In association with heise online

21 March 2012, 09:55

Joomla! 2.5 update fixes security vulnerabilities

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Joomla! logo The Joomla! project has released version 2.5.3 of its open source content management system (CMS). This is a security update that addresses two "High Priority" vulnerabilities.

The first of these is caused by an unspecified programming error which could have allowed a malicious user to gain escalated privileges. The other hole is an error in random number generation when resetting passwords that could be exploited by an attacker to change a user's password.

Versions 2.5.0 to 2.5.2 as well as all 1.7.x and 1.6.x releases are affected. The developers advise all users to upgrade to 2.5.3 to fix these problems. More details about the update can be found in the official release announcement and in the security advisories. Joomla! 2.5.3 is available to download from the project's site and is licensed under the GPL.

See also:

(crve)

Print Version | Send by email | Permalink: http://h-online.com/-1476632
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit