[joomla] Fwd: Joomla! Security News
Matt Thomas
matt at betweenbrain.com
Tue Jun 19 08:47:59 EDT 2012
Please be aware that there are known issues when upgrading to 2.5.5 (i.e.
http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=28684).
It took down two of my sites yesterday and many users can't upgrade until
those issues are fixed. 2.5.6 is coming soon.
Best,
Matt Thomas
Founder betweenbrain <http://betweenbrain.com/>™
Lead Developer Construct Template Development
Framework<http://construct-framework.com/>
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain
On Tue, Jun 19, 2012 at 8:43 AM, Laura Gordon <rytech123 at gmail.com> wrote:
> Hi all,
> Just wanted to forward this over to the entire group. If you are using
> joomla 2.5.4, it is time to upgrade to joomla 2.5.5. Good news is that you
> can do it with a click of a button! So click away!
>
> -- Laura
>
> ---------- Forwarded message ----------
> From: Joomla! Developer Network - Security News <no_reply at joomla.org>
> Date: Tue, Jun 19, 2012 at 8:20 AM
> Subject: Joomla! Security News
> To: rytech123 at gmail.com
>
>
> **
> Joomla! Security News <http://developer.joomla.org/security/news.html>
> <http://fusion.google.com/add?source=atgs&feedurl=http://feeds.feedburner.com/JoomlaSecurityNews>
> ------------------------------
>
> [20120601] - Core - Privilege Escalation<http://feedproxy.google.com/%7Er/JoomlaSecurityNews/%7E3/I2o1kbJKIVQ/470-20120601-core-privilege-escalation.html?utm_source=feedburner&utm_medium=email>
>
> Posted: 19 Jun 2012 12:21 AM PDT
>
> - *Project:* Joomla!
> - *SubProject:* All
> - * Severity:* Medium High
> - *Versions:* 2.5.4 and all earlier 2.5.x versions
> - *Exploit type:* Privilege Escalation
> - *Reported Date:* 2012-April-29
> - *Fixed Date:* 2012-June-18
>
> Description
>
> Inadequate checking leads to possible user privilege escalation.
> Affected Installs
>
> Joomla! versions 2.5.4 and all earlier 2.5.x versions
> Solution
>
> Upgrade to version 2.5.5
>
> Reported by Nils Rückmann
> Contact
>
> The JSST at the Joomla! Security Center.
> <http://feeds.feedburner.com/%7Eff/JoomlaSecurityNews?a=I2o1kbJKIVQ:Mi-lzlMckGo:yIl2AUoC8zA>
>
> [20120602] - Core - Information Disclosure<http://feedproxy.google.com/%7Er/JoomlaSecurityNews/%7E3/K71HzujRDDs/471-20120602-core-information-disclosure.html?utm_source=feedburner&utm_medium=email>
>
> Posted: 19 Jun 2012 12:21 AM PDT
>
> - *Project:* Joomla!
> - *SubProject:* All
> - * Severity:* Low
> - *Versions:* 2.5.4 and all earlier 2.5.x versions
> - *Exploit type:* Information Disclosure
> - *Reported Date:* 2012-May-1
> - *Fixed Date:* 2012-June-18
>
> Description
>
> Inadequate filtering leads SQL error and information disclosure.
> Affected Installs
>
> Joomla! versions 2.5.4 and all earlier 2.5.x versions
> Solution
>
> Upgrade to version 2.5.5
>
> Reported by Jakub Galczyk
> Contact
>
> The JSST at the Joomla! Security Center.
> <http://feeds.feedburner.com/%7Eff/JoomlaSecurityNews?a=K71HzujRDDs:drlJPIxfM5Y:yIl2AUoC8zA>
> You are subscribed to email updates from Joomla! Developer Network -
> Security News <http://developer.joomla.org/security/news.html>
> To stop receiving these emails, you may unsubscribe now<http://feedburner.google.com/fb/a/mailunsubscribe?k=VOn2LflPmMepisLclOaCvkcQLcA>
> . Email delivery powered by Google Google Inc., 20 West Kinzie, Chicago
> IL USA 60610
>
>
>
> --
> I have a new email address: rytech123 at gmail.com
>
> Trainer with www.Video2Brain.com
> Board Member of www.JoomlaNYC.org
> Trainer for www.JoomlaTraining.com
> Sponsor & Coordinator for www.JoomlaDayNYC.com
>
> www.RytechSites.com
> Dynamic Websites for your company!
>
>
>
>
> _______________________________________________
> New York PHP SIG: Joomla! Mailing List
> http://lists.nyphp.org/mailman/listinfo/joomla
>
> NYPHPCon 2006 Presentations Online
> http://www.nyphpcon.com
>
> Show Your Participation in New York PHP
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/joomla/attachments/20120619/be6f48d4/attachment.html>
More information about the Joomla
mailing list