Jump to content
TCH-Thomas

Joomla! Multiple Unspecified Vulnerabilities

Recommended Posts

Secunia writes:

Description:

Multiple vulnerabilities with unknown impacts have been reported in Joomla!.

 

The vulnerabilities are caused due to unspecified errors in the publishing functionality, the Contact component, and other functionality.

 

The vulnerabilities have been reported in version 1.0.5 and prior.

 

Solution:

Update to version 1.0.7.

Share this post


Link to post
Share on other sites

 

This is good advice but last time I tried to upgrade I ended up having to reinstall everything.

Things transpired as follows:

Retrieved zip file from joomla.

Tried to up load zip file via cpanel.

Cpanel failed to upload some or all of the files.

I'm not sure since cpanel file manager doesn't show owner ship but I guessed that the problem was that having been installed and configured via the web page many things were owned by the apache process ( some times known as nobody).

This is all on the very edge of my experience so I'm pretty fuzzy on it.

 

I do know that I asked for support help and things went from bad to worse as support attempted to adjust or repair

ownership and eventually I even lost my Gallery installation.

 

So here I am with a very solid need to upgrade and only knowing how not to do it.

 

Any help would be greatly appreciated.

 

Ed

Share this post


Link to post
Share on other sites

Things seem to have worked much better this time upgrading from 1.0.4 to 1.0.7

 

First I did a backup.

I also copied my joomla directory to a temporary location on my site public_html/tmp.

I uploaded the tar gziped file to the copy in tmp and used cpanel to unzip tar the files, must be done within the top level joomla directory.

 

This showed no errors and the file ownership and permissions looked good. I used gftp to check these out.

 

I took my site off line with the Site->Global Configuration menu.

 

Then I copied the joomla upgrade file over to my official site directory for me ~/public_html/joomla_4.0.1 and used cpanel to uncomress un tar it there.

 

Every thing works fine.

 

Now to find a better content editor.

 

This is good advice but last time I tried to upgrade I ended up having to reinstall everything.

Things transpired as follows:

Retrieved zip file from joomla.

Tried to up load zip file via cpanel.

Cpanel failed to upload some or all of the files.

I'm not sure since cpanel file manager doesn't show owner ship but I guessed that the problem was that having been installed and configured via the web page many things were owned by the apache process ( some times known as nobody).

This is all on the very edge of my experience so I'm pretty fuzzy on it.

 

I do know that I asked for support help and things went from bad to worse as support attempted to adjust or repair

ownership and eventually I even lost my Gallery installation.

 

So here I am with a very solid need to upgrade and only knowing how not to do it.

 

Any help would be greatly appreciated.

 

Ed

Share this post


Link to post
Share on other sites

My upgrade of Joomla from 1.0.9 to 1.0.11 went fairly smooth.

 

Be sure to backup first.

After backing up take the site down.

NOT GOOD: The zip file of the upgrade from 1.0.9 to 1.0.11 DID NOT unzip for me.

GOOD: The tar.gz did gunzip and untar correctly.

 

NOTE: After installing the upgrade files you have at least one more step.

 

You will have to manually edit your globals.php file.

This file is found in the top directory of your Joomla installation for me that is public_html / joomla_1.0.4 /

Copy it to a safe place above Joomla before editing so you can restore it with Cpanel should your edit fail.

Cpanel does not "show" this file correctly but the Cpanel edit works.

 

Around line 24 you will find this:

define( 'RG_EMULATION', 0 );

change it to this:

define( 'RG_EMULATION', 1 );

 

Now go to you admin page and check the system info and see if you have any warnings.

All should be good.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...