Joomla! 1.5 RC4 - Karibu

Just a week and a half ago people from all over the globe gathered in various locations to do a little Bug Squashing... today the fruits of their labour can be revealed as we announce the release of Joomla! 1.5 RC4. This release is code named Karibu which is Swahili for nearby, close, close by, at hand... all terms that we feel reflect the nature of this release.

Karibu marks an important milestone in 1.5's development, as barring any major issues we believe it will be the last release candidate, with the next release being the big one... Joomla! 1.5 stable. When that happens will in part be influenced by the Joomla! community...

More so than any previous, this release really has been one of unprecedented community involvement with people from all the various Working Groups as well as others banding together to help increase momentum as we head for a stable release. There is an enormous amount of energy building up around the 1.5 release and it is inspirational being a part of the process.

How can I be a part of the stable release?


The first and most important thing you can do is test the software with us. Download a copy of RC4 and install it somewhere to test it. Go through all the different areas of the software looking for things that do not work. If you come across something that is broken then please file a bug report on our tracker. If you come across something that seems to not work but you are not sure, ask a question in our Quality and Testing forum. If you have the ability to solve the problem, let us know how you would solve it by fixing it and providing a patch.

Rule of thumb: a bug report is great, a patch is even greater.


Almost as important as making sure the software works is making sure that people can learn how to use it. We try to make Joomla! as easy to use as possible, but even the easiest to use software requires documentation. Because Joomla! 1.5 is a complete rethink and rework of so much, the documentation for 1.0.x is no longer relevant. One of the things that we can use a lot of help with is writing documentation. At nearly every event we have gone to we have heard that people want to help but feel that they really do not have the expertise to do so... well this is your chance to help! We need volunteers to write up documentation on how to use nearly every part of Joomla! ... help screens ... development tutorials ... anything and everything you can think of to help people learn about Joomla!.

Teaser: Building on the huge success of the Bug Squashing event, in the coming weeks we will announce a Joomla! Documentation Boot Camp.... stay tuned for more.

How do I find more information on Joomla! 1.5?

Most of the resources with information on 1.5 is a work in progress, but that's where you come in. Help us make these resources better so that everyone that comes after you doesn't have the same problems finding information that you might have.





Joomla! 1.5 RC4 download


Joomla! 1.5 RC4 is by far the most stable release of version 1.5 to date. It has undergone a great deal of testing and bug fixing since RC3 and is considered very close to stable.  In our continuing efforts to provide the most secure code base we can 4 security issues have been identified and fixed since RC3. For this reason is it strongly advised that you upgrade any sites running RC3 to RC4 as soon as possible. As always when doing upgrades make sure you make backups of your existing site and test the upgrade first in a sandbox environment before you upgrade a live site.

A list of the known issues and security fixes for RC4 is shown below. Due to how fast things get fixed in our code base, those of you actively testing should be using updated nightly builds or copies checked out from our subversion server both of which can be found here.

Known Issues

  • There is an issue with the URL rewriting plugin that affects links embedded in articles in some cases. Make sure you test this thoroughly before updating a live site.

Security Fixes

  • SECURITY [HIGH] Critical CSRF allow portal compromise - Administrator components.
  • SECURITY [HIGH] Fixed registered user privilege escalation vulnerability.
  • SECURITY [MEDIUM] Fixed administrators can promote other users to administrator group.
  • SECURITY [LOW] XSS vulnerability in com_poll


Although a complete re-installation is recommended, it is possible to upgrade from RC3 to RC4 with the following procedure:

  • Backup all files; backup your database.
  • Delete all Joomla! core files, but leave any third-party extension files in place, including your configuration.php file.
  • Upload/copy contents of RC4 package.
  • Execute the MySQL commands to be found in /installation/sql/mysql/diff.sql to implement the necessary database changes.
  • Delete the entire /installation directory.