Joomla!

Очередной релиз безопасности Joomla 1.5.10

Security

One low-level and one moderate-level security issue were fixed in this release:

    * Moderate Priority: A series of XSS and CSRF faults exist in the administrator application. Affected administrator components include com_admin, com_media, com_search. Both com_admin and com_search contain XSS vulnerabilities, and com_media contains 2 CSRF vulnerabilities. More information »
    * Low Priority: A XSS vulnerability exists in the category view of com_content. More information »

For additional information, visit the Joomla Security Center.
Components

    * Article Alias no longer missing from Category Views (14228)
    * Section List now drills down correctly to a Category List with Global Content Filters (14510)
    * Web link Router now uses correct Category value (14705)
    * Article HTML filtering correct when only one Filter group selected (14758)
    * Tooltip Help corrected for Section, Category, and Article Alias (15007)
    * Sorting lists by values other than Order corrected (15107)
    * Archived Article Filter Function works correctly (15124)
    * Ampersand in site name no longer breaks Position value in vCard (15143)
    * Added "/" before URL in Remind Me and Password links for com_user (15215)
    * Search works properly using international characters with SEF enabled (15233)
    * Register to Read More in redirect URL correct for Section and Category Menu Items (15266)
    * Multiple Search Menu Items now return correct ItemID (15293)
    * com_media no longer incorrectly loads CSS files from the backend (15354)
    * Fixed invalid XHTML output in com_content and com_contact (15362)
    * Small errors in code comments corrected for com_user (15461)

Modules

    * Changing the module's 'Position' value now correctly changes the value for the 'Order' listbox. (12119)
    * When Module is saved, Module's cache is now cleared (12137)
    * Encoding behavior for quotes and ampersands corrected in Modules (13111)
    * Menu image alignment resolved (14071)
    * Menu Alias respects Active setting (14767)
    * Resolved tag error in mod_feed (14948)
    * Login Redirect returns to current page when no Redirect URL is specified (15376)

Plugins

    * Fixed ID tags used by openid.js (13285)
    * Pagebreak works correctly with JCE (14525)
    * Pagebreak outputs correct XHTML elements (14496)
    * Pagebreak accurately tracks active page (14558)
    * Pagebreak works correctly with Section tables (14827)
    * Caching error resolved for Remember Me function (14857)
    * Menu Item changes are now cached properly (14896)
    * SEF Plugin correctly handles "Data" attribute (15137)
    * Load Position no longer deletes dollar sign and next two positions, in Module output (15237)

Legacy

    * No legacy issues fixed for this release.

Templates

    * Beez: Correct Last Updated date used in Section Blog (14571)
    * JA Purity: All Article text no longer linked when Category presented (14286)
    * rhuk Milkyway: Correct authorEmail value (14439)
    * Corrected RTL issue for Site Title when mouse hovering over Template Logo (14945)

Language

    * Localization for user name corrected in registration form (14468)
    * Corrected localization issue for new Module (13999)
    * User details translatable (14710)
    * Localization corrected for installation of Component (14859)
    * Copy Menu Items function is now translatable (14944)
    * Pagebreak now translatable (15300)
    * Uninstalling a Component now has all Language Strings (15375)

Administrator

    * Categories are now sortable in reverse order by Order data element (14004)
    * Parameter Element ID for folderlist and filelist are correct (14514)
    * Date format correct for 'checked out date' (14381)

System

    * Installation of Extensions no longer fails when zip files are included (9701)
    * No longer missing l10n in JApplicationHelper::parseXMLInstallFile() (11798)
    * Resolved Javascript errors created by previous SEF Background Image Fix (13973)
    * Resolved problem with error handling in JFactory::getXMLParser (14022)
    * Case-sensitive image extensions (14059)
    * Atom feed validates correctly (14515)
    * JString::RTrim method is correct (14491)
    * Removed short open tag in admin.categories.html.php (14660)
    * JInstallerComponent::_rollback_menu() error resolved when getting DB Connector (14795)
    * File move now correctly returns "false" when not read or writable (14818)
    * Directory Permissions listed correctly for Temp and Log Folders (14865)
    * JFolder::folders no longer returns unnecessary warning (14875)
    * Setting Tooltip Offset works correctly (15006)
    * JArchiveZip::_extractNative() correctly identifies zip_open() failure (15044)
    * Installer.php parseMedia points to correct folder (15047)
    * Custom Install file upgraded on Component installation (15217)
    * Undefined index HTTP_USER_AGENT error fixed in behavior.php (15282)


Дополнительная ссылка: http://depositfiles.com/files/3p7o3b1bp