Joomla 1.6.1 Released

The Joomla Project announces the immediate availability of Joomla 1.6.1. This is a security release.

The Production Leadership Team's goal is to continue to provide regular, frequent updates to the Joomla community.
Learn more about Joomla! development at the Developer Site.

Download

Click here to download Joomla 1.6.1 (Full package) »

Click here to download Joomla 1.6.1 (Upgrade packages) »

Instructions

Want to test drive Joomla? Try the online demo. Documentation is available for beginners.

Please note that you should always backup your site before upgrading.

Release Notes

Check the Joomla 1.6.1 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.

Security

  • Moderate Priority - Core - SQL Injection / Internal Path Disclosure.
  • Moderate Priority - Core - Path Disclosure.
  • Moderate Priority - Core - XSS Vulnerabilities.
  • Moderate Priority - Core - XSS Vulnerabilities.
  • Low Priority - Core - Information Disclosure.
  • Moderate Priority - Core - Redirect Vulnerabilities.
  • Moderate Priority - Core - Information Disclosure.
  • Low Priority - Core - Unauthorised Access.
  • Moderate Priority - Core - CSRF Vulnerabilities.
  • Moderate Priority - Core - DOS Vulnerabilities.
  • Moderate Priority - Core - XSS Vulnerabilities.
  • Moderate Priority - Core - CSRF Vulnerabilities.

Issues Fixed

CategoryIssue TitleLink
ACL group perms list should be expand/collapsible at will 24397
ACL new user group assignement doesn't work 24707
ACL A registered user can change their user name 24890
ACL No save icon in article editor for new article with category level permission 24886
ACL Users with create permission in a category cannot see the image button below the editor 24857
Administration Fix background color in high contrast batch fieldsets 24255
Administration Refresh Cache in Extension Manager: Failed loading XML file 24292
Administration Inconsistent term for User Group 24328
Administration Multiple groups are a problem in the user manager 24475
Administration Improve the cpanel of admin templates + correting some errors 24523
Administration Language fixes and new warnings for com_installer 24457
Administration Templates filter searches all extensions 24599
Administration Improve the Directory Permissions in com_admin 24558
Administration 3rd party components install in location "site" instead of "administrator" 24305
Administration *PHP warning in extension manger 24336
Administration Missing messages for some menu item types having no Basic Options 24884
Administration Problems with aliases when there is a menu alias menu type 24881
Administration Alternative Layout Not Implemented in com_search, com_users 25006
Authentication & Login *Issue in back-end login module with Languages not installed in db but present in the admin language folder 24681
Authentication & Login *Multilanguage on and site offline: loggin front-end gets in a loop 24912
Authentication & Login Login form does not use https 24307
Code Style PHP Strict Standards Message, Category Blog 24309
Code Style CRLF instead of LF in some files 24876
Code Style Systematic elimination of DS as directory separator - Round 2 24589
Code Style Wrong class in kategory list mode 24914
Components Unescaped value should be filtered. 24252
Components Getting 500 errors editing from category blog on front end with default sef on 24280
Components SQL Injection can result in information disclosure 24232
Components com_contact, wrong string is used in config.xml (COM_CONTACT_FIELD_PROFILE_SHOW_LABEL used twice) 24491
Components com_contact view contact links 24269
Components com_newsfeeds doesn't set default view in frontend 24444
Components com_mailto Spam Email Relay 24288
Components SQL error in com_contact if id not set 24371
Components Strict standards: Declaration of WeblinksModelCategory::getItems() should be compatible with that of JModelList::getItems() in 24265
Components Inconsistency in the Add new newsfeed screen 24665
Components Missing tooltip in Web Links Manager 24694
Components *menu items metadata not implemented 24704
Components Link Author option lacks in Archived Articles menu item 24726
Components com_menu not looking for component xml file 24562
Components Details of the components are in different orderings 24731
Components duplicate case in switch in ~/components/com_users/controller.php 24711
Components *Weblinks icon hardcoded 24776
Components *Contacts Category model tries to load params from menu even if no Itemid is set 24446
Components Clicks on a custom banner are not counted 24417
Components *Banners unique alias 24882
Components *Search lower and upper limit do not take into account localise.php settings 24932
Components *Accommodating for longer string value in Banners Edit page 24869
Components com_categories doesn't properly update paths of children categories when moved to a new parent 24506
Components Redirect component does not list 404 errors for missing child page when parent page does exist (patch supplied) 24911
Components Get error after save options for component 24856
Components duplicate code weblink .php 24978
Components *Category Save as Copy does not save with different title/alias 24909
Components *modal_contacts field type problems 24433
Components Joomla displaying error after uploading an image using Media Manager and the path does not stay where it is after the upload 24489
Components Double category strings in URLs 24799
Components A banner with limited impressions will never show 24908
Components Multiselect not implemented in all views 24929
Components Can't display teaser text in full article view. 24880
Components Extra markup in some component views 25042
Components extra closing div in \components\com_weblinks\views\form\tmpl\edit.php 25035
Database Issue with MySQL compatibility in joomla.sql with params fields 24299
Database in sql file bug 24825
Forms Contact form typo - duplicate tag <label> for Email and Message 24743
Forms JHtml select.radiolist produces unnecessary label class suffix 24423
Forms The "Ordering" form field type defaults to "0", causing accidental changes to ordering of plugins, modules, banners, etc (with patch) 24933
Front End Cannot edit a weblink from the frontend 24249
Front End Wrong description language code for email1 field 24619
Front End *Submitting two articles in the same category with the same title but different aliases doesn't work on frontend 24322
Installation Sample data - Wrapper module issue 24001
Installation Installation IE fixes 24253
Installation J!1.6 lacks a remove installation folder screen 24283
Installation com_installer Admin XSS 24281
Installation Sample data links 23792
Installation Javascript error in installation 24294
Installation Internationalisation of sample data options list 23083
Installation *Localise xml default language is not highlighted in the drop down 24580
Installation *Languages not installed in db but present in the language folders in joomla issue 24582
Installation Enabling debug language mode in installation application 24657
Installation Add a button to the installation to remove the installation folder 24097
Installation Improve installation.js 24496
Installation bug: old extension version reported from cache after automatic extension update** 22624
Installation Plugins installed via discover are enabled 24389
Installation Sample Data Typo 25091
Javascript Error parameters formated in tinymce 24233
Javascript None of the JS files have been compressed. 24260
Javascript Don't use the $() function in JavaScript. 24519
Javascript Make some scripts compatible with Mootools 1.3 24740
Joomla! Libraries Some article code can send JFilterInput into an endless loop 24258
Joomla! Libraries Fatal error: Cannot use object of type stdClass as array in ../libraries/joomla/updater/updater.php on line 108 24276
Joomla! Libraries response headers show wrong joomla version 24273
Joomla! Libraries Manifest data is not being serialized as JSON during install and discovery install. 24550
Joomla! Libraries Joomla! Web Application Framework library is uninstallable 24644
Joomla! Libraries Library JURI has an optional parameter: it should be mandatory 24405
Joomla! Libraries Unused JDate code causing"Catchable fatal error" 24532
Joomla! Libraries JController class lacks a unregisterTask method 24419
Joomla! Libraries Abort during install of component and module fail due to rollback methods being protected instead of public. 24548
Joomla! Libraries typo in databasequery.php - udpate 24675
Joomla! Libraries Add support for defer/async to JDocument 24821
Languages Hathor status module jtext plurals 24254
Languages Missing Language string Cache Unwritable 24384
Languages MODULES_ERR_XML incorrectly called 24396
Languages Missing language string JLIB_INSTALLER_ABORT_PACK_INSTALLER_COPY_SETUP 24426
Languages Incomplete language strings in Mass Mail 24466
Languages missing translation for COM_WEBLINKS_DEFAULT_PAGE_TITLE 24448
Languages Incorrect language definition in 'List Contacts in a Category' menu item type 24464
Languages Incorrect tooltips in Articles Categories module 24520
Languages Incorrect tooltip in Module Manager 24518
Languages In Bluestork, longer labels are being cut off especially radio button labels 24525
Languages *Extra language definitions for icon tooltips in Messages component 24615
Languages *Incorrect error string after saving default menu item with set 'Default Page' radio button to 'no' value 24513
Languages *No translation of options (plugin names) in ordering field of plugins 24607
Languages Incorrect term in a tooltip in the Menu Items screen 24642
Languages *Incorrect tooltip for the Enabled column in Plug-In Manager 24698
Languages *Incorrect tooltip in News Feed Manager 24695
Languages Incosistency in the Link Author article option 24724
Languages Contact language is ignored in frontend 24710
Languages Untranslated strings TPL_BEEZ5_ISCLOSED and TPL_BEEZ5_LOGO 24897
Languages Debug Language showing up 24859
Languages The strings used for the display column in the module assignment slider are confusing 24999
Languages Cannot Translate Option Values using JForm SQL Field Type** 24903
Layouts Extra div element in Category List for unpublished articles 24873
Layouts Missing class blog_children 24916
Layouts Missing class default_children 24915
Modules *Langswitcher module needed display improvement parameters 24461
Modules New Window without navigation 24540
Modules Backend mod_status private messages pluralisation 24573
Modules mod_articles_category creates wrong html code 24564
Modules Disabling modules on a page leaves error messages 24287
Modules Empty tooltips in module edit screens 24674
Modules Mod popular and latest article processing events in content plugins 24557
Modules *Don't show empty divs in mod_login 24702
Modules Module articles category - fatal error 24317
Modules Articles Category Module Gropu by Author error 24693
Modules Modules do not have Trashed state 24927
Modules Module Banners: "All categories" option does not include all categories 24896
Modules Incorrect ID attribute's value in backend menu 24947
Modules Stripped code in contents and custom html module 24545
Modules JNO/JYES instead JSHOW/JHIDE in mod_weblinks.xml 25008
Modules Missing "parent" css class if menu is collapsed 24963
Modules mod_articles_category generates a PHP warning when using language filter 24838
Modules Fatal error in mod_articles_category when showing readmore 24528
Modules *Duplicated module is published 25110
Plugins Language switcher broken by #24210 24256
Plugins *debug plugin does not display results if gzip is on 24267
Plugins Update GeSHI to 1.0.8.9 24404
Plugins If a system plugin tries to load its language file, Joomla! falls back to setting the default site language to English. 24750
Plugins PATCH: Change pagination pagelist 24797
Plugins plg_user_profile "Website" field XSS 24372
Plugins *Detect browser lang and cookie broken when using languagefilter 24767
Plugins *Redundant call to load language in tinymce causes lang load issue 24840
Plugins [#24767] *Detect browser lang and cookie broken when using languagefilter 24837
Plugins Improve the voting plugin 24497
Plugins * Menu manager Multilanguage Deactivate Home 24877
Plugins Alias URL does not work with Language filter plugin active - sef off 24455
Plugins Plugin User-Profile Birthday field alpha entry crashes Profile Fields in Admin 24883
Plugins Upgrade Geshi to 1.0.8.10 25022
Plugins Upgrade Codemirror to Version 0.94 23491
Plugins Codemirror update causes improper characters in template html/css editing 25038
RTL *Implementing RTL pagination in beez 24391
RTL *RTL/LTR issues in Beez2 and 5 (News feeds and debug) 24409
RTL breadcrumbs doesn't look good on rtl templates 24428
RTL uppear right toolbar on rtl template isn't align well 24460
RTL *Correcting icon message display in installation with rtl lang 24570
RTL modifying Beez 20 to compatibility with RTL 24983
RTL *modifying Beez5 to compatibility with RTL 25034
Search Engine Friendly Transliteration does not work in Category Manager 24872
Search Engine Friendly Send HTTP result code 503 for the offline page 24646
Search Engine Friendly 404 errors when using pagebreak with sef enabled 24816
Search Engine Friendly Remove com_search SEF encoding of search term 24314
Search Engine Friendly Redirect is Not Working with SEF 24524
Search Engine Friendly sef plugin results in a blank page for large content 24865
Templates Missing image in Beez2 and Beez5 24162
Templates /templates status indicator in backend 24301
Templates Bluestork administrator template template.css typo 24327
Templates In Users, Mass Mail Users, the tooltips are not being styled. 24459
Templates beez template typo with position-15 24587
Templates Unstyled dialog when clicking 'new' in module manager 24320
Templates Error page styling forces error box to far left 24394
Templates Screens jumps when using the ACL widget 24298
Templates No rounded corners in Opera for Modal 24591
Templates New preview screenshots required for the admin templates 24701
Templates Removes references to non-existing stylesheet 24735
Templates Image j_button2_right.png missing from system template 24828
Templates Remove the border attribute 24790
Templates Typo in media/media/css/popup-imagelist.css (wrong color value for background) 24830
Templates *Debug position in beez 20 template doesn't work. 24833
Templates JS error notices default template in IE7+8 24231
Templates JS patch for Beez5 - IE issue hide.js 24975
Templates Beez_20 and Beez 5 xml patch 25011
User Interface * Adding a "Location" column in Language Manager 24377
User Interface Administration templates renders JForm "checkboxes" incorrectly in config 24318
User Interface Admin Trashed menu doesn't display - link error 24463
User Interface Trashed articles - no indication of being trashed , when viewed at front of site 23915
User Interface *Contact form in frontend does not display the star for required fields 24708
User Interface Message label incorect showed and inconsistency with coma after labels in Contact form 24732
User Interface *Banners Tracks export modal needs more height 24812
User Interface [patch] Enable editor-xtd buttons to have meaningful tooltips 24811
User Interface *Accommodating longer strings in bluestork page title 24831
User Interface Change "Templates Manager" to "Template Manage" 24874
User Interface * Different Alias fields tooltips 24759
User Interface *Normalise modals UI 24923
User Interface JTRASH instead JTRASHED in jgrid.publishedOptions 24926
User Interface Banner Manager: Banners - increase is needed for colspan of table's footer 24965
User Interface There is no featured button in the tool bar, so no way to make multiple articles featured 24996
User Interface Cannot allow a group to create in a single sub category 24993
User Interface PNG images are not optimized 22832

Statistics for the 1.6.1 release period:

  • Joomla 1.6.1 contains:
    • 206 tracker issues fixed in SVN
    • 12 security issues fixed

Joomla! Bug Squad

Thanks to the Joomla Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla, please report it on the 1.6 Bug Tracker.

Active members of the Joomla Bug Squad during this last release cycle include: Akarawuth Tamrareang, Andrea Tarr, Andrew Eddie, Bill Richardson, Christophe Demko, Elin Waring, Harald Leithner, Ian MacLennan, Jacob Waisner, Janich Rasmussen, Jean-Marie Simonet, Jeremy Wilken, Marijke Stuivenberg, Mark Dexter, Matt Thomas, Michael Babker, Nikolai Plath, Ole Bang Ottosen, Omar Ramos, Phil Snell, Rouven Weßling, Rune Sjøen, Samuel Moffatt, Selene Feigl.

Bug Squad Leadership: Andrew Eddie, Ian MacLennan, and Mark Dexter Coordinators; Bill Richardson, Elin Waring, Marijke Stuivenberg, Matt Thomas, and Omar Ramos, Team Leaders.

Joomla! Security Swat Team

A big thanks to the Joomla! Security Swat Team for fixing all reported security issues with this release. We would especially like to thank our newest members, Bill Richardson, Elin Waring, and Rouven Weßling for their efforts with this release.