 The Joomla! Project today announced the immediate release of Joomla!
1.0.14 RC1 [Daybreak], the first and hopefully singular
release candidate for the 1.0.14 release cycle. Several security
issues have been discovered and addressed for this release. While the
required changes are not significant, the number of impacted files are
significant and we need your help. Before this release is declared
stable we need to ensure that it works as well for you as it does for
us.
Those of you that are able and willing please download a
copy of 1.0.14 RC1 and test it on a backup copy of your live site.
Make sure that the system works as good or better than Joomla! 1.0.13,
our current stable release. Any issues that you find please report in
the 1.0.x Bug Tracker. If you have questions on how to report a bug you should read the how-to and then if you still have questions please feel free to ask them in our 1.0.x Quality and Testing forum. Joomla! 1.0.14 RC1 is a release candidate that
addresses several security issues that have been discovered since our
last stable release, Joomla! 1.0.13 . It is regarded as a mostly stable
release and after adequate testing on a backup or sandbox version of
your live site you should upgrade your live site to 1.0.14 RC1. As
soon as we are comfortable that the required security changes for this
release have not broken any functionality from version 1.0.13 we will
package and release a 1.0.14 Stable release.
Along with the
security fixes listed below there were several other issues fixed in
this release. Ranging from fixing administrator session log out
problems to media manager, pagination and web links all the way to
improper search word highlighting in the search component this release
looks to be our most secure and stable one yet.
Security Fixes
- SECURITY [LOW] Fixed XSS issue in com_search
- SECURITY [LOW] Fixed XSS issue in search results pages
- SECURITY [LOW] Fixed multiple typos in back end com_content making array integer check ineffective
- SECURITY [HIGH] Fixed CSRF issue allowing portal compromise - Administrator components.
Upgrade Instructions
Evolving upgrade instructions and documentation can be found on our shiny new documentation wiki at http://docs.joomla.org/Upgrade_Instructions .
Please note that if you are installing 1.0.14 RC1 using one of the full
package files you will need to manually remove the /installation
directory after installation has been completed. As this is a Release
Candidate it does not include the test which would force you to remove
this directory. The patch packages do not include an /installation
directory.
Upgrading your site to 1.0.14 RC1 from any version of Joomla! 1.0.x
first requires that you choose the correct patch package. For example,
if you currently have version 1.0.13 installed you will need the 1.0.13
to 1.0.14 RC1 patch package.
NOTE: Patch packages for 1.0.14 RC1 only exist going back to Joomla!
version 1.0.12. If you need to upgrade from an earlier version you
will need to first upgrade to 1.0.13 then upgrade to 1.0.14 RC1
Once you have downloaded the correct package you need to overwrite the
files on the Joomla! site you are upgrading with the files in the patch
package. This can be done by either uncompressing the Patch Package
and then using an FTP client to transfer these files to your server and
overwriting existing file, or if your Web Provider gives you access to
your site via some sort of Web
Admin panel like CPanel or Plesk, you can use the systems file manager
to upload the Patch Package file to your server and then extracting the
package file and overwriting all the files on your server.
If you find errors after the process, ensure that all files were
properly transferred. There have been verified reports of some FTP
clients not properly transferring files across to a server - without
notifying the user of such a problem. One possible cause is that under
certain circumstances the web server locks the files it is using, and
the ftp-server can't update those files. One possibility is to take the
site shortly offline during the FTP transfer.
If you have questions about any part of this process you will get the best answers and support from fellow Joomla! users in the upgrading forum.
Make sure you search to see if someone else has had the issue and found
a solution that works for you. If not then feel free to post your
question so someone can help.
Backing Up
Before starting an upgrade it is extremely important that you backup
your site's database and if possible, also your site's files. While we
try to ensure that upgrade processes are straightforward, we cannot
guarantee that this will always be the case for every user. For
specific questions on how to backup your site's database or files you
should contact your hosting provider.
 Add as favourites (1) |  Quote this article on your site | Views: 371
|
- Please keep the topic of messages relevant to the subject of the article.
- Personal verbal attacks will be deleted.
- Please don't use comments to plug your web site. Such material will be removed.
- Just ensure to *Refresh* your browser for a new security code to be displayed prior to clicking on the 'Send' button.
- Keep in mind that the above process only applies if you simply entered the wrong security code.
|
Powered by AkoComment Tweaked Special Edition v.1.4.6
AkoComment © Copyright 2004 by Arthur Konze - www.mamboportal.com
All right reserved |
Be first to comment this article
