Website Design Madison WI, Milwaukee, Web Maintenance and SEO Services in Wisconsin

Madison Website Design, Milwaukee, WI Web Site Design, CMS and SEO
Home » About Us » Blogs » Support Blog

Support Blog

Website Design - Professional website design! Content Management System - Manage your website with ease! Search Engine Optimization - Get found, increase conversion! Website Maintenance - Keep your website fresh. Get more traffic!

Tools

Need Website Maintenance?
Divider
"I Want 24x7 Website Maintenance"
Get Quote

learn-about-website-video

Joomla 2.5.11 and 3.1.1 are Out

Monday, 29 April 2013 09:23 Written by Tony Herman

Both of these releases are not security releases but fixes for the 2.5.10 and 3.1.0 versions - which were security releases. You should still get your Joomla installations upgraded as soon as possible.

Joomla 2.5.11 Released

Joomla! 2.5.11 Released (joomla.org)

The Joomla Project is pleased to announce the immediate availability of Joomla 2.5.11. This is not a security release. This release fixes some problems introduced in the 2.5.10 release. The Production Leadership Team's goal is to continue to provide regular, frequent updates to the Joomla community. Learn more about Joomla! development at the Developer Site.

The update process is very simple, and complete instructions are available here. Note that there are now easier and better ways of updating than copying the files with FTP.

Joomla 3.1.1 Released

Joomla! 3.1.1 Stable Released (joomla.org)

The Joomla Project is pleased to announce the immediate availability of Joomla3.1.1. This is not a security release. This release fixes some problems introduced in the 3.1.0 release. The Production Leadership Team's goal is to continue to provide regular, frequent updates to the Joomla community. Learn more about Joomla! development at the Developer Site.

The update process is very simple, and complete instructions areavailable here. Note that there are now easier and better ways of updating than copying the files with FTP.

-Tony

Add comment (0)
Hits: 141

Joomla 2.5.10 and 3.1.0 are Out

Wednesday, 24 April 2013 12:41 Written by Tony Herman

Joomla 2.5.10 Released

There is a new security release out for Joomla 2.5.x. The help screens are also complete now.

Joomla! 2.5.10 Released (joomla.org)

There are a number of important fixes with this release, so we highly suggest anyone running an earlier version of Joomla upgrade their installation of this software running on their website.

If you are hosting with Webstix, we require that you keep your website software up to date per our Hosting Terms. Please schedule an update with our Website Maintenance Department. We will be contacting affected hosting clients.

Joomla 3.1.0 Released

If you are running the 3.x version of Joomla, you should upgrade your installation to take care of important security fixes.

Joomla! 3.1.0 Stable Released (joomla.org)

Here's more detailed information about these updates.

Secunia Advisory SA53202 (secunia.com)

DESCRIPTION:
Multiple vulnerabilities have been reported in Joomla!, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks and potentially cause a DoS (Denial of Service).

1) The application does not properly verify authorisation when deleting private messages. This can be exploited to e.g. delete otherwise inaccessible private messages.

2) The application does not properly verify authorisation when viewing permissions. This can be exploited to e.g. disclose otherwise inaccessible permission settings.

3) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

4) Certain unspecified input related to the Flash-based file uploader is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

5) Certain unspecified input related to the Voting plugin is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

6) An unspecified error related to the "unserialize()" function can be exploited to potentially cause a DoS (Denial of Service).

7) Certain unspecified input related to the Highlighter plugin is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerabilities are reported in versions prior to 2.5.10 and 3.1.0.

SOLUTION:
Update to version 2.5.10 or 3.1.0.

Thank you,
-Tony

Add comment (0)
Hits: 211

Joomla Extends Releases to Two Years

Wednesday, 20 February 2013 10:16 Written by Tony Herman

Joomla Extended Support

Joomla has decided to issue support for releases to 2 years now instead of just 18 months. This is how it looks now:

  • Version 2.5: March 2012 (long term support release)
  • Version 3.0: September 2012
  • Version 3.1: March 2013
  • Version 3.2: September 2013
  • Version 3.5: March 2014 ((long term support release)
  • Version 4.0: September 2014
  • Version 4.1: March 2015
  • Version 4.2: September 2015
  • Version 4.5: March 2016 ((long term support release)

Here's an updated graphic showing the Joomla Roadmap:

joomla-roadmap-25

Joomla 2.5 will be supported until March 2014 (from March 2012 to March 2014 total) but it's being predicted that the support will go longer - maybe even up to a year longer (so into 2015 possibly). You can see those predictions here:

How upcoming changes may affect your Joomla upgrade schedule (anything-digital.com)

The first two release are called Standard Term Support (STS) releases and are supported for 6 months.

Every third release in this cycle is called a Long Term Support (LTS) release. An LTS release is intended to be very stable and is supported until the next LTS is released.

This gives each major Joomla version a lifetime of approximately 18 24 months. For most users, a Joomla upgrade is recommend only from one LTS to another LTS.

We're happy that there's extended support and it makes sense. It's mature software that was rewritten from the ground up. There is a huge community of users, too.

Stay tuned to our support blog for more Joomla updates.

-Tony

Add comment (0)
Hits: 1362

Joomla 3.0.3 is Out

Tuesday, 05 February 2013 12:44 Written by Tony Herman

Joomla 3.0.3 Released

If you are using the 3.0.x version of Joomla, then you should upgrade. At this time, none of our clients are since the 2.5.x version is still being actively developed and used. The 3.0.x version is not a major version of Joomla since the x.5 versions are.

Joomla 3.0.3 Released (joomla.org)

The Joomla Project is pleased to announce the immediate availability of Joomla 3.0.3. This is a security release. The Production Leadership Team's goal is to continue to provide regular, frequent updates to the Joomla community.

What is the fix?

"Undefined variable caused information disclosure in some situations."

Upgrades / Contact Webstix

If you want the upgrade done to your website, please contact Webstix.

-Tony

Add comment (0)
Hits: 330

Joomla 2.5.9 is Out

Tuesday, 05 February 2013 12:44 Written by Tony Herman

Joomla 2.5.9 Released

A new version of Joomla is out and it takes care of a security issue. Everyone using Joomla 2.5.x should upgrade their core Joomla software as soon as possible.

Joomla 2.5.9 Released (joomla.org)

The Joomla Project is pleased to announce the immediate availability of Joomla 2.5.9. This is a security release. The Production Leadership Team's goal is to continue to provide regular, frequent updates to the Joomla community. Learn more about Joomla! development at the Developer Site.

From Secunia Security Advisories:

TITLE:
Joomla! Multiple Information Disclosure Vulnerabilities

SECUNIA ADVISORY ID:
SA52043

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/52043/

RELEASE DATE:
2013-02-05

DISCUSS ADVISORY:
http://secunia.com/advisories/52043/#comments

DESCRIPTION:
Multiple vulnerabilities have been reported in Joomla!, which can be exploited by malicious people to disclose potentially sensitive information.

1) An error related to the method of encoding search terms can be exploited to disclose certain information.

This vulnerability is reported in the 2.5.x versions prior to 2.5.9 and in the 3.0.x versions prior to 3.0.3.

2) An error due to an undefined variable can be exploited to disclose
certain information.

3) Certain coding errors can be exploited to disclose certain information.

The vulnerabilities #2 and #3 are reported in the 3.0.x versions prior to 3.0.3.

SOLUTION:
Update to version 2.5.9 or 3.0.3.

What is the fix?

"Undefined variable caused information disclosure in some situations."

Upgrades / Contact Webstix

Clients who are on our Joomla upgrade program will receive an email from our staff notifying them that we will perform the upgrade. If you are not on the program and want the upgrade done to your website, please contact Webstix.

-Tony

Add comment (0)
Hits: 361

WordPress 3.5.1 is Out

Friday, 25 January 2013 13:37 Written by Tony Herman

WordPress 3.5.1

The fine folks at WordPress have released a new version. It's a maintenance and security release and a minor release. Below, you'll find more information about this release.

You should have your version of WordPress upgraded as soon as possible. If you need help, please contact our website maintenance department today. If you are looking for automatic updates to WordPress, then you might want to consider our WordPress Upgrade Program.

WordPress 3.5.1 Maintenance and Security Release (wordpress.org)

WordPress 3.5.1 is now available. Version 3.5.1 is the first maintenance release of 3.5, fixing 37 bugs. It is also a security release for all previous WordPress versions. For a full list of changes, consult the list of tickets and the changelog, which include:

  • Editor: Prevent certain HTML elements from being unexpectedly removed or modified in rare cases.
  • Media: Fix a collection of minor workflow and compatibility issues in the new media manager.
  • Networks: Suggest proper rewrite rules when creating a new network.
  • Prevent scheduled posts from being stripped of certain HTML, such as video embeds, when they are published.
  • Work around some misconfigurations that may have caused some JavaScript in the WordPress admin area to fail.
  • Suppress some warnings that could occur when a plugin misused the database or user APIs.

Additionally, a bug affecting Windows servers running IIS can prevent updating from 3.5 to 3.5.1. If you receive the error “Destination directory for file streaming does not exist or is not writable,” you will need to follow the steps outlined on the Codex.

WordPress 3.5.1 also addresses the following security issues:

  • A server-side request forgery vulnerability and remote port scanning using pingbacks. This vulnerability, which could potentially be used to expose information and compromise a site, affects all previous WordPress versions. This was fixed by the WordPress security team. We’d like to thank security researchers Gennady Kovshenin and Ryan Dewhurst for reviewing our work.
  • Two instances of cross-site scripting via shortcodes and post content. These issues were discovered by Jon Cave of the WordPress security team.
  • A cross-site scripting vulnerability in the external library Plupload. Thanks to the Moxiecode team for working with us on this, and for releasing Plupload 1.5.5 to address this issue.

Please contact Webstix if you need any help or assistance.

-Tony

Add comment (0)
Hits: 331
More Articles...
  1. Webstix SMTP Server Options
  2. Internet Explorer 8 (IE 8) No Longer Supported
  3. WordPress 3.5 is Out
  4. Server Drive and Battery Replacement - Wednesday, Dec. 5, 2013
  5. Joomla Upgrade Cycle (Development Path) Update
  6. Joomla 2.5.8 Released
  7. Joomla 3.0.2 Released
  8. Joomla 3.0.1 Released
  9. WordPress 3.5 Coming Soon
  10. Joomla 3.0 Released
Page 1 of 17
Start
Prev
1
2
3
4
5
6
7
8
9
10
Next
End
Put Our Team
To Work For
 You


Process Credit Cards
Webstix, Inc.
2820 Walton Commons W.
Suite 108
Madison, WI 53718 info@webstix.com
Madison, WI: 608-277-STIX (7849)
608-661-8529 (Fax)
Milwaukee, WI: 414-433-9241