Joomla! • View topic - Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Board index » Joomla! Announcements » Announcements » Announcements Discussions

Forum rules

Please click here to view the forum rules

Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Page 1 of 5

[ 133 posts ]

Go to page 1, 2, 3, 4, 5 Next

Print view

Previous topic | Next topic

Author

Message

Jinx

Post subject: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 4:05 pm

Joomla! Champion

Joined: Fri Aug 12, 2005 12:47 am
Posts: 6568

Discussion area for the announcement that:

Upgrade to Joomla! 1.0.4 Security Release now!
http://www.joomla.org/content/view/498/74/

_________________
Johan Janssens - Joomla Co-Founder, Lead Developer of Joomla 1.5

http://www.joomlatools.eu - Joomla extensions that just work
http://www.nooku.org - Extension development framework for Joomla

Top

Chinaman

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 4:12 pm

Joomla! Guru

Joined: Sun Aug 21, 2005 8:46 am
Posts: 575
Location: Perth, Western Australia

Well done to all the team, and thank you.

_________________
Joomla! - enjoying every minute of the journey!

Top

55thinking

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 4:14 pm

Joomla! Enthusiast

Joined: Mon Sep 05, 2005 8:58 am
Posts: 186
Location: Madrid

I can see that this patch affects the english.php file located in the language directory. Can we know what changes have been done to this file such as other languages file may be updated too ?

Thank you

_________________
55 Thinking - Strategy Design Technology
Good looking, Fast and Usable web solutions
http://www.55thinking.com/

Top

guilliam

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 4:14 pm

Joomla! Virtuoso

Joined: Thu Aug 18, 2005 10:27 am
Posts: 4180
Location: Sunny City Cebu, Philippines!

wonderful!!

--> Sundial

the team surely prioritizes SECURITY at the top most of the list!

thank you!

- g

_________________
"I was one of those who wondered why people would pay so much $$$$ to do something that was so much fun!" -R. Harkrider, Fortran Code Engr.

http://www.joomlaconsultancy.net

Top

pushfrog98

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 4:17 pm

Joomla! Enthusiast

Joined: Thu Sep 01, 2005 7:48 pm
Posts: 205
Location: Greenville, Il

just wondering if this patch has anything to do with the $ambo exploit...

http://isc.sans.org/diary.php?storyid=870

_________________
- Jared Smith

Top

infograf768

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 4:20 pm

Joomla! Master

Joined: Fri Aug 12, 2005 3:47 pm
Posts: 16630
Location: **Translation Matters**

55thinking wrote:

ISO has been reset to 8559-1 instead of utf-8.
A few strings have been added.
Better use a diff program to check all.

_________________
Jean-Marie Simonet / infograf · http://www.info-graf.fr
Multilanguage in 2.5: http://help.joomla.org/files/EN-GB_multilang_tutorial.pdf
---------------------------------
Joomla Translation Coordination Team • Joomla! Production Working Group

Last edited by infograf768 on Mon Nov 21, 2005 4:59 pm, edited 1 time in total.

Top

infograf768

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 4:33 pm

Joomla! Master

Joined: Fri Aug 12, 2005 3:47 pm
Posts: 16630
Location: **Translation Matters**

Powdered Toast Man wrote:

Oh come on - are we not waiting for the 1.1 release this month?? Does this mean that the 1.1 release date will creep over into December? Maybe january even? Why couldn't you have put the security fixes into 1.1?

Hugely annoying..

PTM

Some like to wait until later on to patch their apps. It is their decision.

We have decided not to as many sites have been hacked.
1.0.4 had a few bugs fixed by the Maintenance team. It was just a matter of releasing it sooner than planned.

The time taken to do this has not been taken over the 1.1 development.

FYI: concerning 1.1, a second alpha will be released next week, then a beta.

Don't be so annoyed

Top

pcigre

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 4:44 pm

Joomla! Explorer

Joined: Mon Sep 05, 2005 11:21 am
Posts: 338
Location: Nis, Serbia

55thinking wrote:

You can see there what is changed:

http://developer.joomla.org/integration ... f_format=h

_________________
http://www.pcigre.com -> game community

Top

55thinking

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 4:50 pm

Joomla! Enthusiast

Joined: Mon Sep 05, 2005 8:58 am
Posts: 186
Location: Madrid

pcigre.com wrote:

55thinking wrote:

You can see there what is changed:

http://developer.joomla.org/integration ... f_format=h

Thanks a lot, helpfull link

_________________
55 Thinking - Strategy Design Technology
Good looking, Fast and Usable web solutions
http://www.55thinking.com/

Top

davidva

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 5:01 pm

Joomla! Apprentice

Joined: Thu Sep 01, 2005 6:45 pm
Posts: 28

infograf768 wrote:

Powdered Toast Man wrote:

FYI: concerning 1.1, a second alpha will be released next week, then a beta.

Don't be so annoyed

So we still have at least a week 1/2 for 1.1? I was looking forward to the release sometime this week so I can integrate phpbb and go live with my site. =/

Top

nathandiehl

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 5:37 pm

Joomla! Champion

Joined: Fri Aug 19, 2005 3:03 pm
Posts: 6046
Location: Indiana, USA

Powdered Toast Man wrote:

i for one am happy that the Joomla! Core Team doesn't think that Medium-Threat risks are so insignificant that they can wait a couple weeks. If you want to remain vulnerable, i might recommend you switch to Mambo or another CMS where they don't offer near the updates of Joomla!.

Thanks again core team--your work is highly appreciated!

and believe you, I appreciate my icons in administrator not going wacko anymore! Thanks again!
nathan.

_________________
If you're new to Joomla, Please read Anna's Joomla! Tips: viewtopic.php?t=5503

http://nathandiehl.com | Find out what makes me tick

Top

jasonmartens

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 5:39 pm

Joomla! Fledgling

Joined: Mon Nov 21, 2005 5:18 pm
Posts: 1

Are there any general instructions for applying the patch package? Or do I simply untar the package on top of my existing installation?

Top

infograf768

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 5:44 pm

Joomla! Master

Joined: Fri Aug 12, 2005 3:47 pm
Posts: 16630
Location: **Translation Matters**

Quote:

Upgrade Instructions

* To update from Joomla! 1.0.3, all you have to do is simply overwrite files from the 1.0.3 to 1.0.4 Patch Package
* To update from Joomla! 1.0.2, all you have to do is simply overwrite files from the 1.0.2 to 1.0.4 Patch Package
* To update from Joomla! 1.0.1, all you have to do is simply overwrite files from the 1.0.1 to 1.0.4 Patch Package
* To update from Joomla! 1.0.0, all you have to do is simply overwrite files from the 1.0.0 to 1.0.4 Patch Package

Top

guilliam

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 5:50 pm

Joomla! Virtuoso

Joined: Thu Aug 18, 2005 10:27 am
Posts: 4180
Location: Sunny City Cebu, Philippines!

infograf768 wrote:

Powdered Toast Man wrote:

FYI: concerning 1.1, a second alpha will be released next week, then a beta.

Don't be so annoyed

this post from toastman is more annoying than anything else. hmmnn.. isnt he supposed to be happy the core team has released this patch for the benifit of ALL. oh well..

- g

_________________
"I was one of those who wondered why people would pay so much $$$$ to do something that was so much fun!" -R. Harkrider, Fortran Code Engr.

http://www.joomlaconsultancy.net

Top

focalguy

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 6:12 pm

Joomla! Guru

Joined: Fri Aug 19, 2005 2:46 am
Posts: 909
Location: Washington State, USA

Thanks again for all the hard work! Keep it up and 1.1 will be here when it's ready.

Top

MolBio

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 6:17 pm

Joomla! Apprentice

Joined: Wed Oct 12, 2005 9:30 pm
Posts: 42
Location: Princeton, NJ

Security releases should be the first priority and thanks to dev team that for these upgrades.
We can always wait a bit for the new version, but we certainly don’t want to be hacked!

Thanks again

_________________
http://www.molbio.princeton.edu

Top

mediamagnate

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 7:45 pm

Joomla! Explorer

Joined: Fri Aug 12, 2005 2:09 pm
Posts: 319
Location: Sheffield

It should also be remembered that some non-Joomla security issues may still exist depending on security measures and configuration of where your site is hosted. It is not unusual for some hosts to be better than others.

The team's fast response to what amounts to a serious issue is why I love this community.

Applause to our code commandos who've worked so hard during the past couple of days to make this happen.

_________________
Joomla is a project, not a product! www.nooku.org

Top

pruiter

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 7:52 pm

Joomla! Apprentice

Joined: Sun Sep 25, 2005 4:52 pm
Posts: 14
Location: New Jersey, USA

Thanks guys. Security has priority of course, but the patch (103 to 104) screwed up all my diacritical-marked words, of which I have *many* on the site I'm building. Words like

Bahá'í

show up as

BahÃ¡'Ã

Not fun. An upfront alert to this might be helpful next time. Thanks for the hard work.

pieter

Last edited by pruiter on Mon Nov 21, 2005 8:28 pm, edited 1 time in total.

Top

Slixter

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 7:52 pm

Joomla! Ace

Joined: Wed Aug 17, 2005 9:48 pm
Posts: 1571
Location: St Cloud, MN

Thanks guys, now on to the patching. :)

--Slixter

_________________
--Search the forums and you will find your answer

Top

MikeFossati

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 8:10 pm

Joomla! Apprentice

Joined: Sat Oct 22, 2005 7:12 pm
Posts: 33

infograf768 wrote:

ISO has been reset to 8559-1 instead of utf-8.

As this is causing some problems on my site, I wonder if there is a simple way to fix it? Instead of "..." I see now "â€¦" (check my site for an example: http://www.spiritofhouse.com/).

Thanks for your help,
Mike

Top

deafbiz

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 8:18 pm

Joomla! Enthusiast

Joined: Sun Aug 28, 2005 3:09 am
Posts: 115

I'm screwed!

It said the patch will work with Mambo 4.5.2.3 (I'm not ready to upgrade to Joomla just yet!).

So I did apply the patch via FTP.

Guess what??? my website is screwed! index.php is for Joomla!

Can anyone send me an index.php for Mambo? Is that the only file I shouldn't overwrite?

Thanks,
JSG

Update: Nevermind... found the file at mambo and uploaded and all's well! Whew! BUT TELL THAT TO SOMEONE STILL USING MAMBO!

Last edited by deafbiz on Mon Nov 21, 2005 8:22 pm, edited 1 time in total.

Top

Manoxtra

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 8:20 pm

Joomla! Intern

Joined: Thu Aug 18, 2005 5:35 pm
Posts: 62
Location: Holland

Well cant say im happy with this security update.... since i did that i get the following message on my homepage [pop up message :'(

]

overLIB 4.10 is required for the HideForm plugin.... whatever?!?

Resetting my account now to old installation... thx... will cost me 1 hour..

:'(

_________________
Power to the devs!!!

Top

benedikt

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 8:21 pm

Joomla! Explorer

Joined: Mon Aug 22, 2005 2:29 pm
Posts: 346
Location: Gent - Belgium

Thanks for the upgrade.

I have one (very) little remark, though.
On the main Joomla site, the download button still says 1.0.3.
I guess there hasn't been time yet to change this since 1.0.4 is only 4 hours old. But the 1.0.3-button looks a bit silly next to the article about 1.0.4

Keep up the great work guys!

Top

Tonie

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 8:22 pm

Joomla! Master

Joined: Thu Aug 18, 2005 7:13 am
Posts: 16281

As you found out, it indeed doesn't work. You would have to completely migrate to Joomla to run the patch. First piece of advice is to ALWAYS create a backup of files and database before doing any patches, maintenance or big content updates. You can download the latest Mambo 4.5.2.3 version, and replace the files that were copied over by the Joomla patch. You should replace all files that Joomla replaced. Good luck!

_________________
Joomla forum global moderator.

Take care

Top

benedikt

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 8:25 pm

Joomla! Explorer

Joined: Mon Aug 22, 2005 2:29 pm
Posts: 346
Location: Gent - Belgium

deafbiz wrote:

It said the patch will work with Mambo 4.5.2.3 (I'm not ready to upgrade to Joomla just yet!).

from http://www.joomla.org:

Quote:

For those converting from Mambo 4.5.2.x please read these Migration instructions. You need to download the Joomla 1.0.4 Full package

Top

rhuk

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 8:30 pm

Joomla! Explorer

Joined: Fri Aug 12, 2005 3:02 pm
Posts: 439

benedikt wrote:

Keep up the great work guys!

Button has been updated for several hours, i think you need to refresh your browser.

_________________
rhuk
http://www.rockettheme.com - RocketTheme Template Club
http://www.rockettheme.com/aff - RocketTheme Affiliate Program

Top

benedikt

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 8:38 pm

Joomla! Explorer

Joined: Mon Aug 22, 2005 2:29 pm
Posts: 346
Location: Gent - Belgium

Oops .. you're right (again)

Well, I guess it's a perfect job then

Thanks again.

Top

alterego

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 9:13 pm

Joomla! Apprentice

Joined: Fri Aug 19, 2005 4:18 am
Posts: 16
Location: Kansas

Manoxtra wrote:

Well cant say im happy with this security update.... since i did that i get the following message on my homepage [pop up message :'(

]

overLIB 4.10 is required for the HideForm plugin.... whatever?!?

Resetting my account now to old installation... thx... will cost me 1 hour..

:'(

I installed a fresh Joomla 1.0.3 site just to test the patch before patching 30+ Joomla 1.0.3 sites, and I get the same problem when applying the patch. So... what's the work around? Could someone explain so we can patch our actual working sites?

Thanks.

Top

brad

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 9:17 pm

Joomla! Master

Joined: Fri Aug 12, 2005 12:38 am
Posts: 13378
Location: Sydney - Australia

Have you got a link to your site? This is not something I have seen on any sites that I have upgraded.. or even on the official Joomla sites.

_________________
Brad Baker - Follow me on Google+
http://www.rochen.com - Joomla! Hosting, the correct way.
http://www.joomlatutorials.com <-- Joomla Help & Tutorials
^Now with Joomla 2.5 and Joomla 3.0 Tutorials

Top

ProjectMayhem

Post subject: Re: Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Posted: Mon Nov 21, 2005 9:49 pm

Joomla! Intern

Joined: Thu Aug 18, 2005 3:01 pm
Posts: 70

yeah I'd like to see what the deal is before I upgrade all of my sites aswell. so if you find out anything please share.

_________________
You are not your job. You are not how much money you have in the bank. You are not the car you drive. You are not the contents of your wallet. You are not your f!@#ing khakis. We are the all-singing, all-dancing crap of the world.

Top

Page 1 of 5

[ 133 posts ]

Go to page 1, 2, 3, 4, 5 Next

Board index » Joomla! Announcements » Announcements » Announcements Discussions

Who is online

Users browsing this forum: No registered users and 4 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:

Welcome to Joomla!

Recent Joomla! News

Support Joomla!

What Is Joomla?

Joomla! for Business

Joomla! for Developers

Learn more about Joomla!

Connect!

Support!

Read!

Get involved with Joomla!

Directories

Developers

Download Joomla! 2.5

Download Joomla! 3.1

Getting Started with Joomla!

Internationalization

The Joomla! Forum ™

Forum rules

Discuss about : Upgrade to Joomla! 1.0.4 Security Release now!

Who is online