NYCPHP Meetup

NYPHP.org

[joomla] Fwd: Joomla! Security News

Steve Burge steve at ostraining.com
Tue Jun 19 08:55:26 EDT 2012 

I updated 20+ sites yesterday with no problems.

This is just an issue with some individual extensions, right?

Steve  


On Tuesday, June 19, 2012 at 8:47 AM, Matt Thomas wrote:

> Please be aware that there are known issues when upgrading to 2.5.5 (i.e. http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=28684). It took down two of my sites yesterday and many users can't upgrade until those issues are fixed. 2.5.6 is coming soon.
>  
> Best,
>  
> Matt Thomas
> Founder betweenbrain (http://betweenbrain.com/)™
> Lead Developer Construct Template Development Framework (http://construct-framework.com/)
> Phone: 203.632.9322
> Twitter: @betweenbrain
> Github: https://github.com/betweenbrain  
>  
>  
> On Tue, Jun 19, 2012 at 8:43 AM, Laura Gordon <rytech123 at gmail.com (mailto:rytech123 at gmail.com)> wrote:
> > Hi all,
> > Just wanted to forward this over to the entire group.  If you are using joomla 2.5.4, it is time to upgrade to joomla 2.5.5.  Good news is that you can do it with a click of a button!  So click away!
> >  
> > -- Laura
> >  
> > ---------- Forwarded message ----------
> > From: Joomla! Developer Network - Security News <no_reply at joomla.org (mailto:no_reply at joomla.org)>
> > Date: Tue, Jun 19, 2012 at 8:20 AM
> > Subject: Joomla! Security News
> > To: rytech123 at gmail.com (mailto:rytech123 at gmail.com)
> >  
> >  
> > Joomla! Security News (http://developer.joomla.org/security/news.html)  
> >  
> > [20120601] - Core - Privilege Escalation (http://feedproxy.google.com/%7Er/JoomlaSecurityNews/%7E3/I2o1kbJKIVQ/470-20120601-core-privilege-escalation.html?utm_source=feedburner&utm_medium=email)  
> >  
> >  
> > Posted: 19 Jun 2012 12:21 AM PDT
> >  
> > Project: Joomla!
> > SubProject: All
> > Severity: Medium High
> > Versions: 2.5.4 and all earlier 2.5.x versions
> > Exploit type: Privilege Escalation
> > Reported Date: 2012-April-29
> > Fixed Date: 2012-June-18
> >  
> > Description
> > Inadequate checking leads to possible user privilege escalation.
> > Affected Installs
> > Joomla! versions 2.5.4 and all earlier 2.5.x versions
> > Solution
> > Upgrade to version 2.5.5
> > Reported by Nils Rückmann
> > Contact
> > The JSST at the Joomla! Security Center.
> >  
> >  
> >  
> >  
> >  
> >  
> > [20120602] - Core - Information Disclosure (http://feedproxy.google.com/%7Er/JoomlaSecurityNews/%7E3/K71HzujRDDs/471-20120602-core-information-disclosure.html?utm_source=feedburner&utm_medium=email)  
> >  
> >  
> > Posted: 19 Jun 2012 12:21 AM PDT
> >  
> > Project: Joomla!
> > SubProject: All
> > Severity: Low
> > Versions: 2.5.4 and all earlier 2.5.x versions
> > Exploit type: Information Disclosure
> > Reported Date: 2012-May-1
> > Fixed Date: 2012-June-18
> >  
> > Description
> > Inadequate filtering leads SQL error and information disclosure.
> > Affected Installs
> > Joomla! versions 2.5.4 and all earlier 2.5.x versions
> > Solution
> > Upgrade to version 2.5.5
> > Reported by Jakub Galczyk
> > Contact
> > The JSST at the Joomla! Security Center.
> >  
> >  
> >  
> >  
> >  
> >  
> >  
> > You are subscribed to email updates from Joomla! Developer Network - Security News (http://developer.joomla.org/security/news.html)  
> > To stop receiving these emails, you may unsubscribe now (http://feedburner.google.com/fb/a/mailunsubscribe?k=VOn2LflPmMepisLclOaCvkcQLcA).  
> > Email delivery powered by Google
> >  
> > Google Inc., 20 West Kinzie, Chicago IL USA 60610
> >  
> >  
> >  
> >  
> >  
> >  
> >  
> >  
> >  
> > --  
> > I have a new email address: rytech123 at gmail.com (mailto:rytech123 at gmail.com)
> >  
> > Trainer with www.Video2Brain.com (http://www.Video2Brain.com)
> > Board Member of www.JoomlaNYC.org (http://www.JoomlaNYC.org)
> > Trainer for www.JoomlaTraining.com (http://www.JoomlaTraining.com)
> > Sponsor & Coordinator for www.JoomlaDayNYC.com (http://www.JoomlaDayNYC.com)
> >  
> > www.RytechSites.com (http://www.RytechSites.com)
> > Dynamic Websites for your company!
> >  
> >  
> >  
> >  
> > _______________________________________________
> > New York PHP SIG: Joomla! Mailing List
> > http://lists.nyphp.org/mailman/listinfo/joomla
> >  
> > NYPHPCon 2006 Presentations Online
> > http://www.nyphpcon.com
> >  
> > Show Your Participation in New York PHP
> > http://www.nyphp.org/show_participation.php
>  
> _______________________________________________
> New York PHP SIG: Joomla! Mailing List
> http://lists.nyphp.org/mailman/listinfo/joomla
>  
> NYPHPCon 2006 Presentations Online
> http://www.nyphpcon.com
>  
> Show Your Participation in New York PHP
> http://www.nyphp.org/show_participation.php
>  
>  


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/joomla/attachments/20120619/680143a7/attachment.html>

More information about the Joomla mailing list