existing file.  If you find errors after the process, ensure that all files were properly transferred. There have been verified reports of some FTP clients not properly transferring files across to a server - without notifying the user of such a problem. One possible cause is that under certain circumstances the webserver locks the files it is using, and the ftp-server can't update those files. One possibility is to take the site shortly offline during the FTP transfer.

If your Web Provider gives you access to your site via some sort of Web Admin panel like CPanel or Plesk, you can use the syetems file manager to upload the Patch Package file to your server and then extracting the package file and overwriting all the files on your server.

More information can be found on the Forums and if at any stage you are unsure, then search the forums for posts on the subject.  Most will be found in the Upgrading Forum.

Conversion Instructions

For those converting from Mambo 4.5.2.x or Mambo 4.5.3 please read these Migration instructions.
You will to need to download the Joomla 1.0.12 Full package.

Backing Up

Before undertaking an Upgrade or Conversion, it is extremely important that you backup your site's Database and if possible, also you site's files.  While we try to ensure that an Upgrade or Conversion process is relatively straightforward, we cannot garuantee that this will always be the case for every user.  So it is imperative that users take protective measures in case they face problems after the Upgrade or Conversion.

Package Integrity

To ensure the integrity of the files you are downloading, you are advised only to download from the 'Official Source' on the Ofifical Joomla! Forge.  As an extra security measure we now make available the MD5 checksum values of the respective package files, to allow people to do integrity checking.

 


 

Packages

1.0.12 is available as a Full Package, which contains all Joomla! files and Patch Packages which contain only the files that have been changed by the Stability work conducted from previous Joomla! 1.0.x versions.

Joomla! 1.0.12 comes as a Full Package:

  • 1.0.12 Stable Full Package

and Patch Packages:

  • 1.0.0 to 1.0.12 Patch
  • 1.0.1 to 1.0.12 Patch
  • 1.0.2 to 1.0.12 Patch
  • 1.0.3 to 1.0.12 Patch
  • 1.0.4 to 1.0.12 Patch
  • 1.0.5 to 1.0.12 Patch
  • 1.0.6 to 1.0.12 Patch
  • 1.0.7 to 1.0.12 Patch
  • 1.0.8 to 1.0.12 Patch
  • 1.0.9 to 1.0.12 Patch 
  • 1.0.10 to 1.0.12 Patch
  • 1.0.11 to 1.0.12 Patch 

Package Formats

It also comes packaged in 3 different compression formats

 


 

Thanks 

A release like this is a massive undertaking that requires an immense amount of coordination, cooperation and patience.  It can be frustrating, difficult, and at times, outright painful, but when all is said and done and we get to sit back and take it all in, it is an amazing and beautiful thing.  Joomla! is built by a family of volunteers who selflessly give their time in order to make this the best CMS in the world and that is an awesome thing. 

So, to the countless contributors who give their time to the project to report bugs, propose fixes, and solve problems; thank you, you make Joomla! great.  And, to the developers and testers that help to pull all the loose ends together and make sure the wheels are on tight, thank you, you make Joomla! a reality.  And, I want to show my personal appreciation for a few people that have stood beside me, tirelessly working to make this happen: Enno, for the countless hours he has spent working through some of the most difficult problems.  Louis, for his endless patience and help.  Wilco and Johan for believing in me and trusting my ideas.  Andy, for his perseverence and dedication to the help system.  And, last but certainly not least, Brad, for the immeasurable number of hours that he gives to keep Joomla! alive.  These guys give more to this project then most could really understand and they certainly do not receive as much acknowledgment as they deserve. 

So, to all of you, THANK YOU!  Without you, this wouldn't be possible.

Rob Schley

Quality & Testing Coordinator
Joomla! Core Team Member
Project Joomla!