Upgrade to Joomla! 1.0.3 Security Release now!

Created on Friday, 14 October 2005 06:22

Image
Joomla! 1.0.3 out now
Joomla! 1.0.3 [Sunlight] is now available on the forge for download here.

This is a Security Release, which means it contains fixes for several Security Vunerabilities.
We highly recommend that you upgrade to this version.

1.0.3 is available as a Full Package, which contains all Joomla! files and a Patch Package which contains only the files that have been changed by the Security work conducted.

1.0.3 Changelog
1.0.3 Version Information



Security Vunerabilities
1.0.3 Contains fixes for 4 Security Vunerabilities.

Medium Level Threat
  • SQL injection bug in content submission
    - Affects all previous versions of Joomla! and Mambo 4.5.2.x series

Low Level Threats
  • Bug when 2 logged in and try to edit the same content
    - Affects all previous versions of Joomla! and Mambo 4.5.2.x series
  • Search Component flooding, by limiting searching to between 3 and 20 characters
    - Affects all previous versions of Joomla! and Mambo 4.5.2.x series
  • shows Items to unauthorized users
    - Affects Joomla! 1.0.2 only



Upgrade Instructions
To update from Joomla! 1.0.2, all you have to do is simply overwrite files from the 1.0.2 to 1.0.3 Patch Package.
To update from Joomla! 1.0.1, all you have to do is simply overwrite files from the 1.0.1 to 1.0.3 Patch Package.
To update from Joomla! 1.0.0, all you have to do is simply overwrite files from the 1.0.0 to 1.0.3 Patch Package.



Conversion Instructions
For those converting from Mambo 4.5.2.x please read these Migration instructions.
You need to download the Joomla 1.0.3 Full package.



Thank you to the community for their continued assistance in helping us make Joomla 1.0.x more stable.


Rey Gigataras [stingrey]
Joomla! Software Coding and Design
Stability Team Leader