Mise à jour de sécurité recommandée pour le CMS Joomla.
Joomla 1.5.11 [Vea]: mise à jour de sécurité recommandée – Sources
News anglophones
- Joomla 1.5.11 Security Release Now Available
[…] The Joomla Project announces the immediate availability of Joomla 1.5.11 [Vea]. This is a security release and users are strongly encouraged to upgrade immediately. This release contains 26 bug fixes, two moderate-level security fixes and one low-level security fix. It has been 11 weeks since Joomla 1.5.10 was released on March 28, 2009. […] - Version 1.5.11 (Finally)
[…] Version 1.5.11 has just been released having taken a little longer at the end than we originally planned. The main reason for it was a very large patch for issue # 15736. This issue in on the borderline between a low-level security fix and a "best-practices" fix. We discovered that there were a lot of places in the layouts where we were not "escaping" certain values during output. […] - Joomla! Developer – Joomla Security Center
- [20090603] – Core – Frontend XSS
[…] Some values were output from the database without being properly escaped. Most strings in question were sourced from the administrator panel. […] - [20090602] – Core – ja_purity XSS
[…] A XSS vulnerability exists in the JA_Purity template which ships with Joomla! 1.5. […] - [20090601] – Core – com_users XSS
[…] A XSS vulnerability exists in the user view of com_users in the administrator panel. […]
News francophones
- News officielles Joomla!fr
Pas encore de publication à ce propos (03.06.09 12:55)• http://www.joomla.fr/les-news-joomla/13-news-officielles/962-joomla-1511-disponible.html (05.06.09)
News germanophones (suisses)
- Joomla! 1.5.11 [vea] freigegeben!
[…] Das Joomla! Projekt teilt mit, dass die neuste Version Joomla! 1.5.11 mit dem Codenamen [vea] verfügbar ist. Es handelt sich hierbei um einen Sicherheits-Release. Benutzern von bestehenden, produktiven Seiten wird dringend empfohlen, ihre Website zu aktualisieren. Diese Veröffentlichung beinhalten unter anderem 26 Fehlerbehebungen, einen Low-Level Sicherheits-Fix und einen mittelmässigen Sicherheits-Fix. […]