-------------------- 1.5.10 Stable Release [27-March-2009] ------------------
Security
One low-level and one moderate-level security issue were fixed in this release:
* Moderate Priority: A series of XSS and CSRF faults exist in the administrator application. Affected administrator components include com_admin, com_media, com_search. Both com_admin and com_search contain XSS vulnerabilities, and com_media contains 2 CSRF vulnerabilities. More information »
* Low Priority: A XSS vulnerability exists in the category view of com_content. More information »
For additional information, visit the Joomla Security Center.
Components
* Article Alias no longer missing from Category Views (14228)
* Section List now drills down correctly to a Category List with Global Content Filters (14510)
* Web link Router now uses correct Category value (14705)
* Article HTML filtering correct when only one Filter group selected (14758)
* Tooltip Help corrected for Section, Category, and Article Alias (15007)
* Sorting lists by values other than Order corrected (15107)
* Archived Article Filter Function works correctly (15124)
* Ampersand in site name no longer breaks Position value in vCard (15143)
* Added "/" before URL in Remind Me and Password links for com_user (15215)
* Search works properly using international characters with SEF enabled (15233)
* Register to Read More in redirect URL correct for Section and Category Menu Items (15266)
* Multiple Search Menu Items now return correct ItemID (15293)
* com_media no longer incorrectly loads CSS files from the backend (15354)
* Fixed invalid XHTML output in com_content and com_contact (15362)
* Small errors in code comments corrected for com_user (15461)
Modules
* Changing the module's 'Position' value now correctly changes the value for the 'Order' listbox. (12119)
* When Module is saved, Module's cache is now cleared (12137)
* Encoding behavior for quotes and ampersands corrected in Modules (13111)
* Menu image alignment resolved (14071)
* Menu Alias respects Active setting (14767)
* Resolved tag error in mod_feed (14948)
* Login Redirect returns to current page when no Redirect URL is specified (15376)
Plugins
* Fixed ID tags used by openid.js (13285)
* Pagebreak works correctly with JCE (14525)
* Pagebreak outputs correct XHTML elements (14496)
* Pagebreak accurately tracks active page (14558)
* Pagebreak works correctly with Section tables (14827)
* Caching error resolved for Remember Me function (14857)
* Menu Item changes are now cached properly (14896)
* SEF Plugin correctly handles "Data" attribute (15137)
* Load Position no longer deletes dollar sign and next two positions, in Module output (15237)
Legacy
* No legacy issues fixed for this release.
Templates
* Beez: Correct Last Updated date used in Section Blog (14571)
* JA Purity: All Article text no longer linked when Category presented (14286)
* rhuk Milkyway: Correct authorEmail value (14439)
* Corrected RTL issue for Site Title when mouse hovering over Template Logo (14945)
Language
* Localization for user name corrected in registration form (14468)
* Corrected localization issue for new Module (13999)
* User details translatable (14710)
* Localization corrected for installation of Component (14859)
* Copy Menu Items function is now translatable (14944)
* Pagebreak now translatable (15300)
* Uninstalling a Component now has all Language Strings (15375)
Administrator
* Categories are now sortable in reverse order by Order data element (14004)
* Parameter Element ID for folderlist and filelist are correct (14514)
* Date format correct for 'checked out date' (14381)
System
* Installation of Extensions no longer fails when zip files are included (9701)
* No longer missing l10n in JApplicationHelper::parseXMLInstallFile() (11798)
* Resolved Javascript errors created by previous SEF Background Image Fix (13973)
* Resolved problem with error handling in JFactory::getXMLParser (14022)
* Case-sensitive image extensions (14059)
* Atom feed validates correctly (14515)
* JString::RTrim method is correct (14491)
* Removed short open tag in admin.categories.html.php (14660)
* JInstallerComponent::_rollback_menu() error resolved when getting DB Connector (14795)
* File move now correctly returns "false" when not read or writable (14818)
* Directory Permissions listed correctly for Temp and Log Folders (14865)
* JFolder::folders no longer returns unnecessary warning (14875)
* Setting Tooltip Offset works correctly (15006)
* JArchiveZip::_extractNative() correctly identifies zip_open() failure (15044)
* Installer.php parseMedia points to correct folder (15047)
* Custom Install file upgraded on Component installation (15217)
* Undefined index HTTP_USER_AGENT error fixed in behavior.php (15282)
Statistics
Statistics for the 1.5.10 release period:
* Joomla 1.5.10 contains:
o 68 issues fixed in SVN
o 281 commits
* Tracker activity resulted in a net decrease of 8 active issues:
o 176 new reports
o 133 closed
o 68 fixed in SVN
* At the time the 1.5.10 release was packaged, the tracker had 95 active issues:
o 44 open
o 40 confirmed
o 11 pending
-------------------- 1.5.10 Stable Release [27-March-2009] ------------------
Legend:
* -> Security Fix
# -> Bug Fix
$ -> Language fix or change
+ -> Addition
^ -> Change
- -> Removed
! -> Note
27-Mar-2009 Anthony Ferrara
# Fixed a few issues with the language install packs (double < characters, and a missing file)
27-Mar-2009 Wilco Jansen
- Removed mk-MK language pack in installer
+ Added be-BY, et-EE, gu-IN, mn-MN and ur-PK language pack in installer
^ Updated bg-BG installer language pack
^ Updated CREDITS.php with translators information and other contributors
^ Changed helpsite reference matching installation language file changes
^! Moderate Priority: A series of XSS and CSRF faults exist in the administrator application. Affected administrator components include com_admin, com_media, com_search. Both com_admin and com_search contain XSS vulnerabilities, and com_media contains 2 CSRF vulnerabilities.
^! Low Priority: A XSS vulnerability exists in the category view of com_content.
^ Updated version tags in translation manifest files
25-Mar-2009 Wilco Jansen
^ Activated installation check and updated version files
11-Mar-2009 Ian MacLennan
# [#14515] Atom feed does not validate
9-Mar-2009 Wilco Jansen
# [#15215] Inconsistent prefix for index.php in com_user
8-Mar-2009 Wilco Jansen
# [#15300] Missing translation in pagebreak plugin
# [#15107] Save order enabled and creating random results when active sorting column isn't ordering
# [#14818] filesystem file move doesn't return false when not read- or writable
# [#14827] Page break does not work correctly when tables are included in the page sections. The pairs are uneven.
# [#15137] sef plugin does not convert data attribute
# [#9701] Installation of Extensions fails when they include zip files
# [#15044] JArchiveZip::_extractNative() fails to discover zip_open() failure
# [#14525] pagebreak doesn't work correct if using JCE
# [#14558] Pagebreak Plugin Does Not Keep Track of Active Page
# [#14947] Status Module Icon RTL issue
# [#15266] Bad URL after redirect when Register to Read More in Section, Category Menu Items
# [#15362] Not valid XHTML output in com_content and com_contact
# [#15354] com_media loads css files from the backend
# [#15375] Missing language string
# [#15376] Login redirect no longer returns you to your current page if no redirect specified
# [#15233] Search doesn't work with international characters when SEF is enabled
# [#14514] parameter element id of type folderlist and filelist are not correct
# [#13285] Wrong tag-IDs used by openid.js
# [#12119] Changing the module's 'Position' drop-down doesn't change the 'Order' drop-down.
# [#15359] spambots are still able to see registration page even if registration is turned off
# [#14071] menu image alignment
# [#14875] JFolder::folders returns unnecessary warning
# [#14705] Web link Router incorrectly grabs wrong category item
# [#15143] Ampersand in Site Name breaks Position field in vCard
# [#14022] Faulty error handling in JFactory::getXMLParser
# [#14228] Article alias field missing from in category views
# [#14381] Incorrect checked out date format in the back-end
# [#15282] Undefined index HTTP_USER_AGENT in behavior.php
! Big thanks to the Joomla Bug Squad for a weekend of hard work!
1-Mar-2009 Ian MacLennan
# [#12137] Cache Saving module doesn't clear the module's cache data
# [#13111] Inconsistent encoding behaviour - "&" stays as "&" in articles but is converted to "&" in modules
# [#13999] When installing a new module, its title is not translated
# [#14059] Case sensitive image extensions
# [#14286] Template JA Purity: Link all the text in an article if category is shown
# [#14565] Omitted UTF-8 modifier in preg_replace function (com_search)
# [#14758] Article HTML filtering doesn't work if only one Filter group is selected
# [#14795] JInstallerComponent::_rollback_menu() - Error when getting DB Connector
# [#14859] untranslated message installing language files for component
# [#14896] Changes of menu items aren't applied immediately if caching is enabled
# [#14945] Site Title over Joomla's Logo RTL issue
# [#15006] Setting Tooltip Offset Breaks Tooltip
# [#15047] installer.php parseMedia pointing to wrong dir.
# [#15124] Filter Function on Archived Article Doesn't Work
# [#15217] custom isn't upgraded on component installation
# [#15237] Loadposition Deletes Dollar signs
# [#14660] Short open tag in admin.categories.html.php
19-Feb-2009 Wilco Jansen
# [#14004] Can't sort categories by "order" column in reverse order
15-Feb-2009 Kevin Devine
# [#15007] Bad Tooltip Help on Section, Category, and Article Alias
# [#14710] User Details not translated
# [#14720] •Untranslated strings in com_contact with patch
# [#14944] Copy Menu Items
# [#11798] Missing l10n in JApplicationHelper::parseXMLInstallFile()
07-Feb-2009 Kevin Devine
# [#14865] Directory Persmissions doesn't list correct tmp or log directories
# [#14767] Menu alias not respecting "active" setting
# [#14857] Cache Plugin Can Cache Incorrect Data]
# [#14948] Little tag error in mod_feed
29-Jan-2009 Kevin Devine
# [#14510] Section List drill down to Category List: Filter doesn't work if global content filters set
# [#14491] JString::rtrim method incorrect
# [#14496] Pagebreak outputs incompatible
elements (XHTML)
# [#14571] Wrong date in "last updated" in section blog when using beez
# [#14468] user name word translation not correct in register form.
# [#14439] Wrong authorEmail in Rhuk Milkyway
# [#13973] SEF Background Image Fix Breaks Some Javascript ***