Joomla! 2.5.16 Released

The Joomla Project is pleased to announce the immediate availability of Joomla 2.5.16.  2.5.16 addresses three critical issues reported after the release of 2.5.15 earlier today.  Aside from the links to the download packages, the text of the rest of this article is the same as that of today's 2.5.15 release.

For users on 2.5.15 who are unable to update to 2.5.16 via the core update component, please download the patch package from http://joomlacode.org/gf/download/frsrelease/18859/91475/Joomla_2.5.15_to_2.5.16-Stable-Patch_Package.zip and install it via your Extension Manager to update.

This is a security release addressing three security issues. The Production Leadership Team's goal is to continue to provide regular, frequent updates to the Joomla community. Learn more about Joomla! development at the Developer Network.

The update process is very simple, and complete instructions are available here. Note that there are now easier and better ways of updating than copying the files with FTP.

Download

New Installations: Click here to download Joomla 2.5.16 (Full package) »

Update Package: Click here to download Joomla 2.5.16 (Update package) »

Note: Please read the update instructions before updating.

Instructions

*Please clear your browser's cache after upgrading

Want to test drive Joomla? Try the online demo. Documentation is available for beginners.

Release Notes

Check the Joomla 2.5.16 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.

Statistics for the 2.5.16 (including 2.5.15) release period

  • Joomla 2.5.16 (including 2.5.15) contains 3 security issues and 32 tracker issues fixed

Security Issues Fixed

  • High Priority - Core XSS Vulnerability
  • Medium Priority - Core XSS Vulnerability
  • Medium Priority - Core XSS Vulnerability

Joomla! Bug Squad

Thanks to the Joomla Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla, please report it on the Joomla! CMS Issue Tracker.

Active members of the Joomla Bug Squad during past 3 months include: Achal Aggarwal, Adelene Teh, Aleksander Linkov, Angelika Reisiger, Anibal Sanchez, Anja Hage, Artur Alves, Ashan Fernando, Beat , Brian Teeman, Chad Windnagle, Constantin Romankiewicz, Daniel Kanchev, David Hurley, Dennis Hermacki, Dimitar Genchev, Duong Nguyen, Edwin Cheront, Elin Waring, George Wilson, Gunjan Patel, Hans Kuijpers, Hervé Boinnard, Hugh Messenger, Janich Rasmussen, Jason Rey, Jérôme GLATIGNY, Jean-Marie Simonet, Jern Wei Tan, Jerri Christiansen, Jozsef Tamas Herczeg, Khai Vu Dinh, klas 10, landor landor, Lao Neo, Lara Petersen, Le Van Thuyet, Loc Le Minh, Lu Nguyen, Marc Antoine Thevenet, Marijke Stuivenberg, Mario Proenca, Mark Dexter, Mark Lee, Matias Aguirre, Michael Babker, Mihail Irintchev, Mike Biolsi, Mike Veeckmans, Nha Bui, Nicholas Dionysopoulos, Nick Savov, Nik Faris Akmal, Ofer Cohen, Olaf Offick, Patrick Alt, Peter Martin, Peter van Westen, Peter Wiseman, Piotr Konieczny, Radek Suski, Richard McDaniel, Rob de Cleen, Robert Deutz, Robert Gastaud, Roberto Segura, Roland Dalmulder, Ronni Christiansen, Sam Teh, Sander Potjer, Sandra Thevenet, Sebastian Łuckoś›, Sergio Iglesias, Seth Warburton, Shafiq Mazlan, Stefania Gaianigo, Thomas Hunziker, Tino Brackebusch, TJ Baker, Tobias Zulauf, tompap tompap, Troy Hall, Tu Diep The, Valentin Despa, Victor Drover, Viliam Kubis, Yiliang Yang.

Bug Squad Leadership: Mark Dexter and Nick Savov, Co-Coordinators.

Joomla! Security Strike Team

A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla secure. Members include: Airton Torres, Alan Langford, Beat, Bill Richardson, David Hurley, Don Gilbert, Elin Waring, Gary Brooks, Jason Kendall, Jean-Marie Simonet, Marijke Stuivenberg, Mark Boos, Mark Dexter, Matias Griese, Michael Babker, Nick Savov, Pushapraj Sharma, Rouven Weßling.