Joomla! 1.0.15 released
Joomla! 1.0.15 addresses a security issue discovered since our last stable release, Joomla! 1.0.14. After adequate testing on a backup or sandbox version of your live site, you should backup your live site and upgrade to 1.0.15.
Note, that you should upgrade your site to Joomla!1.0.15 only if you used Joomla! 1.0.12 or early and subsequently upgrading to next releases (1.0.13 or 1.0.14).
Security Fixes
- SECURITY [HIGH] Fixed remote file inclusion vulnerability.
Explanation
In Joomla! 1.0.13, the following line was added to the configuration.php file:if(!defined('RG_EMULATION')) { define( 'RG_EMULATION', 0 ); }This file is located in the root directory of your Joomla! Web site. Including this extra line protects against possible remote file inclusion.
Web sites created with Joomla! 1.0.13 or later already contain this line. However, Web sites upgraded from 1.0.12 or earlier are missing this line. All this upgrade does is add that line to the configuration.php file if that line does not already exist. Another way to address the vulnerability is to simply add the line to your configuration.php file manually.
This entry was posted
on Friday, February 22nd, 2008 at 3:56 pm and is filed under Joomla!. You can follow any responses to this entry through the 
RSS 2.0 feed.
You can skip to the end and leave a response. Pinging is currently not allowed.