What’s new in Joomla! 1.6.3:

Issues Fixed:
· Administration – Can’t insert image for menu item
· Components – Redirect not now fully editable
· Installation – Updates sites never re-enabled after being disabled
· JavaScript – MooTools no longer loaded in backend

What’s new in Joomla! 1.5.23:

· Low Priority – Core – Information Disclosure Vulnerability.

What’s new in Joomla! 1.6.1:

· Moderate Priority – Core – SQL Injection / Interal Path Disclosure.
· Moderate Priority – Core – Path Disclosure.
· Moderate Priority – Core – XSS Vulnerabilities.
· Moderate Priority – Core – XSS Vulnerabilities.
· Low Priority – Core – Information Disclosure.
· Moderate Priority – Core – Redirect Vulnerabilities.
· Moderate Priority – Core – Information Disclosure.
· Low Priority – Core – Unauthorised Access.
· Moderate Priority – Core – CSRF Vulnerabilities.
· Moderate Priority – Core – DOS Vulnerabilities.
· Moderate Priority – Core – XSS Vulnerabilities.
· Moderate Priority – Core – CSRF Vulnerabilities.

What’s new in Joomla! 1.6.0:

· Finer access controls for viewing and editing content with configurable user groups and viewing levels.
· A user-defined category structure, from simple one-level to complex multi-level categories.
· Installation improvements allowing for multiple extension installations in one package, updatable with a single click.
· Expanded language support for easy production of multi-lingual sites.
· Start and end publishing times for modules with more control over where they display.
· Fresh new templates and semantic markup to please the eye as well as the search engines.
· More creative control through template styles.
· Hundreds of additional features, streamlining workflow and productivity.

What’s new in Joomla! 1.6 RC1:

· This is still an evaluation version and is not intended for running a production site.

What’s new in Joomla! 1.5.22:

· Low Priority – Core – SQL Injection Information Disclosure Vulnerabilities.

What’s new in Joomla! 1.5.21 / 1.0.15 / 1.6 Beta 11:

· Medium Priority – Core – XSS Vulnerabilities

· Prev and Next links no longer create duplicate content with SEF URLs
· Atom feed validates for Contact Category and Weblinks Category layouts
· Article Category layout sorts correctly
· Form correctly uses JRoute for action
· Improved control over who is able to upload files
· Search results work correctly for multiple search terms with SEF URLs enabled
· RSS 2.0 feeds try to turn mailto links into absolute URLs
· Atom link in RSS feed causes validation problems

· Login correctly uses view=register
· Module cache, ID, ItemID

What’s new in Joomla! 1.5.20:

· Version 1.5.20 has no new changes from Version 1.5.19. It was released because there were packaging problems with Version 1.5.19.

What’s new in Joomla! 1.5.19:

· Low Priority – Core – SQL Injection / Interal Path Exposure. More information »
· Medium Priority – Core – XSS Vulnerabilities in back end. More information »
· Medium Priority – Core – XSS Vulnerabilities in back end. More information »
· Medium Priority – Core – XSS Vulnerabilities in back end. More information »

· Mootools 1.2.4 Upgrade Plugin (21416). Note that this change does not have any impact on existing sites unless you choose to enable the new plugin. See the wiki article What is the Mootools 1.2.4 plugin? for more information.

What’s new in Joomla! 1.5.18:

· High Priority – Core – XSS Vulnerabilities in back end.

· Graceful handling of Apache plugin failures.

What’s new in Joomla! 1.6 Beta:

Key Features in Joomla 1.6:
· New Access Control System – Allows site administrators control over who can view and manage content.
· Unlimited Depth Organizational Model – Gives site administrators and content creators user-defined category levels that allow for the creation of a category tree with as many or as few levels for organizing articles and other content as needed.
· One-Click Extension Updates – Allows users to keep sites secure and controlled by simplifying the process of updating extensions.
· Semantic XHTML Layouts – Provides a better baseline for content presentation.

What’s new in Joomla! 1.5.17 / 1.0.15:

· Updated ru-RU installation language.
· Added en-AU installation language.
· Updated help sites list.

· Fixed problem logging in when Session Handler is set to None.
· Fixed error message when running Joomla! in a PHP version prior to version 5.2.
· Reverted change to JFolder::makesafe method that introduced a bug.

What’s new in Joomla! 1.5.16 / 1.0.15:

· Moderate Priority – Core – Negative Values for Limit and Offset.
· Low Priority – Core – Installer Migration Script.
· Moderate Priority – Core – Sessation Fixation.
· Low Priority – Core – Password Reset Tokens.
· Fixed error in contacts with SEF enabled.
· Fixed SQL error when sorting news feeds by section.
· Fixed problem showing URL for image files in Atom news feeds.
· Fixed problem where author alias was not escaped correctly.
· Fixed bug in pagination of category blog menu item.
· Fixed display of image captions in some situations.
· Fixed caching problem with com_contact.
· Added framework validation to com_media file.
· Fixed PHP notice when enabling or disabling a user.

· Fixed caching for related articles module.
· Fixed notification error in login module.
· Fixed problems with upgrade method in module installation.
· Fixed typo in mod_latestnews.
· Fixed HTML validation problem with mod_search.
· Fixed problem with some news feeds not showing.
· Fixed problem in mod_login where trashed menu items show in redirect list.

· Fixed problem saving content in TinyMCE when editor is toggled.
· Fixed bug in email cloaking that added an extra space.
· Fixed problem saving valid attributes for some HTML tags.

· No legacy issues were fixed for this release.

· Fixed problem loading template files for RTL languages.
· Fixed beez template to show correct Itemid after a search.

· Added missing translation strings in installation.
· Added sr-YU language for installation.
· Added Phnom-Penh to timezone files.
· Added missing language strings in installation files.
· Added Arabic Unitag installation language ar_AA.
· Added missing language strings for is-IS language in installation.
· Added missing strings in installation ini files.
· Added new hi-IN install language
· Added updates on installation ini files
· Fixed language bug in Menus
· Added language credits update

· Fixed display problem in back end with RTL languages.
· Fixed problem where Menu Item types for disabled components still showed when adding menu items.
· Fixed problem with display of module position in Module Manager.

· Fixed JFolder::makeSafe method to not remove dots in path
· Fixed problem that prevented using a cache in some cases
· Remove PHP warning message on some versions
· Fixed problem installing modules in update mode.
· Fixed problem with Yagoon and Norfolk timezones.
· Fixed problem with return value when saving polling components.
· Fixed problem in JToolbarHelper class media_manager method.
· Fixed incorrect URI for IIS platforms.
· Improved handling of failing Apache plugins.
· Added Reykjavik in timezone.
· Fixed JApplication::redirect() to not use 301 code.
· Fixed SEF search URL’s for cross-platform compatibility.

What’s new in Joomla! 1.5.15 / 1.0.15:

· Moderate Priority – Core – Front-End Editing.
· Low Priority – Core – XML File View.

· For additional information, visit the Joomla Security Center.
· Allowed search to use the Itemid of the current Menu Item
· Removed unnecessary quotes in search results
· Fixed problem when using relative URL’s in editor with SEF enabled.
· Fixed formatting problem in Category List layout with Internet Explorer
· Fixed problem with entering HTML in user confirmation messages
· Media Manager issues in Windows
· Fixed problem with Archived Article filters when cache is enabled
· Fixed RSS feed problem with ampersand in page title

· Allowed underscore character in menu names
· Fixed problem with mod_newsflash and altenative read-more text
· Fixed problem with Alias Menu Item Type not opening in new window
· Fixed problem with UTF-8 characters in breadcrumbs

· Fixed problem with email cloaking and non-ASCII characters
· Fixed TinyMCE configuration error
· Fixed problem with multiple editor instances on one page
· Fixed problem whereby TinyMCE stripped some image HTML
· Fixed TinyMCE Extended Valid Elements problem
· Fixed problem with TinyMCE blockquote
· Allowed Firefox inline spell check to work in TinyMCE
· Fixed problem saving changes in TinyMCE
· Fixed TinyMCE problem with caption.js and filtering
· Fixed TinyMCE bullet issue with Internet Explorer
· Made image title names consistent in front and back end
· Fixed issue with email cloaking and images
· Fixed problem in email cloaking syntax
· Fixed caption alignment when image alignment is not set
· Fixed JavaScript error in TinyMCE
· Added option to create templates in TinyMCE editor
· Fixed problem with TinyMCE SQL
· Fixed problem when using email cloaking and JavaScript
· Fixed problem with email cloaking when using images

· No legacy issues were fixed for this release

· Fixed problem with missing template CSS files
· Fixed problem with linked images in Beez template
· Added default text color for backend error messages
· Added missing spinner.gif
· Fixed problem when copying Beez template to new name
· Fixed error in JA_Purity template with Internet Explorer 8

· Added TinyMCE Language file for Toggle Editor button
· Added Ulaanbaatar in timezones
· Fixed problem with localisation of pagination strings
· Added missing Display # language string
· Added missing com_media language strings
· Improved tooltip text for mod_search
· Fixed problem with version information for core languages

· Fixed problem with FTP fields auto-completing

· Don’t show password in configuration.php file
· Fixed problem when Itemid does not exist
· Fixed PHP 5.3 compatibility issues
· Fixed problem with caching for com_weblinks and com_contact
· Fixed additional PHP 5.3 compatibility issues
· Fixed problem with warnings in system_config.php file
· Added missing JEXEC checks in code
· Fixed problem converting UTF-8 characters to ASCII
· Added option to disallow users to view extension XML files
· Fixed problem with onAfterDisplayTitle event and PHP 5.3
· Fixed problem with displaying error messages with right-to-left languages

What’s new in Joomla! 1.5.14 / 1.0.15:

· Fixed error message in Media Manager
· Low Priority – Core – com_mailto Timeout.

What’s new in Joomla! 1.5.12 / 1.0.15:

· Moderate Priority – Core – Frontend XSS. More information »
· Moderate Priority – Core – Missing JEXEC check. More information »
· Moderate Priority – Core – Frontend XSS. More information »

· Category List Layout sorts correctly (15541)
· Category List Layout HTML error resolved (16595 )
· Minimum User Level for Media Manager works correctly for Editors submitting Articles (16597)
· Article Manager shows non-duplicated Page Titles with Page Breaks (16686)
· Section Filter for Content Component correctly lists only Article Categories (16601)
· Reverted escaping of miscellaneous information field in com_contact (17006)

· No modules were fixed for this release.

· Update to TinyMCE (12376)
· Updated installer SQL to correspond with TinyMCE upgrade (17005)
· Added missing language strings for TinyMCE after initial upgrade (16977)

· No legacy issues were fixed in this release.

· Beez Template fix for Contact Component Layout (14540)
· Beez Template fix for Article Published Date in the Form Layout (15673)
· Beez Template Newsflash Module now has correct Read More link (16607)
· Beez Template and User Component print the correct Page Title on Login Page (16890)
· System Template CSS correctly links to OpenID login-bg.gif file (14540)
· JA Purity Template now has anchor tag ending for Category Title on Frontpage Blog Layout (16896)
· JA Purity Template shows Modified Date in Article Layout (15740)

· Feed Module Tip wording changed to correctly state “time in minutes” (15740)
· en-GB Language File Date Format displays correctly with Frontend Components using Calendar Date Selection (16779)
· Missing language strings available for Beez Templates (16820)
· Additional language strings added for Tiny MCE (16950)
· Added mk-MK installer language pack (no tracker item)

· CSS files save correctly when edited using Template Manager (16753)

· Upgraded PEAR with a newer version that has BSD licensing (12746)
· PHPMailer allows secure connections to SMTP Servers (12886)
· File::upload() uses chmod 644 in FTP mode (16593)
· Tooltips correctly encoded (16719)
· Reverted detailed module caching fix (15727)

What’s new in Joomla! 1.5.11 / 1.0.15:

· Moderate Priority: Core – com_users XSS.
· Moderate Priority: Core – ja_purity XSS.
· Low Priority: Core – Front-end XSS.

· Prev and Next links no longer create duplicate content with SEF URLs
· Atom feed validates for Contact Category and Weblinks Category layouts
· Article Category layout sorts correctly
· Form correctly uses JRoute for action
· Improved control over who is able to upload files
· Search results work correctly for multiple search terms with SEF URLs enabled
· RSS 2.0 feeds try to turn mailto links into absolute URLs
· Atom link in RSS feed causes validation problems

· Login correctly uses view=register
· Module cache, ID, ItemID

· No plugin issues were fixed in this release.

· No legacy issues were fixed for this release

· Khepri template has correct CSS icon for Article
· Align attribute in mod_mainmenu no longer causes problems for some templates
· Updated the helpsites.xml files

· Translated description for Component, Module, Plugin, etc. after installation
· Change in Montenegrin language ISO Code
· Modified Montenegrin language code to be ME from SLA for consistency
· Install language changes

· Global Configuration “Undefined Variable” warning now resolved
· Legacy code in installer premigration system causes unrelated errors

· Installation of some packages no longer fails
· Installation Version Display corrected
· JFile::getName() loses first character
· db->updateObject function outdated
· PHPDoc Comment for JFactory getDocument method incorrect
· offline.php file now has correct stylesheet

What’s new in Joomla! 1.5.10 / 1.0.15:

· Moderate Priority: A series of XSS and CSRF faults exist in the administrator application. Affected administrator components include com_admin, com_media, com_search. Both com_admin and com_search contain XSS vulnerabilities, and com_media contains 2 CSRF vulnerabilities.
· Low Priority: A XSS vulnerability exists in the category view of com_content.

· Article Alias no longer missing from Category Views
· Section List now drills down correctly to a Category List with Global Content Filters
· Web link Router now uses correct Category value
· Article HTML filtering correct when only one Filter group selected
· Tooltip Help corrected for Section, Category, and Article Alias
· Sorting lists by values other than Order corrected
· Archived Article Filter Function works correctly
· Ampersand in site name no longer breaks Position value in vCard
· Added “/” before URL in Remind Me and Password links for com_user
· Search works properly using international characters with SEF enabled
· Register to Read More in redirect URL correct for Section and Category Menu Items
· Multiple Search Menu Items now return correct ItemID
· com_media no longer incorrectly loads CSS files from the backend
· Fixed invalid XHTML output in com_content and com_contact
· Small errors in code comments corrected for com_user

· Changing the module’s ‘Position’ value now correctly changes the value for the ‘Order’ listbox.
· When Module is saved, Module’s cache is now cleared
· Encoding behavior for quotes and ampersands corrected in Modules
· Menu image alignment resolved
· Menu Alias respects Active setting
· Resolved tag error in mod_feed
· Login Redirect returns to current page when no Redirect URL is specified

· Fixed ID tags used by openid.js
· Pagebreak works correctly with JCE
· Pagebreak outputs correct XHTML elements
· Pagebreak accurately tracks active page
· Pagebreak works correctly with Section tables
· Caching error resolved for Remember Me function
· Menu Item changes are now cached properly
· SEF Plugin correctly handles “Data” attribute
· Load Position no longer deletes dollar sign and next two positions, in Module output

· No legacy issues fixed for this release.

· Beez: Correct Last Updated date used in Section Blog
· JA Purity: All Article text no longer linked when Category presented
· rhuk Milkyway: Correct authorEmail value
· Corrected RTL issue for Site Title when mouse hovering over Template Logo

· Localization for user name corrected in registration form
· Corrected localization issue for new Module
· User details translatable
· Localization corrected for installation of Component
· Copy Menu Items function is now translatable
· Pagebreak now translatable
· Uninstalling a Component now has all Language Strings

· Categories are now sortable in reverse order by Order data element
· Parameter Element ID for folderlist and filelist are correct
· Date format correct for ‘checked out date’

· Installation of Extensions no longer fails when zip files are included
· No longer missing l10n in JApplicationHelper::parseXMLInstallFile()
· Resolved Javascript errors created by previous SEF Background Image Fix
· Resolved problem with error handling in JFactory::getXMLParser
· Case-sensitive image extensions
· Atom feed validates correctly
· JString::RTrim method is correct
· Removed short open tag in admin.categories.html.php
· JInstallerComponent::_rollback_menu() error resolved when getting DB Connector
· File move now correctly returns “false” when not read or writable
· Directory Permissions listed correctly for Temp and Log Folders
· JFolder::folders no longer returns unnecessary warning
· Setting Tooltip Offset works correctly
· JArchiveZip::_extractNative() correctly identifies zip_open() failure
· Installer.php parseMedia points to correct folder
· Custom Install file upgraded on Component installation
· Undefined index HTTP_USER_AGENT error fixed in behavior.php

What’s new in Joomla! 1.5.9 / 1.0.15:

· Directory Traversal. A crafted request can allow an attacker to view directory trees on the server. Note: contents of files cannot be edited or deleted, just viewed.
· SSL Session Token Disclosure. When running a site as SSL ONLY, if a non-SSL request is made, an attacker can obtain the session token. There is NO risk for Web sites that use both HTTP and HTTPS.

· Fixed Contact Page so that a blank page is not displayed when vCard is not enabled, but is selected in the Contact Parameters
· Resolved problem with Category View Table where filter did not work when cache was enabled
· vCard no longer displays excess spaces
· Small change in components/com_banners/models/banner.php
· Resolved invalid XHTML 1.0 Transitional issues introduced in 1.5.7 for the Contact form
· Fixed problem that resulted in erroneous ‘404 – Contact not found’ page for dropdown in Contact View
· Fixed Contact Category URL problems
· Fulltext Search for Uncategorized and Archived Articles is now working
· onPrepareContent issue for non-com_content Components resulting in a warning message has been resolved
· ‘Change Contact Details’ link now loads correct page
· Contact image not displaying in front end
· Front-end article submission no longer auto-populates, finish publishing date with same date as start publishing
· Media Manager Javascript error: “Object doesn’t support this property or method” that presented for IE has been fixed
· Space between meta keywords no longer removed when saving Articles
· com_installer Module View now correctly displays Author e-mail and URL
· Robots and Author meta retained when copying Articles
· Article Archive pagination fixed
· Correction so that unregistered site visitors can no longer access PDF for registered Articles
· Hits filter in Category List fixed
· Resolved problem where “Register to read more” incorrectly redirected to Front Page, rather than Article
· Poll error message resolved
· Resolved problem where Category List failed to retain Column Sort preference when navigating to a different page
· Resolved problem in Category List where changing Display # to All in page 2 of list would display no results
· Category List now correctly shows filtering option in use
· Corrected 404 error that resulted when menu access was set to Public and Contact Item is Registered

· New modules can now be added, even when there are no modules entries already defined
· Inconsistency removed for Login/Logout Redirection page of mod_login
· JMenu getMenu() doc error corrected
· Archive Module Count Parameter and Tool Tip corrections
· STRPOS error corrected when editing Alias Menu Item
· Toolbar Image now points to an existing image

· OpenID upgraded to 2.0 protocol, now works with Yahoo
· plgSystemCache plugin now respect site and page language
· Page string in plugins/content/pagebreak.php is now properly externalized
· Legacy Plugin – Login Timeout resolved
· Access level for Plugins fixed
· Fixed OpenID Transition issues

· RTL feeds PARAM is now saved in database which corrects RTL feeds in Milkyway and Beez
· CSS and XHTML valid error in JA_Purity resolved, as was invalid CSS validator link
· JA_Purity default status for Modules defined for right position now collapse correctly, when unused
· Fixed CSS errors in rhuk_milkyway/css/template_rtl.css
· Missing H1 text-align in rhuk_milkyway/css/template_rtl.css fixed
· Beez template override for com_search now displays error messages correctly
· Corrected Last Updated date for Beez Template
· Resolved inconsistencies for Beez Template Override Page Titles
· Contact image changes for Beez override
· Incorrect File Reference corrected for Beez Template
· Short PHP Notation in Beez Windows hosting bug introduced in 12798 has been fixed
· en-GB.com_statistics.ini are now correctly deleted
· Removed unnecessary string in JA_Purity template
· Removed unnecessary strings in rhuk_Milkyway template

· Language INI files that were incorrectly encoded using UTF-8 with BOM have been fixed
· Untranslated strings in en-GB.ini after SVN 11236 are fixed
· Fixed untranslated strings in com_weblinks
· Fixed untranslated strings in com_contact
· Fixed untranslated Strings in admin/mod_feed
· Spacer values are now translatable
· Fixed issue with JA_Purity spacer so that it is now translatable
· Resolved remaining English string hard-coded in mod_search
· String missing in en-GB.com_installer.ini
· Resolved untranslated language string for “Email a Friend” feature
· Tooltip language string in com_config corrected

· Added better tooltip text for the Help Server Reset button in Global Configuration System Settings
· Toolbar & value fixed for Media Manager button
· JInstallerHelper Class Function description has been corrected
· Help screens made
· Remove default filter for Super Admininistrator and fix filter whitelist problem
· Corrected error where Editor deleted content for default filter; UTF-8 compatibility is now enforced with JInputFilter
· Removed old dev.joomla.org links

· query_batch corrected for SQL error
· uri.php changes made in 1.5.7 no longer break back-end URLs if $live_site=Http has an uppercase H
· JFolder::delete bug fixed when folder contain symbolic links on folders
· Typo in sample_data.sql resolved
· License correction for PHPMailer in CREDITS.php
· Fixed error that resulted from invoking JDatabase::Query() more than once
· Cache space is now correctly released
· String bug for strspn() resolved
· Weird characters removed from LICENSES.php file
· Removed outdated link in the installer language file
· Fixed typo in Cache Manager
· Updated Archive_Tar to relicensed BSD version

Lascia un commento

Il tuo indirizzo email non sarà pubblicato. I campi obbligatori sono contrassegnati *