|
Written by admin MyTopSchool
|
|
Saturday, 23 February 2008 |
 The
Joomla! Project now announces the immediate release of Joomla! 1.0.15 [Daytime].
This release addresses a security vulnerability and it is
recommended that you upgrade immediately. Begin by testing on a backup copy of
your site. Once you have verified that your site works as expected, backup your
live site and upgrade as soon as possible.
RELEASE NOTES
Joomla! 1.0.15 addresses a security issue discovered since
our last stable release,
Joomla! 1.0.14. After adequate testing on a backup or sandbox version of
your live site, you should backup your live site and upgrade to 1.0.15.
Security Fixes
- SECURITY [HIGH] Fixed remote file inclusion vulnerability.
Upgrading
Upgrade instructions and additional documentation can be found on our
documentation wiki at:
http://docs.joomla.org/Upgrade_Instructions
Explanation
In Joomla! 1.0.13, the following line was added to the configuration.php file:
if(!defined('RG_EMULATION')) { define( 'RG_EMULATION', 0 ); }
This file is located in the root directory of your Joomla! Web site.
Including this extra line protects against possible
remote file inclusion.
Web sites created with Joomla! 1.0.13 or later already contain this line.
However, Web sites upgraded from 1.0.12 or earlier are missing this line. All
this upgrade does is add that line to the configuration.php file if that line
does not already exist. Another way to address the vulnerability is to simply
add the line to your configuration.php file manually.
Backing Up
Before starting an upgrade, it's extremely important that you backup your
site's database and files. While we try to ensure that upgrade processes are
straightforward, we cannot guarantee that this will always be the case for every
user. For specific questions on how to backup your site's database or files, you
should contact your hosting provider.
 |
|
Last Updated ( Saturday, 23 February 2008 )
|
Subscribe to this comment's feed
luohenhao 
