If you are using Joomla, now is the time to update it. A new version was just released for the 1.5.x and 1.7.x branches fixing a high priority security issue that will allow remote users to change other users passwords (even on admin account).

Klik untuk besarkan gambar

.

More details on the Joomla website and here.

Description:
Weak random number generation during password reset leads to possibility of changing a user’s password.

Affected Installs:

• Joomla! version 1.5.24 and all earlier 1.5 versions
• Joomla! versions: 1.7.2 and all 1.6.x versions

Changelog:

diff -ur joomla-1-5-24/libraries/joomla/user/helper.php joomla-1-5-25/libraries/joomla/user/helper.php
— joomla-1-5-24/libraries/joomla/user/helper.php 2010-01-26 10:10:00.000000000 -0400
+++ joomla-1-5-25/libraries/joomla/user/helper.php 2011-11-13 21:18:53.000000000 -0400
@@ -285,11 +285,6 @@
- $stat = @stat(__FILE__);
- if(empty($stat) || !is_array($stat)) $stat = array(php_uname());
-
- mt_srand(crc32(microtime() . implode(‘|’, $stat)));
-
for ($i = 0; $i < $length; $i ++) {
$makepass .= $salt[mt_rand(0, $len -1)];
}

Please update!

Incoming search terms:

• how to upgrade joomla 1 5 21 to 1 5 25 version

Related Posts

Perbandingan Antara WordPress Dengan Joomla
 

Joomla 1.6 Has Arrived!
 

Joomla! 1.5.21 Sudah Terbit
 

iOS 4.1 Software Update
 

Kursus WordPress & Joomla akan bermula Oktober ini