NYCPHP Meetup

NYPHP.org

[joomla] Fwd: Joomla! Security News

Helvécio da Silva helvecio.rj at gmail.com
Tue Jun 19 11:21:06 EDT 2012


Which extensions installed can cause a site to crash during the update?

Thanx

2012/6/19 Matt Thomas <matt at betweenbrain.com>

> Yes, this issue seems to effect only certain extensions, but is a fatal
> error and will bring a site down. Just a heads up.
>
> Best,
>
> Matt Thomas
> Founder betweenbrain <http://betweenbrain.com/>™
> Lead Developer Construct Template Development Framework<http://construct-framework.com/>
> Phone: 203.632.9322
> Twitter: @betweenbrain
> Github: https://github.com/betweenbrain
>
>
>
> On Tue, Jun 19, 2012 at 8:55 AM, Steve Burge <steve at ostraining.com> wrote:
>
>> I updated 20+ sites yesterday with no problems.
>>
>> This is just an issue with some individual extensions, right?
>>
>> Steve
>>
>> On Tuesday, June 19, 2012 at 8:47 AM, Matt Thomas wrote:
>>
>> Please be aware that there are known issues when upgrading to 2.5.5 (i.e.
>> http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=28684).
>> It took down two of my sites yesterday and many users can't upgrade until
>> those issues are fixed. 2.5.6 is coming soon.
>>
>> Best,
>>
>> Matt Thomas
>> Founder betweenbrain <http://betweenbrain.com/>™
>> Lead Developer Construct Template Development Framework<http://construct-framework.com/>
>> Phone: 203.632.9322
>> Twitter: @betweenbrain
>> Github: https://github.com/betweenbrain
>>
>>
>>
>> On Tue, Jun 19, 2012 at 8:43 AM, Laura Gordon <rytech123 at gmail.com>wrote:
>>
>> Hi all,
>> Just wanted to forward this over to the entire group.  If you are using
>> joomla 2.5.4, it is time to upgrade to joomla 2.5.5.  Good news is that you
>> can do it with a click of a button!  So click away!
>>
>> -- Laura
>>
>> ---------- Forwarded message ----------
>> From: *Joomla! Developer Network - Security News* <no_reply at joomla.org>
>> Date: Tue, Jun 19, 2012 at 8:20 AM
>> Subject: Joomla! Security News
>> To: rytech123 at gmail.com
>>
>>
>> **
>>    Joomla! Security News <http://developer.joomla.org/security/news.html>
>>  <http://fusion.google.com/add?source=atgs&feedurl=http://feeds.feedburner.com/JoomlaSecurityNews>
>> ------------------------------
>>
>> [20120601] - Core - Privilege Escalation<http://feedproxy.google.com/%7Er/JoomlaSecurityNews/%7E3/I2o1kbJKIVQ/470-20120601-core-privilege-escalation.html?utm_source=feedburner&utm_medium=email>
>>
>> Posted: 19 Jun 2012 12:21 AM PDT
>>
>>    - *Project:* Joomla!
>>    - *SubProject:* All
>>    - * Severity:* Medium High
>>    - *Versions:* 2.5.4 and all earlier 2.5.x versions
>>    - *Exploit type:* Privilege Escalation
>>    - *Reported Date:* 2012-April-29
>>    - *Fixed Date:* 2012-June-18
>>
>> Description
>>
>> Inadequate checking leads to possible user privilege escalation.
>> Affected Installs
>>
>> Joomla! versions 2.5.4 and all earlier 2.5.x versions
>> Solution
>>
>> Upgrade to version 2.5.5
>>
>> Reported by Nils Rückmann
>> Contact
>>
>> The JSST at the Joomla! Security Center.
>> <http://feeds.feedburner.com/%7Eff/JoomlaSecurityNews?a=I2o1kbJKIVQ:Mi-lzlMckGo:yIl2AUoC8zA>
>>
>> [20120602] - Core - Information Disclosure<http://feedproxy.google.com/%7Er/JoomlaSecurityNews/%7E3/K71HzujRDDs/471-20120602-core-information-disclosure.html?utm_source=feedburner&utm_medium=email>
>>
>> Posted: 19 Jun 2012 12:21 AM PDT
>>
>>    - *Project:* Joomla!
>>    - *SubProject:* All
>>    - * Severity:* Low
>>    - *Versions:* 2.5.4 and all earlier 2.5.x versions
>>    - *Exploit type:* Information Disclosure
>>    - *Reported Date:* 2012-May-1
>>    - *Fixed Date:* 2012-June-18
>>
>> Description
>>
>> Inadequate filtering leads SQL error and information disclosure.
>> Affected Installs
>>
>> Joomla! versions 2.5.4 and all earlier 2.5.x versions
>> Solution
>>
>> Upgrade to version 2.5.5
>>
>> Reported by Jakub Galczyk
>> Contact
>>
>> The JSST at the Joomla! Security Center.
>> <http://feeds.feedburner.com/%7Eff/JoomlaSecurityNews?a=K71HzujRDDs:drlJPIxfM5Y:yIl2AUoC8zA>
>>     You are subscribed to email updates from Joomla! Developer Network -
>> Security News <http://developer.joomla.org/security/news.html>
>> To stop receiving these emails, you may unsubscribe now<http://feedburner.google.com/fb/a/mailunsubscribe?k=VOn2LflPmMepisLclOaCvkcQLcA>
>> . Email delivery powered by Google  Google Inc., 20 West Kinzie, Chicago
>> IL USA 60610
>>
>>
>>
>> --
>> I have a new email address: rytech123 at gmail.com
>>
>> Trainer with www.Video2Brain.com
>> Board Member of www.JoomlaNYC.org
>> Trainer for www.JoomlaTraining.com
>> Sponsor & Coordinator for www.JoomlaDayNYC.com
>>
>> www.RytechSites.com
>> Dynamic Websites for your company!
>>
>>
>>
>>
>> _______________________________________________
>> New York PHP SIG: Joomla! Mailing List
>> http://lists.nyphp.org/mailman/listinfo/joomla
>>
>> NYPHPCon 2006 Presentations Online
>> http://www.nyphpcon.com
>>
>> Show Your Participation in New York PHP
>> http://www.nyphp.org/show_participation.php
>>
>>
>> _______________________________________________
>> New York PHP SIG: Joomla! Mailing List
>> http://lists.nyphp.org/mailman/listinfo/joomla
>>
>> NYPHPCon 2006 Presentations Online
>> http://www.nyphpcon.com
>>
>> Show Your Participation in New York PHP
>> http://www.nyphp.org/show_participation.php
>>
>>
>>
>> _______________________________________________
>> New York PHP SIG: Joomla! Mailing List
>> http://lists.nyphp.org/mailman/listinfo/joomla
>>
>> NYPHPCon 2006 Presentations Online
>> http://www.nyphpcon.com
>>
>> Show Your Participation in New York PHP
>> http://www.nyphp.org/show_participation.php
>>
>
>
> _______________________________________________
> New York PHP SIG: Joomla! Mailing List
> http://lists.nyphp.org/mailman/listinfo/joomla
>
> NYPHPCon 2006 Presentations Online
> http://www.nyphpcon.com
>
> Show Your Participation in New York PHP
> http://www.nyphp.org/show_participation.php
>



-- 
Helvecio "Elvis" da Silva
Rio de Janeiro - Brasil - helvecio.rj at gmail.com
http://www.helvecio.com - http://blog.helvecio.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/joomla/attachments/20120619/8255f2de/attachment.html>


More information about the Joomla mailing list