This blog is not updated any more. Here's the new blog.


Joomla! 1.5.6 Released: a critical security fix

13
Aug
2008

This morning the Joomla! dev team released a new Joomla version: 1.5.6.

That's a released made to correct a security hole that was discovered yesterday: it seems that anyone could get administrator access using the Password Remind functionality, used to reset a password when it's forgotten.

After a couple of hours the Joomla Team released an official patch on the Joomla.org website.

CompassDesigns.net was hacked because of this problem.

Every Joomla! 1.5 installation is infected by this problem, that now is of public domain. It's a good idea to upgrade your websites!


Bookmark and Share

5 Comments for the post “Joomla! 1.5.6 Released: a critical security fix”

Copes Flavio Says:
August 13th, 2008 at 15:08

http://secunia.com/advisories/31457/

Jim Says:
August 15th, 2008 at 19:51

Too late, I installed Wordpress. All is better now.

Copes Flavio Says:
August 16th, 2008 at 10:54

Hi Jim, thanks for your comment.

While I do think that WP is a great piece of software (I’m using it here on my blog) Joomla allows you to do many things that WP simply isn’t developed for.

So, if you want a blog then WP is the best choice in the world. There’s no fanatism here ;-)

JSST, security-related Joomla squad Says:
August 19th, 2008 at 09:45

[...] the security hole that lead to the release of Joomla! 1.5.6, the Joomla Core Team decided that it was time to create a group of people devoted to the security [...]

sandrar Says:
September 10th, 2009 at 14:05

Hi! I was surfing and found your blog post… nice! I love your blog. :) Cheers! Sandra. R.

Comments are closed.