Joomla 1.5.10 [Wohmamni]

Posted on by

After 11 weeks since the release of Joomla 1.5.9, another security release is now available. Joomla 1.5.10 [Wohmamni]. This release contains 66 bug fixes, one low-level security fix, and one moderate-level security fix.

Security

One low-level and one moderate-level security issue were fixed in this release:

  • Moderate Priority: A series of XSS and CSRF faults exist in the administrator application. Affected administrator components include com_admin, com_media, com_search. Both com_admin and com_search contain XSS vulnerabilities, and com_media contains 2 CSRF vulnerabilities. More information »
  • Low Priority: A XSS vulnerability exists in the category view of com_content. More information »

For additional information, visit the Joomla Security Center.

Components

  • Article Alias no longer missing from Category Views (14228)
  • Section List now drills down correctly to a Category List with Global Content Filters (14510)
  • Web link Router now uses correct Category value (14705)
  • Article HTML filtering correct when only one Filter group selected (14758)
  • Tooltip Help corrected for Section, Category, and Article Alias (15007)
  • Sorting lists by values other than Order corrected (15107)
  • Archived Article Filter Function works correctly (15124)
  • Ampersand in site name no longer breaks Position value in vCard (15143)
  • Added “/” before URL in Remind Me and Password links for com_user (15215)
  • Search works properly using international characters with SEF enabled (15233)
  • Register to Read More in redirect URL correct for Section and Category Menu Items (15266)
  • Multiple Search Menu Items now return correct ItemID (15293)
  • com_media no longer incorrectly loads CSS files from the backend (15354)
  • Fixed invalid XHTML output in com_content and com_contact (15362)
  • Small errors in code comments corrected for com_user (15461)

Modules

  • Changing the module’s ‘Position’ value now correctly changes the value for the ‘Order’ listbox. (12119)
  • When Module is saved, Module’s cache is now cleared (12137)
  • Encoding behavior for quotes and ampersands corrected in Modules (13111)
  • Menu image alignment resolved (14071)
  • Menu Alias respects Active setting (14767)
  • Resolved tag error in mod_feed (14948)
  • Login Redirect returns to current page when no Redirect URL is specified (15376)

Plugins

  • Fixed ID tags used by openid.js (13285)
  • Pagebreak works correctly with JCE (14525)
  • Pagebreak outputs correct XHTML elements (14496)
  • Pagebreak accurately tracks active page (14558)
  • Pagebreak works correctly with Section tables (14827)
  • Caching error resolved for Remember Me function (14857)
  • Menu Item changes are now cached properly (14896)
  • SEF Plugin correctly handles “Data” attribute (15137)
  • Load Position no longer deletes dollar sign and next two positions, in Module output (15237)

Legacy

  • No legacy issues fixed for this release.

Templates

  • Beez: Correct Last Updated date used in Section Blog (14571)
  • JA Purity: All Article text no longer linked when Category presented (14286)
  • rhuk Milkyway: Correct authorEmail value (14439)
  • Corrected RTL issue for Site Title when mouse hovering over Template Logo (14945)

Language

  • Localization for user name corrected in registration form (14468)
  • Corrected localization issue for new Module (13999)
  • User details translatable (14710)
  • Localization corrected for installation of Component  (14859)
  • Copy Menu Items function is now translatable (14944)
  • Pagebreak now translatable (15300)
  • Uninstalling a Component now has all Language Strings (15375)

Administrator

  • Categories are now sortable in reverse order by Order data element (14004)
  • Parameter Element ID for folderlist and filelist are correct (14514)
  • Date format correct for ‘checked out date’  (14381)

System

  • Installation of Extensions no longer fails when zip files are included (9701)
  • No longer missing l10n in JApplicationHelper::parseXMLInstallFile() (11798)
  • Resolved Javascript errors created by previous SEF Background Image Fix (13973)
  • Resolved problem with error handling in JFactory::getXMLParser (14022)
  • Case-sensitive image extensions (14059)
  • Atom feed validates correctly (14515)
  • JString::RTrim method is correct (14491)
  • Removed short open tag in admin.categories.html.php (14660)
  • JInstallerComponent::_rollback_menu() error resolved when getting DB Connector (14795)
  • File move now correctly returns “false” when not read or writable (14818)
  • Directory Permissions listed correctly for Temp and Log Folders (14865)
  • JFolder::folders no longer returns unnecessary warning (14875)
  • Setting Tooltip Offset works correctly (15006)
  • JArchiveZip::_extractNative() correctly identifies zip_open() failure (15044)
  • Installer.php parseMedia points to correct folder (15047)
  • Custom Install file upgraded on Component installation (15217)
  • Undefined index HTTP_USER_AGENT error fixed in behavior.php (15282)

Statistics

Statistics for the 1.5.10 release period:

  • Joomla 1.5.10 contains:
    • 68 issues fixed in SVN
    • 281 commits
  • Tracker activity resulted in a net decrease of 8 active issues:
    • 176 new reports
    • 133 closed
    • 68 fixed in SVN
  • At the time the 1.5.10 release was packaged, the tracker had 95 active issues:
    • 44 open
    • 40 confirmed
    • 11 pending

Related Posts:

  1. Joomla 1.5.9 Security Release
  2. Component as Content Plugin
  3. Joomla 1.5.8 [Wohnaiki]
  4. Joomla 1.5.7 Security Release
  5. JsIFR3 – Joomla 1.5 Font Changer
Better Related Posts Plugin

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

CommentLuv badge

Notify me of followup comments via e-mail. You can also subscribe without commenting.