新起点的温情故事

Joomla!官方近日发布了最新紧急升级，因为密码修改漏洞安全问题，Joomla! 1.5.25版本正式发布，请使用旧版本的站长尽快升级。

 

下载地址如下：

Joomla 1.5.24 (完整版) »

Joomla 1.5.24 (升级包) »

官方升级说明如下：

Release Notes

Check the Joomla 1.5.25 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.

Security
High Priority – Core – Password Change Vulnerability. More information »

[20111103] – Core – Password Change
Project: Joomla!
SubProject: All
Severity: High
Versions: 1.5.24 and all earlier 1.5 versions
Exploit type: Password Change
Reported Date: 2011-October-28
Fixed Date: 2011-November-14
Description

Weak random number generation during password reset leads to possibility of changing a user’s password.
Affected Installs

Joomla! version 1.5.24 and all earlier 1.5 versions
Solution

Upgrade to the latest Joomla! 1.5 version (1.5.25 or later)

Reported by David Jardin
 

Category Issue Title Link
Administration 303 redirections cause page subresources to be reloaded on WebKit browsers (Nicholas Dionysopoulos). 21622