Letterman Security Announcement

For all Non-Joomla! security issues. ie 3pd Components etc.

Moderator: General Support Moderators

Forum rules
Locked
User avatar
manuman
Joomla! Guru
Joomla! Guru
Posts: 891
Joined: Fri Aug 12, 2005 1:58 am
Location: Perth - Western Australia
Contact:

Letterman Security Announcement

Post by manuman » Thu Jun 14, 2007 8:38 am

I would like to advise that a vulnerability in mod_lettermansubscride has prompted the immediate release of mod_lettermansubscribe 1.2.5

All site owners using Letterman's subscribe module should upgrade to version 1.2.5 immediately.

You can get the new version from the downloads section of my site (see sig).

Cheers
Shayne
Shayne Bartlett - Joomla Co-Founder
CTO/Web Architect: Elastik Limited https://elastik.space

jlover_needslife
I've been banned!
Posts: 14
Joined: Sun Jun 10, 2007 11:12 am

Re: Letterman Security Announcement

Post by jlover_needslife » Fri Jun 15, 2007 3:39 am

manuman wrote: I would like to advise that a vulnerability in mod_lettermansubscride has prompted the immediate release of mod_lettermansubscribe 1.2.5

All site owners using Letterman's subscribe module should upgrade to version 1.2.5 immediately.

You can get the new version from the downloads section of my site (see sig).

Cheers
Shayne
Why isnt this listed in the vulnerable extensions directory?

??? ...oh...I should guess...

user deleted

Re: Letterman Security Announcement

Post by user deleted » Fri Jun 15, 2007 8:08 am

Mod note; moving to correct forum

User avatar
rliskey
Joomla! Guru
Joomla! Guru
Posts: 828
Joined: Tue Jun 06, 2006 7:41 am
Location: California, Germany, Norway
Contact:

Re: Letterman Security Announcement

Post by rliskey » Tue Jun 19, 2007 7:59 pm

Added to vulnerable extensions list:
http://help.joomla.org/component/option ... temid,268/

User avatar
rliskey
Joomla! Guru
Joomla! Guru
Posts: 828
Joined: Tue Jun 06, 2006 7:41 am
Location: California, Germany, Norway
Contact:

Re: Letterman Security Announcement

Post by rliskey » Tue Jun 19, 2007 8:02 pm

Why isnt this listed in the vulnerable extensions directory?

??? ...oh...I should guess...
Volunteers can only do so much, so fast. This is a community project. Feel free to help...

ikp
Joomla! Apprentice
Joomla! Apprentice
Posts: 23
Joined: Mon Apr 23, 2007 11:26 pm

Re: Letterman Security Announcement

Post by ikp » Tue Aug 21, 2007 3:11 pm

Can someone please point me in the direction of an upgrade procedure so I do not lose my subscribed members and existing lewsletters.
???
thnx

User avatar
manuman
Joomla! Guru
Joomla! Guru
Posts: 891
Joined: Fri Aug 12, 2005 1:58 am
Location: Perth - Western Australia
Contact:

Re: Letterman Security Announcement

Post by manuman » Sun Aug 26, 2007 4:34 pm

This is only an update to the module, not the core component. You can simply uninstall the module and install the updated one without it effecting your members.

Of cause back up DB first as I'm sure you do for any upgrade.

Cheers
Shayne
Shayne Bartlett - Joomla Co-Founder
CTO/Web Architect: Elastik Limited https://elastik.space

jake halpert
Joomla! Apprentice
Joomla! Apprentice
Posts: 19
Joined: Wed Jan 11, 2006 2:23 pm

Re: Letterman Security Announcement

Post by jake halpert » Mon Oct 15, 2007 6:01 pm

Hi,

I hope this is the place to ask this question...

My client has a hodgepodge of Joomla and Mambo sites. Some are old and waiting to get redesigned before being updated to the latest Joomla. A bunch are Mambo v. 4.5.2. Can I do this security upgrade on these sites or is it not cleared to work with old Mambo?

Thanks!
Jake 

User avatar
choomla
Joomla! Explorer
Joomla! Explorer
Posts: 308
Joined: Wed Feb 22, 2006 7:11 pm
Location: Gothenburg, Kingdom of Sweden
Contact:

Re: Letterman Security Announcement

Post by choomla » Fri Dec 19, 2008 9:20 am

I get this message when runnning this module on one of my 1.5 sites

Fatal error: Call to undefined method stdClass::load() in /home/italienp/domains/pedagogpoolen.se/public_html/modules/mod_lettermansubscribe/mod_lettermansubscribe.php on line 47

Any idea why?

zheyhuz
Joomla! Apprentice
Joomla! Apprentice
Posts: 23
Joined: Mon Oct 16, 2006 2:20 am

Re: Letterman Security Announcement

Post by zheyhuz » Tue Dec 30, 2008 5:13 am

i got same error too...somebody pls help..tnx

User avatar
vijays0055
Joomla! Fledgling
Joomla! Fledgling
Posts: 4
Joined: Wed Jul 15, 2009 5:18 pm

Re: Letterman Security Announcement

Post by vijays0055 » Fri Oct 02, 2009 8:27 pm

line 47

from

$my->load( $my->id );

to

$my = & JFactory::getUser();


Locked

Return to “3rd Party/Non Joomla! Security Issues”