The Joomla Project is pleased to announce the immediate availability of Joomla 2.5.14. This is a security release addressing a critical level security issue. The Production Leadership Team's goal is to continue to provide regular, frequent updates to the Joomla community. Learn more about Joomla! development at the Developer Site.
The update process is very simple, and complete instructions are available here. Note that there are now easier and better ways of updating than copying the files with FTP.
Joomla 1.5 is also impacted by this security issue. Additional information may be found at http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=31626
New Installations: Click here to download Joomla 2.5.14 (Full package) »
Update Package: Click here to download Joomla 2.5.14 (Update package) »
Note: Please read the update instructions before updating.
*Please clear your browser's cache after upgrading
Check the Joomla 2.5.14 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.
Statistics for the 2.5.14 release period
- Joomla 2.5.14 contains 1 security issue and 1 tracker issue fixed.
Security Issues Fixed
- Critical Priority - Core - Unauthorised Upload. More information »
Joomla! Bug Squad
Thanks to the Joomla Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla, please report it on the Joomla! CMS Issue Tracker.
Active members of the Joomla Bug Squad during past 3 months include: Achal Aggarwal, Adelene Teh, Aleksander Linkov, Angelika Reisiger, Anibal Sanchez, Anja Hage, Artur Alves, Ashan Fernando, Beat , Brian Teeman, Chad Windnagle, Constantin Romankiewicz, Daniel Kanchev, David Hurley, Dennis Hermacki, Dimitar Genchev, Duong Nguyen, Edwin Cheront, Elin Waring, George Wilson, Gunjan Patel, Hans Kuijpers, Hervé Boinnard, Hugh Messenger, Janich Rasmussen, Jason Rey, Jérôme GLATIGNY, Jean-Marie Simonet, Jern Wei Tan, Jerri Christiansen, Jozsef Tamas Herczeg, Khai Vu Dinh, klas 10, landor landor, Lao Neo, Lara Petersen, Le Van Thuyet, Loc Le Minh, Lu Nguyen, Marc Antoine Thevenet, Marijke Stuivenberg, Mario Proenca, Mark Dexter, Mark Lee, Matias Aguirre, Michael Babker, Mihail Irintchev, Mike Biolsi, Mike Veeckmans, Nha Bui, Nicholas Dionysopoulos, Nick Savov, Nik Faris Akmal, Ofer Cohen, Olaf Offick, Patrick Alt, Peter Martin, Peter van Westen, Peter Wiseman, Piotr Konieczny, Radek Suski, Richard McDaniel, Rob de Cleen, Robert Deutz, Robert Gastaud, Roberto Segura, Roland Dalmulder, Ronni Christiansen, Sam Teh, Sander Potjer, Sandra Thevenet, Sebastian Łuckoś, Sergio Iglesias, Seth Warburton, Shafiq Mazlan, Stefania Gaianigo, Thomas Hunziker, Tino Brackebusch, TJ Baker, Tobias Zulauf, tompap tompap, Troy Hall, Tu Diep The, Valentin Despa, Victor Drover, Viliam Kubis, Yiliang Yang.
Bug Squad Leadership: Mark Dexter and Nick Savov, Co-Coordinators. Super-star contributors and leaders by example: David Hurley, Jean-Marie Simonet, Brian Teeman, Elin Waring, Marc Antoine Thevenet, Michael Babker, and Roberto Segura.
Joomla! Security Strike Team
A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla secure. Members include: Airton Torres, Alan Langford, Beat, Bill Richardson, David Hurley, Don Gilbert, Elin Waring, Gary Brooks, Jason Kendall, Jean-Marie Simonet, Marijke Stuivenberg, Mark Boos, Mark Dexter, Matias Griese, Michael Babker, Nick Savov, Pushapraj Sharma, Rouven Weßling.