Details

Written by: Kochin

Category: Joom!Fish

Published: 03 August 2009

Joom!Fish Team has been running a demo site showing off a default Joomla! installation with various languages available. When it was first brought online, it included only three languages. Later the number of languages increased to five. All of them were western languages.

In an effort to increase the visibility of ultilizing Joom!Fish as the multilingual solution including Traditional Chinese, we decided to translate the sample_data.sql into Traditional Chinese for the demo site. After a few days of translation work, we were glad to submit the full translation of the sample_data.sql to Joom!Fish Team.

On July 31th, Joom!Fish Team added Traditional Chinese translations into their demo site. Now you can visit demo.joomfish.net to see a multilingual site with 7 different languages.

Please be noted that currently the demo site uses China's flag for Traditional Chinese. We are discussing this with Joom!Fish Team to get it changed to Taiwan's flag. We encourage Joomla! users in China to submit Simplified Chinese sample_data.sql so that we can have both on the demo site.

Details

Written by: Kochin

Category: Joomla!

Published: 31 July 2009

It seems that Joomla! development team realized how disrruptive those two bugs discovered in Joomla! 1.5.13 are. Yesterday they released Joomla! 1.5.14 after just 8 days since last release. The main purpose, of course, is to patch up the TinyMCE and Media Manager bugs described in a previous news report. They also threw in a low-level security fix:

• Low Priority - Core - com_mailto Timeout. In com_mailto, it was possible to bypass timeout protection against sending automated emails.

Please see the official announcement for details and downloads.

Details

Written by: Kochin

Category: Joomla!

Published: 30 July 2009

Two rather noticeable bugs were discovered quickly after Joomla! 1.5.13 were released. Because they will disrupt basic operations of a Joomla! site, it is incredible that those bugs could slip past the development team and were introduced to the latest version.

The first one is the mess-up view of the Media Manager at the adminitrator back end. On a site freshly upgraded to or installed with Joomla! 1.5.13, the Media Manager simply won't show up correctly. The problem is caused by a bug in the PHP program handling its view. To fix this problem, you need to download this file, then uncompress it and substitute the file view.html.php for administrator/components/com_media/views/media/view.html.php on your server.

The other isssue is related to a bug introduced into TinyMCE when removing the TinyBrowser feature. It causes the Save or Cancel button ineffective when editing in the front end. You can download and uncompresss this file, then substitute the tinymce.php for plugins/editors/tinymce.php.

Login is required for downloading those files.

Details

Written by: Kochin

Category: Joomla!

Published: 23 July 2009

Security release Joomla! 1.5.13 [Wojmamni ama baji] has been released. All previous versions of Joomla! 1.5.x should be upgraded immediately. If you have modified core template overrides, please be sure to back them up before upgrading.

This release contains 26 bug fixes, two moderate-level security fixes and one high-level security fix. The security issues fixed in this release are:

• High Priority: Core - File upload: Tiny browser included with TinyMCE 3.0 editor allowed files to be uploaded and removed without logging in.
• Moderate Priority: Core -XSS: Some files were missing the check for JEXEC. These scripts will then expose internal path information of the host.

Details

Written by: Kochin

Category: Joomla!

Published: 01 July 2009

One week after the call for help testing Joomla! 1.5.12 RC, the Joomla! Project release the final version of Joomla 1.5.12 [Wojmamni Ama Woi]. (The codename Wojmamni Ama Woi comes from Yaqui language spoken by aboriginals in America. It means the number 12.) This release contains a number of bug fixes and three moderate-level security fixes.

Here are the security fixes included in this version:

• Moderate Priority - Core - Frontend XSS. An attacker can inject JavaScript into URL to be executed on a user's browser.
• Moderate Priority - Core - Missing JEXEC check. Scripts may expose internal path information.
• Moderate Priority - Core - Frontend XSS. HTTP_REFERER is not properly parsed which may allow code injection.

A couple of important changes makes this release an important milestone for the Joomla Project. First, the upgrade of the PEAR library to the new BSD licensed version brings the codebase into full compliance with the GPL. In addition, this release contains an important upgrade to TinyMCE v 3.2.4.1.

See the full list of changes at Joomla! 1.5.12 Released page. Full and upgrade release packages can be downloaded there.