Joomla! 2.5.7 Released

The Joomla Project is pleased to announce the immediate availability of Joomla 2.5.7. This is a security release. The Production Leadership Team's goal is to continue to provide regular, frequent updates to the Joomla community. Learn more about Joomla! development at the Developer Site.

The update process is very simple, and complete instructions are available here. Note that there are now easier and better ways of updating than copying the files with FTP.

Download

New Installations: Click here to download Joomla 2.5.7 (Full package) »

Update Package: Click here to download Joomla 2.5.7 (Update package) »

Note: Please read the update instructions before updating.

Instructions

Want to test drive Joomla? Try the online demo. Documentation is available for beginners.

Please note that you should always backup your site before upgrading.

Release Notes

Check the Joomla 2.5.7 Post-Release FAQs to see if there are important items and helpful hints discovered after the release.

Statistics for the 2.5.7 release period

  • Joomla 2.5.7 contains:
    • 1 new feature added
    • 2 Security issues fixed
    • 42 tracker issues fixed

New Feature Added

Security Issues Fixed

  • Low Priority - Core - XSS Vulnerability.
  • Low Priority - Core - XSS Vulnerability.

Tracker Issues Fixed

IDSummary/Link
24628 htmlspecialchars() and multiple menu modules of the same menu. Thanks Rouven
27806 *User with spaces as password can not log in. Thanks Rouven
27933 Smart Search module does not read static filter setting from module parameters. Thanks Chris
28405 Smart Search - CLI Indexer doesn't catch exceptions. Thanks Michael
28863 Custom sample data install issue with driver mysql. Thanks Mihaly and Michael
28858 Com_finder missing show_advanced_tips parameter => can't hide advanced tips. Thanks Michael
28853 Template fails to copy. Thanks Mark
28985 JFile class not loaded when use cache handler != file. Thanks Julio.
28449 captcha cause fatal error when the "captcha" field is not present in "configuration.php" after an upgrade. Thanks Elin.
28951 Increase stability in language installer. Thanks Javier. Prevents non installable packs to display in Install Languages manager
28039 Using Chrome for Android generates an error in browser.php (line 562)
25295 Email exposed through RSS and Atom feeds. Thanks Elin and Peter
28795 mod_articles_category "read more" truncation not functioning properly. Thanks Elin.
28855 Fix Array to string conversion notices (PHP 5.4 only).Thanks Rouven
25663 Can't build admin menu item error while (re)installing component. Thanks Nicholas.
28877 Overriding settings in the language xx-XX.localise.php
28846 *When URL Language Code is removed language switcher module redirects to URL without .html suffix. Thanks Dennis
28837 Can't get past step 4 "Database Configuration". Thanks Shaun.
28535 Joomla 2.5.4 Timezones being doubled. Thanks Christophe and Andrea
28034 White page on contact form with SEO enabled. Thanks Nikolai
28743 Update TinyMCE to version 3.5.4.1. Thanks Rouven
28510 DB error "session" table Duplicate entry. Thanks Rob
28785 mod_wrapper doesn't support iframe without border. Thanks Andrea Sisti
28770 Loss of data when editing an article through the front end. Thanks Franz
28779 *JS error in page 6 of installation. Thanks Michael
28741 E_STRICT: JArrayHelper::pivot should be declared as static. Thanks Christophe.
28776 Replace DS with DIRECTORY_SEPARATOR in com_media. Thanks Michael
28763 Make the field for installing sample data easier to use (Elin Waring)
28751 *Copy Template Feature - language files have capital letters (Jean-Marie Simonet)
28647 Registration form: language override for "Name" label causes side effects (Johannnes S-F)
28759 Undefined property: JSite::$registeredurlparams (Rouven Weßling)
28713 Article Media Manager: 'This file is too large to upload' appears in a Media Manager screen
28733 administrator/mod_menu Bug! Thanks Sebastian
28745 mailto fatal error when sending article-mail in joomla 2.5.6. Thanks Rouven.
28682 Articles appearing in title. Thanks Christophe
28730 Use the MVC legacy aliases in the administrator (Rouven Weßling)
28683 Replace uses of JHtml::core() (Michael Babker)
28736 Don't use APIs not present in Platform 12.2 (Rouven Weßling)
28690 Wrong Content Type for JSON response (Elijah Madden)
28651 Security concern: passwords should not be sent via email (Johannes S-F)
28738 Add more sniffs to the code style checker (Rouven Weßling)
28709 Commit of progress bar feature missed a layout file. Thanks Mark

Joomla! Bug Squad

Thanks to the Joomla Bug Squad for their dedicated efforts investigating reports, fixing problems, and applying patches to Joomla. If you find a bug in Joomla, please report it on the Joomla! CMS Issue Tracker.

Active members of the Joomla Bug Squad during this last release cycle include: Aaron Wood, Andrea Tarr, Bill Richardson, Brian Teeman, Christophe Demko, Dean Clarke, Dennis Hermacki, Elin Waring, Emerson Rocha Luiz, Harald Leithner, Itamar Elharar, Jacob Waisner, James Brice, Janich Rasmussen, Jean-Marie Simonet, Kevin Griffiths, Loyd Headrick, Marijke Stuivenberg, Marius van Rijnsoever, Mark Dexter, Matt Thomas, Michael Babker, Neil McNulty, Nicholas Dionysopoulos, Nick Savov, Nikolai Plath, Ofer Cohen, Peter Wiseman, rachmat wakjaer, Radek Suski, rob clayburn, Roland Dalmulder, Rouven Weßling, Rune Sjøen, Samuel Moffatt, Shaun Maunder, Soheil Novinfard, Troy Hall, Viet Vu.

Bug Squad Leadership: Mark Dexter, Coordinator; Elin Waring and Marijke Stuivenberg, Team Leaders.

Joomla! Security Strike Team

A big thanks to the Joomla! Security Strike Team for their ongoing work to keep Joomla secure. Members include: Airton Torres, Alan Langford, Bill Richardson, Elin Waring, Gary Brooks, Jason Kendall, Jean-Marie Simonet, Jeremy Wilken, Marijke Stuivenberg, Mark Dexter, Michael Babker, Rouven Weßling, Samuel Moffatt.