Joomla! 2.5 update fixes security vulnerabilities
The Joomla! project has released version 2.5.3 of its open source content management system (CMS). This is a security update that addresses two "High Priority" vulnerabilities.
The first of these is caused by an unspecified programming error which could have allowed a malicious user to gain escalated privileges. The other hole is an error in random number generation when resetting passwords that could be exploited by an attacker to change a user's password.
Versions 2.5.0 to 2.5.2 as well as all 1.7.x and 1.6.x releases are affected. The developers advise all users to upgrade to 2.5.3 to fix these problems. More details about the update can be found in the official release announcement and in the security advisories. Joomla! 2.5.3 is available to download from the project's site and is licensed under the GPL.
See also:
- [20120303] - Core - Privilege Escalation, a Joomla! security advisory.
- [20120304] - Core - Password Change, a Joomla! security advisory.
(crve)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
