|
 نسخه امنیتی جوملا 1.6.2 منتشر شد. به گزارش تیم مامبولرن در این نسخه 8 مشکل امنیتی جوملا 1.6.1 برطرف شده است. همچنین 115 مشکل دیگر که توسط کاربران گزارش داده شده بود در این نسخه برطرف شد.
هدف تیم گسترش، انتشار منظم نسخه های جوملا برای جامعه متن باز است.
در ادامه مشکلات برطرف شده در این نسخه را میتوانید ببینید :
Security
* Low Priority - Core - Information Disclosure.
* Low Priority - Core - Information Disclosure.
* Low Priority - Core - XSS Vulnerabilities.
* Medium Priority - Core - XSS Vulnerabilities.
* Medium Priority - Core - XSS Vulnerabilities.
* Medium Priority - Core - Unauthorised Access.
* Medium Priority - Core - SQL Injection.
* Medium Priority - Core - Clickjacking.
Issues Fixed
ACL JModelForm enables 'com_checkin' for 'core.manage' - should be 'core.admin'
Administration Improve .htaccess rewrite efficency
Administration Don't always load Mootools (More) in the backend.
Administration Administrator (with a capital A) does weird stuff
Administration *Systeminformation > Directory Permissions: List incomplete
Administration Logout in administration menu not working
Authentication and Login Gmail authentication fails (Verify Peer variable mistyped)
Automated Test Automated ACL system test to test manage permission
Automated Test Fix failing unit test for JDocument
Automated Test Xcache can not be tested using phpunit
Automated Test Add more unit tests for JURI
Automated Test Fix failing unit test for JDocumentRenderRSS
Browsers Font Size not working with Internet Explorer 7
Code Style Unused JElement classes in core
Code Style Don't use the javascript pseudo protocol when it isn't necessary
Code Style Several places calling getXMLparser instead of getXMLParser
Code Style Many places calling JHTML:: instead of JHtml::
Code Style Fix a number of incorrect comment in components
Code Style Don't use sizeof()
Code Style Optimize for loops
Code Style Empty file administrator/components/com_users/helpers/levels.php
Components Unable to create external menu item type with an alias that is a folder name
Components Blog pagination options missed in Gobal configuration (com_content)
Components Contact form not using Jform makes event not work as expected
Components Featured articles are reordered when editing one of them
Components 1.6.1 breaks wrapper menu links
Components *Issue with Articles created in front-end and set to featured
Components *Missing weblink ini strings when submit/edit weblink from a content
Components *Weblinks adding words "Web links" before the actual link text
Components Media form field is not allowed access to media manager in the front end
Components Wrong CSS class declaration
Components Article Title will not go away no matter what.
Components *Unused show title parameter for archives menu item
Components new layouts - No pagination on articles category page if first visit
Components *Combined patch for various meta issues in menu items
Components Extra quote in com_weblinks
Components Apply (Save and present in Editor again) does not checkout row
Components Wrong header output in com_contact vCard view makes IE handle vCard downloads wrong...
Components com_contact vCard link not using JRoute::_() which causes download issues with System - Language Filter plugin enabled and SEF 25550
Components Category Blog - More Article links don't have limitation
Components *ROOT parent category wrongly displays in featured and blog layout
Components *Unused Jtoolbarhelper title in Language Manager Content Languages
Components Sort in Article Category List broken
Database failure to delete error message showing incorrectly
Database performance of assets table query with > 40 articles on website in registered mode
Forms onchange event does not fire in JFormFieldAMedia
Front End Article edit page permits you to attempt to edit checked-out articles causing 403 errors. With patch.
Front End Menu alias not respecting "active"
Front End Undefined notice on 404 page
Installation *joomla.xml still exists after install of install
Installation Typos in sample data
Installation Installer missing client-side check that package was selected prior to pressing Upload and Install Button.
Javascript No javascript form validation after clicking submit button
Joomla! Libraries access levels - pagination::orderDownIcon appearing before last item
Joomla! Libraries Improved fix for XSS issue found in Joomla 1.5.20
Joomla! Libraries browser detection script reports wrong informations
Joomla! Libraries Installation of tar.gz packages fails in xampp under Windows
Joomla! Libraries Remove remaining ereg* functions - Obscolete in PHP 5.3
Joomla! Libraries Module plugin and component scriptfile are not copied to final install point
Joomla! Libraries The word Array appears below the document when Cache is turned on
Joomla! Libraries *rev 20974 breaks normal sliders/tabs behavior
Joomla! Libraries *Content language ordering not implemented
Joomla! Libraries JPane slider effect not functioning properly
Joomla! Libraries Extension "upgrade" method re-installing component
Joomla! Libraries #24285 change breaks module cache functionality needs to be reverted
Joomla! Libraries the package strings are not translated when installing or managing"
Languages *Contact language is ignored in frontend
Languages Plugin instead of Module in en-GB.lib_joomla.ini
Languages Incorrect SMTP security option
Languages Typo in en-GB.lib_joomla.ini
Languages Some errors and warnings are not translated due to missing JText::_()
Languages The front end rendering of the media field is missing srings
Languages Incorrect language keys in error.php of atomic template
Languages Typos on the 404 page
Languages com_menus translation is missing for list items
Languages *Although en-GB language is protected by default in db it can be uninstalled
Languages *en-GB.files_joomla.sys.ini not loading
Media Manager media manager folder names hidden when long
Modules Hiding "Add New Shortcuts" removed Groups and Levels in admin menu
Modules Module latest user parameter link to contact does not work
Modules Static caching of language switcher ruins the correct class lang-active behaviour (patch included)
Modules Changing modules doesn't reflect changes with enabled caching.
Modules * hr.gif and sr.gif are transparent
Modules Wrong order in Module Latest Users
Modules Ordering of two modules options are inconsistent
Modules *langswitcher module can display content languages with no specific home page
Modules Database error not handled in mod_users_latest and mod_articles_archive
Modules *Notices with module Articles category
Modules Minor Bugs in mod_whosonline
Modules Module Articles Category takes server timezone instead of Joomla one
Plugins Form onchange event pointing to non-existant event
Plugins *Plugin System cache error when debug is on.
Plugins Language filter redirecting breaks image uploading in frontend. Patch included.
Plugins Following http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=25210
Plugins *Wrong lang load order when editing plugin
Plugins Update CodeMirror to Version 1.0
Plugins *Email Cloak Plugin outputs preformatted code in email "to" field
RTL RTL issues with beez 2 and beez 5
Search Engine Friendly Content pictures aren't displaying if SEF is on and System Cache plugin is enabled
Search Engine Friendly 404 after pagebreak in <--prev next --> footer
Search Engine Friendly The robots.txt file offers no protection for a site installed in a folder.
Search Engine Friendly Menu item type Alias not editable alias
Search Engine Friendly *Metatag Robots not working for menu items
Templates Don't add aria role breadcrumbs
Templates *Save & Copy template styles issue
Templates tooltips in high contrast mode (bluestork)
Templates Hathor: minor bug that causes hidden Date values in com_templates
Templates admin templates does not add a border on fielset when using tabs
Templates RTL in Atomic
User Interface Native support for IIS Rewrite
User Interface Inconsistency in the naming of the items statuses
User Interface Fix New and Save icons for other components
User Interface module assignment slider gives inaccurate information for modules with "all except"
User Interface Media manager popup - Change of directory don't reflect in list of images and folders on windows system (XAMPP)
User Interface *Normalizing com_messages UI
 |
