Joomla! 1.5.6 Released

[admin]

The Joomla! community is pleased to announce the immediate availability of Joomla! 1.5.6 [Vusani]. This is a quick turnaround security release to address a high level security issue and it is recommended all users upgrade immediately.

For more information about this exploit, click here to visit the Joomla Security Blog.

Instructions

• New installation
• Upgrade from an existing Joomla! 1.5 version
• Migration from Joomla! 1.0.x
• See below for manual installation instructions

Download the Joomla 1.5.6 full package now

Download update packages


Release Notes

• SECURITY [HIGH] Fixed security hole in reset logic to check for proper token length.

Manual Installation

Download the Joomla! 1.5.6 Security Patch changed files only


For some users a manual installation of the 1.5.6 Security Patch is a faster process. To manually apply the 1.5.6 Security Patch, upload the following files, replacing the existing files:

components/com_user/models/reset.php changelog.php includes/framework.php administrator/includes/framework.php libraries/joomla/version.php libraries/joomla/environment/uri.php This patch will only update installations of Joomla 1.5.5. If you're using an earlier version, it is recommended you update prior to updating these files.



More...