Joomla! Developer Network

There is always a great deal of Joomla! development activity underway and communicating with other developers in the community is essential. This site is a resource for anyone looking to build or maintain software based on the Joomla platform

  • Project: Joomla!
  • SubProject: All
  • Severity: Moderate
  • Versions: 1.5.15 and all previous 1.5 releases
  • Exploit type: information Disclosure
  • Reported Date: 2010-Feb-21
  • Fixed Date: 2010-Apr-23

Description

If a user entered a URL with a negative query limit or offset, a PHP notice would display revealing information about the system.

Affected Installs

All 1.5.x installs prior to and including 1.5.15 are affected.

Solution

Upgrade to the latest Joomla! version (1.5.16 or later)

Reported by Security List

Contact

The JSST at the Joomla! Security Center.

In a reorganising of the Joomla! web properties, the PLT has decided to close down the Joomla! User Experience website (https://ux.joomla.org). This news isn’t really new news. Discussions about moving the JUX forum started in 2013 but the steps necessary to move and shut the forum down were never completed. Is the Production Leadership Team still interested in a Joomla! user’s experience? You can bet it is!


JUX is closing

Many of you may have noticed the message "Please note: Due to technical reasons we have had to disable the Install from Web Service. We are working to get it back online as soon as possible. To find extensions please use the Joomla! Extensions Directory at http://extensions.joomla.org"

Install from web


Status of the Install from Web

After an extended period of silence, the Production Leadership Team is happy to announce that we are moving forward with planning, preparing, and ultimately releasing version 2 of the Joomla! Framework. Over the last several weeks, we have begun building a roadmap and vision for the next major version of the Framework and are now ready to share with the community for review and feedback.


Framework v2 Roadmap

We recently received an email from google webmaster tools with the subject line: Hacking suspected: http://joomlacode.org/

Unfortunately, it appears that joomlacode.org is infected with content spam. When we realized this, our only concern is to protect our users. This will involve taking down the service in the very near future. This is an inconvenience for project owners using JoomlaCode to host projects for, and we are truly sorry.


JoomlaCode is closing

Happy New Year from all of us on PLT! We have been busy over the holiday testing, and re-testing Joomla 3.4 alpha. We are delighted to announce we will release Joomla 3.4 beta, January 27th 2015.

We are grateful for all the feedback we received from those who took part in our recent alpha release. This extended alpha phase allowed us to drive attention to testing and creating patches.

All new features contributed to the project will be considered for Joomla 3.5. Features already submitted will be reviewed for the 3.4 release.

Updated Timeline

The following updated timeline is established for the 3.4 release:

  • January 20th 2015 - 3.4 Feature Freeze
  • January 27th 2015 - 3.4 Beta 1
  • February 3rd, 2015 - 3.4 Beta 2
  • February 10th, 2015- 3.4 Release Candidate
  • February 17th, 2015 - 3.4 Stable Release

Joomla 3.4 release timeline update

Joomla! CMS

Current Release 

View known Issues

Development Status

Nightly CMS builds for developers are available for download

Joomla! Framework

Joomla! Reading

Joomla! Programming

Joomla! Programming

Mark Dexter & Louis Landry
Joomla! Templates

Joomla! Templates

Angie Radtke