NYCPHP Meetup

NYPHP.org

[joomla] Fwd: Joomla! Security News

Laura Gordon rytech123 at gmail.com
Tue Jun 19 08:43:01 EDT 2012 

Hi all,
Just wanted to forward this over to the entire group.  If you are using
joomla 2.5.4, it is time to upgrade to joomla 2.5.5.  Good news is that you
can do it with a click of a button!  So click away!

-- Laura

---------- Forwarded message ----------
From: Joomla! Developer Network - Security News <no_reply at joomla.org>
Date: Tue, Jun 19, 2012 at 8:20 AM
Subject: Joomla! Security News
To: rytech123 at gmail.com


**
   Joomla! Security News <http://developer.joomla.org/security/news.html>
 <http://fusion.google.com/add?source=atgs&feedurl=http://feeds.feedburner.com/JoomlaSecurityNews>
------------------------------

[20120601] - Core - Privilege
Escalation<http://feedproxy.google.com/%7Er/JoomlaSecurityNews/%7E3/I2o1kbJKIVQ/470-20120601-core-privilege-escalation.html?utm_source=feedburner&utm_medium=email>

Posted: 19 Jun 2012 12:21 AM PDT

   - *Project:* Joomla!
   - *SubProject:* All
   - * Severity:* Medium High
   - *Versions:* 2.5.4 and all earlier 2.5.x versions
   - *Exploit type:* Privilege Escalation
   - *Reported Date:* 2012-April-29
   - *Fixed Date:* 2012-June-18

Description

Inadequate checking leads to possible user privilege escalation.
Affected Installs

Joomla! versions 2.5.4 and all earlier 2.5.x versions
Solution

Upgrade to version 2.5.5

Reported by Nils Rückmann
Contact

The JSST at the Joomla! Security Center.
<http://feeds.feedburner.com/%7Eff/JoomlaSecurityNews?a=I2o1kbJKIVQ:Mi-lzlMckGo:yIl2AUoC8zA>

[20120602] - Core - Information
Disclosure<http://feedproxy.google.com/%7Er/JoomlaSecurityNews/%7E3/K71HzujRDDs/471-20120602-core-information-disclosure.html?utm_source=feedburner&utm_medium=email>

Posted: 19 Jun 2012 12:21 AM PDT

   - *Project:* Joomla!
   - *SubProject:* All
   - * Severity:* Low
   - *Versions:* 2.5.4 and all earlier 2.5.x versions
   - *Exploit type:* Information Disclosure
   - *Reported Date:* 2012-May-1
   - *Fixed Date:* 2012-June-18

Description

Inadequate filtering leads SQL error and information disclosure.
Affected Installs

Joomla! versions 2.5.4 and all earlier 2.5.x versions
Solution

Upgrade to version 2.5.5

Reported by Jakub Galczyk
Contact

The JSST at the Joomla! Security Center.
<http://feeds.feedburner.com/%7Eff/JoomlaSecurityNews?a=K71HzujRDDs:drlJPIxfM5Y:yIl2AUoC8zA>
   You are subscribed to email updates from Joomla! Developer Network -
Security News <http://developer.joomla.org/security/news.html>
To stop receiving these emails, you may unsubscribe
now<http://feedburner.google.com/fb/a/mailunsubscribe?k=VOn2LflPmMepisLclOaCvkcQLcA>
. Email delivery powered by Google  Google Inc., 20 West Kinzie, Chicago IL
USA 60610



-- 
I have a new email address: rytech123 at gmail.com

Trainer with www.Video2Brain.com
Board Member of www.JoomlaNYC.org
Trainer for www.JoomlaTraining.com
Sponsor & Coordinator for www.JoomlaDayNYC.com

www.RytechSites.com
Dynamic Websites for your company!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/joomla/attachments/20120619/14936a2c/attachment.html>

More information about the Joomla mailing list