Anzeigen der neuesten Beiträge
0 Mitglieder und 1 Gast betrachten dieses Thema.
Drupal 6.16 and 5.22, maintenance releases which fix issues reported through the bug tracking system, as well as security vulnerabilities, are now available for download. Drupal 6.16 also fixes other smaller issues.Upgrading your existing Drupal 5 and 6 sites is strongly recommended. There are no new features in these releases.
Based on Open Source software, and bundled with support by eZ Publish Premium services, eZ Publish is the leading Enterprise Web Content Management software platform. eZ Systems releases version 4.3 of eZ Publish on March, 30th. A host of exciting new features, as well as numerous enhancements to classic eZ Publish favorites, make 4.3 the ideal Enterprise Web Content Management platform! Discover some of the exciting new facets of our award-winning platform. * Introducing the Dashboard * More space, less clicks,less reload * More flexible interface for the Content Engine * Best of breed user comments * Fully flexible and customizable commenting system * Teamroom, the new Collaboration Solution based on eZ Publish * Other News and Improvements
Secunia Research contacted us a few days ago about two potential security issues. We have been working to reproduce and fix the issues, while they have held off making them public.While I won't go into too much detail, I will say that one involves being able to upload a malicious file. It requires an odd set of preferences and a missing file to allow it to happen though, so the threat is pretty low in our opinion.The other was a js code injection. The user was able to inject some js code that would run if an admin edited the users post. This was only open if the site had the 'personal content manager' option enabled in the content plugin.Both have now been fixed...thanks again to Secunia for pointing them out to us.Of course, the release also includes all other bug fixes that have been committed since the last release.
SecurityFour security issues were fixed in this release: * Moderate Priority - Core - Negative Values for Limit and Offset. More information » * Low Priority - Core - Installer Migration Script. More information » * Moderate Priority - Core - Sessation Fixation. More information » * Low Priority - Core - Password Reset Tokens. More information »For additional information, visit the Joomla Security Center.Components * Fixed error in contacts with SEF enabled (17235) * Fixed SQL error when sorting news feeds by section. (18648) * Fixed problem showing URL for image files in Atom news feeds. (18936) * Fixed problem where author alias was not escaped correctly. (19009) * Fixed bug in pagination of category blog menu item. (19245) * Fixed display of image captions in some situations. (19405) * Fixed caching problem with com_contact. (19435) * Added framework validation to com_media file. (19763) * Fixed PHP notice when enabling or disabling a user. (19798)Modules * Fixed caching for related articles module (17000) * Fixed notification error in login module (17762) * Fixed problems with upgrade method in module installation (17878) * Fixed typo in mod_latestnews. (18403) * Fixed HTML validation problem with mod_search. (18619) * Fixed problem with some news feeds not showing. (18672) * Fixed problem in mod_login where trashed menu items show in redirect list. (19831)Plugins * Fixed problem saving content in TinyMCE when editor is toggled (17936) * Fixed bug in email cloaking that added an extra space (17986) * Fixed problem saving valid attributes for some HTML tags. (19055)Legacy * No legacy issues were fixed for this releaseTemplates * Fixed problem loading template files for RTL languages. (18614) * Fixed beez template to show correct Itemid after a search. (18683)Language * Added missing translation strings in installation. (19604) * Added sr-YU language for installation. (19627) * Added Phnom-Penh to timezone files. (19715) * Added missing language strings in installation files. (19816) * Added Arabic Unitag installation language ar_AA (19836) * Added missing language strings for is-IS language in installation. (19864) * Added missing strings in installation ini files. (19871) * Added new hi-IN install language (19966) * Added updates on installation ini files (20024) * Fixed language bug in Menus (20055) * Added language credits update (20195)Administrator * Fixed display problem in back end with RTL languages. (18570) * Fixed problem where Menu Item types for disabled components still showed when adding menu items. (18617) * Fixed problem with display of module position in Module Manager. (18848)System * Fixed JFolder::makeSafe method to not remove dots in path (16506) * Fixed problem that prevented using a cache in some cases (16974) * Remove PHP warning message on some versions (18612) * Fixed problem installing modules in update mode. (18987) * Fixed problem with Yagoon and Norfolk timezones. (19555) * Fixed problem with return value when saving polling components. (19655) * Fixed problem in JToolbarHelper class media_manager method. (19680) * Fixed incorrect URI for IIS platforms (18046) * Improved handling of failing Apache plugins (19859) * Added Reykjavik in timezone (20025) * Fixed JApplication::redirect() to not use 301 code (20043) * Fixed SEF search URL's for cross-platform compatibility (20184)Statistics for the 1.5.16 release period: * Joomla 1.5.16 contains: o 48 issues fixed in SVN o 52 commits * Tracker activity resulted in a net increase of 83 active issues: o 224 new reports o 94 closed o 48 fixed in SVN * At the time the 1.5.16 release was packaged, the tracker had 303 active issues: o 169 open o 103 confirmed o 31 pending
Release NotesCheck the Joomla 1.5.17 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.If you have modified core template overrides, please be sure to back them up before upgrading.SecurityNo security issues were fixed in this release. For additional information, visit the Joomla Security Center.Components * No component issues were fixed for this releaseModules * No moduleissues were fixed for this release.Plugins * No plugin issues were fixed for this release.Legacy * No legacy issues were fixed for this release.Templates * No Templates issues were fixed for this release.Language * Updated ru-RU installation language (20239) * Added en-AU installation language (20220) * Updated help sites list (20238)Administrator * No administrator issues were fixed for this release.System * Fixed problem logging in when Session Handler is set to None (20221) * Fixed error message when running Joomla! in a PHP version prior to version 5.2 (20219) * Reverted change to JFolder::makesafe method that introduced a bug (16506)Statistics for the 1.5.17 release period: * Joomla 1.5.17 contains: o 6 issues fixed in SVN o 6 commits * Tracker activity resulted in a net increase of 4 active issues: o 10 new reports o 0 closed o 6 fixed in SVN * At the time the 1.5.17 release was packaged, the tracker had 307 active issues: o 171 open o 105 confirmed o 31 pending
Drupal 7.0, alpha 5, 2010-05-23 ----------------------- Database: * Fully rewritten database layer utilizing PHP 5's PDO abstraction layer. * Drupal now requires MySQL >= 5.0.15 or PostgreSQL >= 8.3. * Added query builders for INSERT, UPDATE, DELETE, MERGE, and SELECT queries. * Support for master/slave replication, transactions, multi-insert queries, delayed inserts, and other features. * Added support for the SQLite database engine. * Default to InnoDB engine, rather than MyISAM, on MySQL when available. This offers increased scalability and data integrity.- Security: * Protected cron.php -- cron will only run if the proper key is provided. * Implemented a pluggable password system and much stronger password hashes that are compatible with the Portable PHP password hashing framework. * Rate limited login attempts to prevent brute-force password guessing, and improved the flood control API to allow variable time windows and identifiers for limiting user access to resources. * Transformed the "Update status" module into the "Update manager" which can securely install or update modules and themes via a web interface.- Usability: * Added contextual links (a.k.a. local tasks) to page elements, such as blocks, nodes, or comments, which allows to perform the most common tasks with a single click only. * Improved installer requirements check. * Improved support for integration of WYSIWYG editors. * Implemented drag-and-drop positioning for input format listings. * Implemented drag-and-drop positioning for language listing. * Implemented drag-and-drop positioning for poll options. * Provided descriptions and human-readable names for user permissions. * Removed comment controls for users. * Removed display order settings for comment module. Comment display order can now be customised using the Views module. * Removed the 'related terms' feature from taxonomy module since this can now be achieved with Field API. * Added additional features to the default install profile, and implemented a "slimmed down" install profile designed for developers. * Added a built-in, automated cron run feature, which is triggered by site visitors. * Added an administrator role which is assigned all permisions for installed modules automatically. * Image toolkits are now provided by modules (rather than requiring a manual file copy to the includes directory). * Added an edit tab to taxonomy term pages. * Redesigned password strength validator. * Redesigned the add content type screen. * Highlight duplicate URL aliases. * Renamed "input formats" to "text formats". * Moved text format permissions to the main permissions page. * Added configurable ability for users to cancel their own accounts. * Added "vertical tabs", a reusable interface component that features automatic summaries and increases usability. * Replaced fieldsets on node edit and add pages with vertical tabs.- Performance: * Improved performance on uncached page views by loading multiple core objects in a single database query. * Improved performance for logged-in users by reducing queries for path alias lookups. * Improved support for HTTP proxies (including reverse proxies), allowing anonymous pageviews to be served entirely from the proxy.- Documentation: * Hook API documentation now included in Drupal core.- News aggregator: * Added OPML import functionality for RSS feeds. * Optionally, RSS feeds may be configured to not automatically generate feed blocks.- Search: * Added support for language-aware searches.- Aggregator: * Introduced architecture that allows pluggable parsers and processors for syndicating RSS and Atom feeds. * Added options to suspend updating specific feeds and never discard feeds items.- Testing: * Added test framework and tests.- Improved time zone support: * Drupal now uses PHP's time zone database when rendering dates in local time. Site-wide and user-configured time zone offsets have been converted to time zone names, e.g. Africa/Abidjan. * In some cases the upgrade and install scripts do not choose the preferred site default time zone. The automatically-selected time zone can be corrected at admin/config/regional/settings. * If your site is being upgraded from Drupal 6 and you do not have the contributed date or event modules installed, user time zone settings will fallback to the system time zone and will have to be reconfigured by each user. * User-configured time zones now serve as the default time zone for PHP date/time functions.- Filter system: * Revamped the filter API and text format storage. * Added support for default text formats to be assigned on a per-role basis. * Refactored the HTML corrector to take advantage of PHP 5 features.- User system: * Added clean API functions for creating, loading, updating, and deleting user roles and permissions. * Refactored the "access rules" component of user module: The user module now provides a simple interface for blocking single IP addresses. The previous functionality in the user module for restricting certain e-mail addresses and usernames is now available as a contributed module. Further, IP address range blocking is no longer supported and should be implemented at the operating system level. * Removed per-user themes: Contributed modules with similar functionality are available.- OpenID: * Added support for Gmail and Google Apps for Domain identifiers. Users can now login with their user@domain.com identifier when domain.com is powered by Google. * Made the OpenID module more pluggable.- Added code registry: * Using the registry, modules declare their includable files via their .info file, allowing Drupal to lazy-load classes and interfaces as needed.- Theme system: * Removed the Bluemarine, Chameleon and Pushbutton themes. These themes live on as contributed themes (http://drupal.org/project/bluemarine, http://drupal.org/project/chameleon and http://drupal.org/project/pushbutton). * Added Stark theme to make analyzing Drupal's default HTML and CSS easier. * Added Seven theme as the default administration interface theme. * Variable preprocessing of theme hooks prior to template rendering now goes through two phases: a 'preprocess' phase and a new 'process' phase. See http://api.drupal.org/api/function/theme/7 for details. * Theme hooks implemented as functions (rather than as templates) can now also have preprocess (and process) functions. See http://api.drupal.org/api/function/theme/7 for details.- File handling: * Files are now first class Drupal objects with file_load(), file_save(), and file_validate() functions and corresponding hooks. * The file_move(), file_copy() and file_delete() functions now operate on file objects and invoke file hooks so that modules are notified and can respond to changes. * For the occasions when only basic file manipulation are needed--such as uploading a site logo--that don't require the overhead of databases and hooks, the current unmanaged copy, move and delete operations have been preserved but renamed to file_unmanaged_*(). * Rewrote file handling to use PHP stream wrappers to enable support for both public and private files and to support pluggable storage mechanisms and access to remote resources (e.g. S3 storage or Flickr photos). * The mime_extension_mapping variable has been removed. Modules that need to alter the default MIME type extension mappings should implement hook_file_mimetype_mapping_alter(). * Added the hook_file_url_alter() hook, which makes it possible to serve files from a CDN. * Added a field specifically for uploading files, previously provided by the contributed module FileField.- Image handling: * Improved image handling, including better support for add-on image libraries. * Added API and interface for creating advanced image thumbnails. * Inclusion of additional effects such as rotate and desaturate. * Added a field specifically for uploading images, previously provided by the contributed module ImageField.- Added aliased multi-site support: * Added support for mapping domain names to sites directories.- Added RDF support: * Modules can declare RDF namespaces which are serialized in the <html> tag for RDFa support. * Modules can specify how their data structure maps to RDF. * Added support for RDFa export of nodes, comments, terms, users, etc. and their fields.- Search engine optimization and web linking: * Added a rel="canonical" link on node and comment pages to prevent duplicate content indexing by search engines. * Added a default rel="shortlink" link on node and comment pages that advertises a short link as an alternative URL to third-party services. * Meta information is now alterable by all modules before rendering.- Field API: * Custom data fields may be attached to nodes, users, comments and taxonomy terms. * Node bodies and teasers are now Field API fields instead of being a hard-coded property of node objects. * In addition, any other object type may register with Field API and allow custom data fields to be attached to itself. * Provides most of the features of the former Content Construction Kit (CCK) module. * Taxonomy terms are now Field API fields that can be added to any fieldable object.- Installer: * Refactored the installer into an API that allows Drupal to be installed via a command line script.- Page organization * Made the help text area a full featured region with blocks. * Site mission is replaced with the highlighted content block region and separate RSS feed description settings. * The footer message setting was removed in favor of custom blocks. * Made the main page content a block which can be moved and ordered with other blocks in the same region. * Blocks can now return structured arrays for later rendering just like page callbacks.- Translation system * The translation system now supports message context (msgctxt). * Added support for translatable fields to Field API.- JavaScript changes * Upgraded the core JavaScript library to jQuery version 1.4.2. * Upgraded the jQuery Forms library to 2.36. * Added jQuery UI 1.8, which allows improvements to Drupal's user experience.- Better module version support * Modules now can specify which version of another module they depend on.- Removed modules from core * The following modules have been removed from core, because contributed modules with similar functionality are available: * Blog API module * Ping module * Throttle module- Improved node access control system. * All modules may now influence the access to a node at runtime, not just the module that defined a node. * Users may now be allowed to bypass node access restrictions without giving them complete access to the site. * Access control affects both published and unpublished nodes. * Numerous other improvements to the node access system.- Actions system * Simplified definitions of actions and triggers. * Removed dependency on the combination of hooks and operations. Triggers now directly map to module hooks.- Task handling * Added a queue API to process many or long-running tasks. * Added queue API support to cron API. * Added a locking framework to coordinate long-running operations across requests.
Changelog comments: 0.7.21 (15th Apr, 2010 - 23rd May, 2010) * r11545 - new version: 0.7.21 - auto * r11544 - additional preference check * r11543 - Additional checking * r11541 - more restrictive checking * r11538 - Extra checking * r11523 - Allow theming of background when no category icon defined * r11521 - Update permissions * r11520 - Bug #4946 possible fix - remove unused/conflicting LAN definitions * r11518 - Bug #4945 possible fix - 'extra' main admins editing other users * r11512 - Bug #4938 - disable unused LAN * r11510 - Bug #4944 - spurious characters in links * r11499 - Bug #4943 - new by reference deprecated - more found (thanks Fanatik) * r11495 - Bug #4943 - new by reference deprecated * r11492 - Docs now in wiki * r11483 - EONE-70 (Bug): login_menu no longer shows banned or pending users as 'new'Files changed: * /trunk/e107_0.7 * /trunk/e107_0.7/class2.php * /trunk/e107_0.7/comment.php * /trunk/e107_0.7/e107_admin/ver.php * /trunk/e107_0.7/e107_files/bbcode/php.bb * /trunk/e107_0.7/e107_handlers/e_parse_class.php * /trunk/e107_0.7/e107_languages/English/admin/lan_theme.php * /trunk/e107_0.7/e107_languages/English/lan_user.php * /trunk/e107_0.7/e107_languages/English/lan_usersettings.php * /trunk/e107_0.7/e107_plugins/calendar_menu/calendar_menu.php * /trunk/e107_0.7/e107_plugins/calendar_menu/readme.pdf * /trunk/e107_0.7/e107_plugins/forum/forum_mod.php * /trunk/e107_0.7/e107_plugins/login_menu/login_menu.php * /trunk/e107_0.7/e107_plugins/pm/pm.php * /trunk/e107_0.7/e107_plugins/pm/pm_update.php * /trunk/e107_0.7/e107_plugins/tree_menu/config.php * /trunk/e107_0.7/e107_plugins/tree_menu/tree_menu.php * /trunk/e107_0.7/signup.php * /trunk/e107_0.7/usersettings.php
Changelog comments: 0.7.22 (23rd May, 2010 - 27th May, 2010) * r11554 - new version: 0.7.22 - auto * r11553 - Reinstating LAN_120 and LAN_122 due to issue with usersettings.php page..thanks rgk * r11552 - EONE-89 (Bug): Ensure news userclass is set to 255 (nobody) if no class checkboxes are selected. * r11551 - More _referer related fixes * r11550 - Added __referer check to several pages * r11549 - Handle some startup conditions * r11548 - Notice removalFiles changed: * /trunk/e107_0.7/e107_admin/banlist.php * /trunk/e107_0.7/e107_admin/prefs.php * /trunk/e107_0.7/e107_admin/updateadmin.php * /trunk/e107_0.7/e107_admin/userclass2.php * /trunk/e107_0.7/e107_admin/users.php * /trunk/e107_0.7/e107_admin/users_extended.php * /trunk/e107_0.7/e107_admin/ver.php * /trunk/e107_0.7/e107_handlers/e_parse_class.php * /trunk/e107_0.7/e107_handlers/news_class.php * /trunk/e107_0.7/e107_languages/English/lan_usersettings.php
Autor
Thema: CMS (content management system) Software diverses (Gelesen 56898 mal)
