[joomla] Fwd: Joomla! Security News
Laura Gordon
rytech123 at gmail.com
Tue Jun 19 08:43:01 EDT 2012
Hi all,
Just wanted to forward this over to the entire group. If you are using
joomla 2.5.4, it is time to upgrade to joomla 2.5.5. Good news is that you
can do it with a click of a button! So click away!
-- Laura
---------- Forwarded message ----------
From: Joomla! Developer Network - Security News <no_reply at joomla.org>
Date: Tue, Jun 19, 2012 at 8:20 AM
Subject: Joomla! Security News
To: rytech123 at gmail.com
**
Joomla! Security News <http://developer.joomla.org/security/news.html>
<http://fusion.google.com/add?source=atgs&feedurl=http://feeds.feedburner.com/JoomlaSecurityNews>
------------------------------
[20120601] - Core - Privilege
Escalation<http://feedproxy.google.com/%7Er/JoomlaSecurityNews/%7E3/I2o1kbJKIVQ/470-20120601-core-privilege-escalation.html?utm_source=feedburner&utm_medium=email>
Posted: 19 Jun 2012 12:21 AM PDT
- *Project:* Joomla!
- *SubProject:* All
- * Severity:* Medium High
- *Versions:* 2.5.4 and all earlier 2.5.x versions
- *Exploit type:* Privilege Escalation
- *Reported Date:* 2012-April-29
- *Fixed Date:* 2012-June-18
Description
Inadequate checking leads to possible user privilege escalation.
Affected Installs
Joomla! versions 2.5.4 and all earlier 2.5.x versions
Solution
Upgrade to version 2.5.5
Reported by Nils Rückmann
Contact
The JSST at the Joomla! Security Center.
<http://feeds.feedburner.com/%7Eff/JoomlaSecurityNews?a=I2o1kbJKIVQ:Mi-lzlMckGo:yIl2AUoC8zA>
[20120602] - Core - Information
Disclosure<http://feedproxy.google.com/%7Er/JoomlaSecurityNews/%7E3/K71HzujRDDs/471-20120602-core-information-disclosure.html?utm_source=feedburner&utm_medium=email>
Posted: 19 Jun 2012 12:21 AM PDT
- *Project:* Joomla!
- *SubProject:* All
- * Severity:* Low
- *Versions:* 2.5.4 and all earlier 2.5.x versions
- *Exploit type:* Information Disclosure
- *Reported Date:* 2012-May-1
- *Fixed Date:* 2012-June-18
Description
Inadequate filtering leads SQL error and information disclosure.
Affected Installs
Joomla! versions 2.5.4 and all earlier 2.5.x versions
Solution
Upgrade to version 2.5.5
Reported by Jakub Galczyk
Contact
The JSST at the Joomla! Security Center.
<http://feeds.feedburner.com/%7Eff/JoomlaSecurityNews?a=K71HzujRDDs:drlJPIxfM5Y:yIl2AUoC8zA>
You are subscribed to email updates from Joomla! Developer Network -
Security News <http://developer.joomla.org/security/news.html>
To stop receiving these emails, you may unsubscribe
now<http://feedburner.google.com/fb/a/mailunsubscribe?k=VOn2LflPmMepisLclOaCvkcQLcA>
. Email delivery powered by Google Google Inc., 20 West Kinzie, Chicago IL
USA 60610
--
I have a new email address: rytech123 at gmail.com
Trainer with www.Video2Brain.com
Board Member of www.JoomlaNYC.org
Trainer for www.JoomlaTraining.com
Sponsor & Coordinator for www.JoomlaDayNYC.com
www.RytechSites.com
Dynamic Websites for your company!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/joomla/attachments/20120619/14936a2c/attachment.html>
More information about the Joomla
mailing list