Security Release

The Joomla Project is pleased to announce the immediate availability of Joomla 2.5.19.

Joomla 2.5.19 is a security release addressing two medium level vulnerabilities.

The update process is very simple, and complete instructions are available here. Note that there are now easier and better ways of updating than copying the files with FTP.

Download

New Installations: Click here to download Joomla 2.5.19 (Full package) »

Update Package: Click here to download Joomla 2.5.19 (Update package) »

Note: Please read the update instructions before updating.

Instructions

*Please clear your browser's cache after upgrading

Want to test drive Joomla? Try the online demo. Documentation is available for beginners.

Release Notes

Check the Joomla 2.5.19 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.

Statistics for the 2.5.19 release period

  • 6 tracker issues fixed

Security Issues Fixed

  • Medium Priority - Core XSS Vulnerability
  • Medium Priority - Core XSS Vulnerability

How can you help Joomla! development?

There are a variety of ways in which you can get actively involved with Joomla! It doesn't matter if you are a coder, an integrator, or merely a user of Joomla!. You can contact the Joomla! Community Development Manager, David Hurley, to get more information, or if you are ready you can jump right into the Joomla! Bug Squad.

The Joomla! Bug Squad is one of the most active teams in the Joomla! development process and is always looking for people (not just developers) that can help with sorting bug reports, coding patches and testing solutions. It’s a great way for increasing your working knowledge of Joomla!, and also a great way to meet new people from all around the world.

If you are interested, please read about us on the Joomla! Documentation Wiki and, if you wish to join, email Mark Dexter or Nick Savov, our Bug Squad co-coordinators.

You can also help Joomla! development by thanking those involved in the many areas of the process. In the past year, for example, over 1,100 bugs have been fixed by the Bug Squad.

Contributors

Thank you to the code contributors and active Bug Squad members that created and tested this release:

Ben Charlton, Benjamin Trenkle, Brian Teeman, Carsten Wirtz, Christiane Maier-Stadtherr, Cyril Rezé, Denise McLaurin, Eino Mäkitalo, Fedik Zinchuk, George Wilson, Gunjan Patel, Hannes Papenberg, Ionut Lupu, Javier Gomez, Jean-Marie Simonet, Jonathan Cameron, Leo Lammerink, Marc Antoine Thevenet, Marco Richter, Marko Đedović, Matt Thomas, Michael Babker, Nikolai Plath, Peter van Westen, Piotr Mocko, Roberto Segura, Sander Potjer, Simon Asika, Thomas Hunziker, Tobias Zulauf, Toivo Talikka, Valentin Despa, Yannick Gaultier.

Joomla! Bug Squad

Thank you to the Joomla! Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla!, please report it on the Joomla! CMS Issue Tracker.

Active members of the Joomla! Bug Squad during past 3 months include: Achal Aggarwal, Anderson Martins, Anibal Sanchez, Ben Charlton, Ben Griffin, Brian Teeman, Camden Narzt, Christiane Maier-Stadtherr, Cyril Rezé, Daniel Dimitrov, Denise McLaurin, Dennis Hermacki, easteregg easteregg, Edwin Cheront, Elijah Madden, Fedik Zinchuk, Gary Mort, George Wilson, Hannes Papenberg, Jean-Marie Simonet, Jozsef Tamas Herczeg, Jurian Even, Kevin Griffiths, Kunal Bajpai, Lao Neo, Leo Lammerink, Marc Antoine Thevenet, Marcel van Beelen, Marco Richter, Marko Đedović, Matt Thomas, Max Sarte, Melih Tas, Michael Babker, Mohammad Hasani Eghtedar, Nicholas Dionysopoulos, Nikolai Plath, Parth Lawate, Peter van Westen, Piotr Gasiorowski, Piotr Mocko, Robert Gastaud, Roberto Segura, Samuel Moffatt, Sander Potjer, Serge Litvinov, Simon Asika, Stefania Gaianigo, Thomas Hunziker, Thomas Jackson, Thomas Kuschel, Tino Brackebusch, Tobias Zulauf, Toivo Talikka, Valentin Despa, Yannick Gaultier.

Bug Squad Leadership: Mark Dexter and Nick Savov, Co-Coordinators.

Joomla! Security Strike Team

A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla! secure. Members include: Airton Torres, Alan Langford, Beat, Bill Richardson, Claire Mandville, David Hurley, Don Gilbert, Gary Brooks, Jason Kendall, Javier Gomez, Jean-Marie Simonet, Marijke Stuivenberg, Mark Boos, Mark Dexter, Matias Griese, Michael Babker, Nick Savov, Pushapraj Sharma, Roberto Segura, Rouven Weßling, Thomas Hunziker.