Joomla! 2.5 adds new features, closes holes

The Joomla! Project has announced the arrival of version 2.5.0 of its open source PHP-based content management system (CMS). The successor to the 1.7 release from July 2011 is a long term support (LTS) version that will be supported for "at least 18 months" and adds several new features.

Joomla! 2.5 has been extended to include support for Microsoft SQL Server; previous versions were only compatible with the MySQL database. Support for other databases is expected to follow.

When Joomla! or extension updates are available, administrators logged into the control panel will receive automatic update notifications alerting them to the new versions. Advanced search has been improved through the use of "a better natural language search engine" in the Joomla! core that is said to be both "faster and more versatile" when compared to the standard search.

The update also addresses two medium priority cross-site scripting (XSS) vulnerabilities and two low priority information disclosure holes. The developers remind users that the 1.7.x branch will reach its end of life on 24 February 2012. All users are advised to upgrade to the current release; upgrade instructions are provided.

Further information about the update can be found in the official release announcement and in the security advisories. Joomla! 2.5 is available to download from the project's site and is licensed under the terms of the GPL. The Joomla! Project is sponsored by Open Source Matters, Inc., a non-profit organisation.

See also:

• [20120101] - Core - Information Disclosure, a Joomla! security advisory.
• [20120102] - Core - XSS Vulnerability, a Joomla! security advisory.
• [20120103] - Core - Information Disclosure, a Joomla! security advisory.
• [20120104] - Core - XSS Vulnerability, a Joomla! security advisory.

(crve)