The Joomla! community is pleased to announce the immediate availability of Joomla! 1.5.6 [Vusani]. This is a quick turnaround security release to address a high level security issue and it is recommended all users upgrade immediately.

For more information about this exploit, click here to visit the Joomla Security Blog.

Joomla Showroom HIGHLY recommends that you upgrade your Joomla 1.5 website to this latest version. There have been a lot of sites hacked recently that have spawned this new release. UPDATE YOUR SITE ASAP!!!

Instructions

• New installation
• Upgrade from an existing Joomla! 1.5 version
• Migration from Joomla! 1.0.x

 

• See below for manual installation instructions

Download the Joomla 1.5.6 full package now

Downlaod update packages

Release Notes

• SECURITY [HIGH] Fixed security hole in reset logic to check for proper token length.

Manual Installation

For some users a manual installation of the 1.5.6 Security Patch is a faster process. To manually apply the 1.5.6 Security Patch, upload the following files, replacing the existing files:

/components/com_user/models/reset.php

/changelog.php

/includes/framework.php

/administrator/includes/framework.php

/libraries/joomla/version.php

/libraries/joomla/environment/uri.php

This patch will only update installations of Joomla 1.5.5. If you're using an earlier version, it is recommended you update prior to updating these files.

Comments (0)

Subscribe to this comment's feed