99601 – [UPDATE] : www/joomla Several Security Update. Affect ALL Previous versions!

Bug 99601 - [UPDATE] : www/joomla Several Security Update. Affect ALL Previous versions!

Summary: [UPDATE] : www/joomla Several Security Update. Affect ALL Previous versions!

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	Martin Wilke

URL:
Keywords:

Depends on:
Blocks:

Reported:	2006-06-29 12:20 UTC by Francisco Alves Cabrita
Modified:	2006-06-30 23:49 UTC (History)
CC List:	0 users

See Also:

Attachments
file.diff (7.57 KB, patch) 2006-06-29 12:20 UTC, Francisco Alves Cabrita	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Francisco Alves Cabrita 2006-06-29 12:20:22 UTC

All existing Joomla! users MUST UPGRADE to this version, due to several High Level vulnerabilities that affect ALL Previous versions of Joomla! 

1.0.10 contains the following important security fixes:

    * 03 High Level Security Fixes
    * 01 Medium Level Security Fixes
    * 05 Low Level security
    * 40+ General bug fixes

If you are using ANY previous version of Joomla!, you need to upgrade to 1.0.10 

1.0.10 is available as a Full Package, which contains all Joomla! files and Patch Packages which contain only the files that have been changed by the Stability work conducted from previous Joomla! 1.0.x versions.

Comment 1 Edwin Groothuis freebsd_committer

2006-06-29 12:20:55 UTC

State Changed
From-To: open->feedback

Awaiting maintainers feedback

Comment 2 Martin Wilke freebsd_committer

2006-06-29 12:53:07 UTC

Responsible Changed
From-To: freebsd-ports-bugs->miwi

I'll take it.

Comment 3 Francisco Cabrita <include> 2006-06-29 14:49:16 UTC

I already sended the vuxml entry to security-team@FreeBSD.org but no one 
as updated the database, so I will past it here again.

<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
   <vuln vid="1f935f61-075d-11db-822b-728b50d539a3">
     <topic>Joomla -- High Level vulnerabilities affect ALL Previous 
versions!</topic>
     <affects>
       <package>
         <name>joomla</name>
         <range><lt>1.0.10</lt></range>
       </package>
     </affects>
     <description>
       <body xmlns="http://www.w3.org/1999/xhtml">
         <p>Joomla Site reports:</p>
         <blockquote cite="http://www.joomla.org/content/view/1510/74/">
           <p>All existing Joomla! users MUST UPGRADE to this version,
             due to several High Level vulnerabilities that affect ALL
             Previous versions of Joomla!
             1.0.10 contains the following important security fixes:
             * 03 High Level Security Fixes
             * 01 Medium Level Security Fixes
             * 05 Low Level security
             * 40+ General bug fixes
             If you are using ANY previous version of Joomla!, you need
             to upgrade to 1.0.10.
             1.0.10 is available as a Full Package, which contains all
             Joomla! files and Patch Packages which contain only the
             files that have been changed by the Stability work conducted
             from previous Joomla! 1.0.x versions.
           </p>
         </blockquote>
       </body>
     </description>
     <references>
       <url>http://secunia.com/advisories/20746/</url>
       <url>http://www.joomla.org/content/view/1510/74/</url>
     </references>
     <dates>
       <discovery>2006-06-26</discovery>
       <entry>2006-06-29</entry>
     </dates>
   </vuln>

Best Regards
Francisco

--
Nucleo Portugues de FreeBSD - Core Member
http://npf.pt.freebsd.org
http://npf.pt.freebsd.org/~include/

Comment 4 Martin Wilke freebsd_committer

2006-06-30 23:49:22 UTC

State Changed
From-To: feedback->closed

Committed, with minor changes. Thanks!