Menu

Joomla

[20110403] – Core – Information Disclosure

April 15th, 2011

Project: Joomla! SubProject: All Severity: Low Versions: 1.6.1 and 1.6.0 Exploit type: Information Disclosure Reported Date: 2011-March-26 Fixed Date: 2011-April-14 Description Inadequate error checking causes information disclosure. Affected Installs Joomla! version 1.6.1 and 1.6.0 versions Solution Upgrade to the latest Joomla! version (1.6.2 or later) Reported by High-Tech Bridge SA (Switzerland) Contact The JSST at…

[20110409] – Core – Clickjacking

April 15th, 2011

Project: Joomla! SubProject: All Severity: Medium Versions: 1.6.1 and 1.6.0 Exploit type: Clickjacking Reported Date: 2011-March-30 Fixed Date: 2011-April-14 Description Inadequate protection leads to clickjacking vulnerability. Affected Installs Joomla! version 1.6.1 and 1.6.0 versions Solution Upgrade to the latest Joomla! version (1.6.2 or later) Reported by Aung Khant, YGN Ethical Hacker Group Contact The JSST…

[20110405] – Core – XSS Vulnerabilities

April 15th, 2011

Project: Joomla! SubProject: All Severity: Medium Versions: 1.6.1 and 1.6.0 Exploit type: XSS Vulnerabilities Reported Date: 2011-March-29 Fixed Date: 2011-April-14 Description Inadequate filtering causes XSS vulnerabilities. Affected Installs Joomla! version 1.6.1 and 1.6.0 versions Solution Upgrade to the latest Joomla! version (1.6.2 or later) Reported by Jeff Channell Contact The JSST at the Joomla! Security…

[20110401] – Core – Information Disclosure

April 4th, 2011

Project: Joomla! SubProject: All Severity: Low Versions: 1.5.22 and earlier Exploit type: Information Disclosure Reported Date: 2010-December-08 Fixed Date: 2011-April-04 Description Inadequate error checking causes information disclosure. Affected Installs Joomla! version 1.5.22 and all previous 1.5 versions Solution Upgrade to the latest Joomla! version (1.5.23 or later) Reported by Hannes Papenberg Contact The JSST at…

[20110308] – Core – CSRF Vulnerability

March 5th, 2011

Project: Joomla! SubProject: All Severity: Low Versions: 1.6.0 Exploit type: Cross Site Request Forgery Reported Date: 2011-March-04 Fixed Date: 2011-March-07 Description Inadequate token checking leads to cross-site request forgery vulnerability. Affected Installs Joomla! version 1.6.0. Solution Upgrade to the latest Joomla! version (1.6.1 or later) Reported by Marius van Rijnsoever Contact The JSST at the…

[20110307] – Core – XSS Vulnerabilities

March 5th, 2011

Project: Joomla! SubProject: All Severity: Moderate Versions: 1.6.0 Exploit type: XSS Reported Date: 2011-March-02 Fixed Date: 2011-March-07 Description Inadequate filtering causes XSS vulnerabilities. Affected Installs Joomla! version 1.6.0. Solution Upgrade to the latest Joomla! version (1.6.1 or later) Reported by security@joomla.org Contact The JSST at the Joomla! Security Center.

Joomla 1.6 Alpha 2 Released

October 25th, 2009

The Joomla project is pleased to announce the immediate release of Joomla 1.6 alpha 2. This release contains many new features requested by the community; most notably, ACL. Other features are listed below as well as what you can expect in the future for Joomla 1.6. This is an alpha release. It is intended to…

Feature patches for 1.6

March 5th, 2009

On January 25th we reported back from the development coordinator summit. A lot of people noticed that we created three new development-related, publicly-accessible mailing lists for the Joomla development community. The most important reason for us to open up in this way is to attract more developers and enable them to help out with core…

Happy New Year: 2009 is going to be a big one (point six)

January 2nd, 2009

2008 was certainly a big year with the release of 1.5 in January. I think this has been one of our most successful and ground breaking releases (comparable to Mambo 4.5.1 which really pushed us to a new level back in the good old days). A new stability release will come out this month marking…

Changes in the bug squad and development team

September 24th, 2008

Over the past three years, Joomla! development has evolved. During the split from the Mambo project the Joomla! Core Team was fully responsible for overall development. As the project grew, the Core Team realized that additional structures where required to organize everything around the Joomla! project. Mid-2006, the Joomla! Core Team changed from a "developers…