Joomla! 1.0.3 [Sunlight] is now available on the forge for download here.
This is a Security Release, which means it contains fixes for several Security Vulnerabilities.
We highly recommend that you upgrade to this version.
1.0.3 is available as a Full Package, which contains all Joomla! files and a Patch Package which contains only the files that have been changed by the Security work conducted.
1.0.3 Changelog
1.0.3 Version Information
Security Vulnerabilities
1.0.3 Contains fixes for 4 Security Vulnerabilities.
Medium Level Threat
- SQL injection bug in content submission
- Affects all previous versions of Joomla! and Mambo 4.5.2.x series
Low Level Threats
- Bug when 2 logged in and try to edit the same content
- Affects all previous versions of Joomla! and Mambo 4.5.2.x series - Search Component flooding, by limiting searching to between 3 and 20 characters
- Affects all previous versions of Joomla! and Mambo 4.5.2.x series - Shows Items to unauthorized users
- Affects Joomla! 1.0.2 only
Upgrade Instructions
To update from Joomla! 1.0.2, all you have to do is simply overwrite files from the 1.0.2 to 1.0.3 Patch Package.
To update from Joomla! 1.0.1, all you have to do is simply overwrite files from the 1.0.1 to 1.0.3 Patch Package.
To update from Joomla! 1.0.0, all you have to do is simply overwrite files from the 1.0.0 to 1.0.3 Patch Package.
Conversion Instructions
For those converting from Mambo 4.5.2.x please read these Migration instructions.
You need to download the Joomla 1.0.3 Full package.
Thank you to the community for their continued assistance in helping us make Joomla 1.0.x more stable.
Rey Gigataras [stingrey]
Joomla! Software Coding and Design
Stability Team Leader