Joomla Update 1.0.13 and 1.5 RC1 Finally

krusada · July 22nd, 2007, 9:35 PM

After some 6 months an official Joomla update to the 1.0.x framework has now been unveiled! Below is the changelog and both the 1.0.13 update and the new framework of 1.5 RC1 can be downloaded here.

Remember the 1.5 version is just a release candidate and should not be considered for "Live" sites yet. But it is worthy of testing!

--------------- 1.0.13 Stable Released -- [21-July-2007 16:00 UTC] -----------------

18-Jul-2007 Rob Schley
# Fixed admin session problems with immediate logout after login.
# Fixed a few misc. bugs.

11-Jul-2007 Sam Moffatt
^ Removed assumption that a group exists for a user (may not actually be true)

04-Jul-2007 Rob Schley
# Fixed a bug in the administrator login system that prevented users from logging in

02-Jul-2007 Rob Schley
* SECURITY A6 [LOW Level]: Fixed [#5630] HRS attack on variable "url"
* SECURITY A1 [LOW Level]: Fixed [#5654] Multiple fields subjected to cross-site scripting vulnerabilities
* SECURITY A7 [LOW Level]: Fixed possible session fixation vulnerability in administrator application

29-Jun-2007 Louis Landry
^ Hardened password storage mechanism to use a random salt
! Remember Me cookies will be invalid and require a re-login

20-May-2007 Rob Schley
# Fixed key reference lookups to match whole results only
# Fixed two help screen naming issues.
^ Changed RG_EMULATION warning message to refer to Global Configuration Setting

17-May-2007 Rob Schley
^ Moved register globals emulation controls into Global Configuration

15-May-2007 Rob Schley
# Fixed [topic,170296] : Typos in Search Mambot configurations

14-May-2007 Rob Schley
# Fixed [topic,153233] : "Mail to Friend" parameter checks not checking content item setings
# Fixed [topic,126371] : IE7 left align problem
# Fixed [topic,167745] : Added JavaScript alert for empty category title

28-Apr-2007 Rob Schley
^ Changed cookie naming conventions to not break when using HTTPS
# Fixed [topic,156116] : Optimzed queries for menu creation to improve performance.
* SECURITY A4 [ LOW Level ]: XSS issue in com_search and com_content
* SECURITY A4 [ LOW Level ]: XSS vulnerability in mod_login

16-Apr-2007 Enno Klasing
# Re-enabled Itemid behaviour of 1.0.11 (optional, default is behaviour of 1.0.12)

**TomK** · July 23rd, 2007, 10:29 AM

thanks.

July 22nd, 2007, 9:35 PM	#1 (permalink)
krusada Registered User Fresh Surpasser Joined in Mar 2006 23 posts Gave thanks: 0 Thanked 0 times	Joomla Update 1.0.13 and 1.5 RC1 Finally After some 6 months an official Joomla update to the 1.0.x framework has now been unveiled! Below is the changelog and both the 1.0.13 update and the new framework of 1.5 RC1 can be downloaded here. Remember the 1.5 version is just a release candidate and should not be considered for "Live" sites yet. But it is worthy of testing! --------------- 1.0.13 Stable Released -- [21-July-2007 16:00 UTC] ----------------- 18-Jul-2007 Rob Schley # Fixed admin session problems with immediate logout after login. # Fixed a few misc. bugs. 11-Jul-2007 Sam Moffatt ^ Removed assumption that a group exists for a user (may not actually be true) 04-Jul-2007 Rob Schley # Fixed a bug in the administrator login system that prevented users from logging in 02-Jul-2007 Rob Schley * SECURITY A6 [LOW Level]: Fixed [#5630] HRS attack on variable "url" * SECURITY A1 [LOW Level]: Fixed [#5654] Multiple fields subjected to cross-site scripting vulnerabilities * SECURITY A7 [LOW Level]: Fixed possible session fixation vulnerability in administrator application 29-Jun-2007 Louis Landry ^ Hardened password storage mechanism to use a random salt ! Remember Me cookies will be invalid and require a re-login 20-May-2007 Rob Schley # Fixed key reference lookups to match whole results only # Fixed two help screen naming issues. ^ Changed RG_EMULATION warning message to refer to Global Configuration Setting 17-May-2007 Rob Schley ^ Moved register globals emulation controls into Global Configuration 15-May-2007 Rob Schley # Fixed [topic,170296] : Typos in Search Mambot configurations 14-May-2007 Rob Schley # Fixed [topic,153233] : "Mail to Friend" parameter checks not checking content item setings # Fixed [topic,126371] : IE7 left align problem # Fixed [topic,167745] : Added JavaScript alert for empty category title 28-Apr-2007 Rob Schley ^ Changed cookie naming conventions to not break when using HTTPS # Fixed [topic,156116] : Optimzed queries for menu creation to improve performance. * SECURITY A4 [ LOW Level ]: XSS issue in com_search and com_content * SECURITY A4 [ LOW Level ]: XSS vulnerability in mod_login 16-Apr-2007 Enno Klasing # Re-enabled Itemid behaviour of 1.0.11 (optional, default is behaviour of 1.0.12)

July 23rd, 2007, 10:29 AM	#2 (permalink)
TomK Just another User..... Comfy Contributor Joined in Jan 2006 Lives in Milton, GA Hosted on Pass75 207 posts Gave thanks: 9 Thanked 14 times	thanks. __________________ pass75

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Rate This Thread
Rate This Thread:

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)