Community Builder Update!!
-
-
- JEM
- Preeminent Rocketeer
- Posts: 17917
- Thanks: 4
-
In case you're not on the mailing list:
We have received yesterday a private report from a Joomlapolitan about a critical vulnerability of CB 1.1, that we could now reproduce and confirm.
Community Builder 1.2 and 1.2.1 (as well as all CB 1.2 RC releases) are safe to our knowledge and NOT affected, as the corresponding CB 1.0/1.1 code has been entirely rewritten for CB 1.2.
CB 1.1 vulnerability is critical, highest level.
Our researches indicate that no exploit for this vulnerability is public, and that this vulnerability is not yet published on the Internet, but we might be wrong or it can happen anytime. So please, please, *urgently* upgrade now all your sites and forward this message to people using old CB releases! Thank you!
CB 1.1 has been released almost 2 years ago on August 9th 2007, without any discovered exploitable vulnerabilities and exploits during almost 2 years up to yesterday.
CB 1.2 stable has been released 27 January 2009, almost 6 months ago now, introduces many new levels of security, and is a very smooth upgrade to CB 1.1 and earlier (there is a README_UPGRADE.txt file in package), CB 1.2.1, released less than a month ago, fixes all reported issues of CB 1.2, so is really stable. CB development continues full steam ahead with an expanded team. - Thanks,
jim
-
-
-
- Nanci Memory
- Preeminent Rocketeer
- Posts: 5763
- Thanks: 3
-
Time to create page: 0.069 seconds