IMPORTANT UPDATE EFFECTIVE 25 APRIL 2010: Version 1.5.16 contains two serious bugs that will affect your site if you use a version of PHP prior to 5.2 or if you have the Session Handler parameter set to None in Global Configuration. To correct these issues, version 1.5.17 is scheduled to be released on 27 April 2010. If you haven't already upgraded to version 1.5.16, you may wish to wait for version 1.5.17 instead. Reproducible: Always
Thanks for the warning. I don't think that Joomla 1.5.16 will ever hit the tree. Joomla 1.5.17 should enter it in the next days.
Joomla 1.5.16 was already in the tree. 1.5.17 has been released.
(In reply to comment #2) > Joomla 1.5.16 was already in the tree. 1.5.17 has been released. > Opps, you're right. I asked fauli to bump it yesterday.
Okay, thanks for the report. As .16 fixed a few other vulnerabilities, please don't forget to remove .15 and .16 after bumping to .17.
(In reply to comment #4) > Okay, thanks for the report. > > As .16 fixed a few other vulnerabilities, please don't forget to remove .15 and > .16 after bumping to .17. Sorry guys, my laptop was stolen last week and I am not able to do any Gentoo related work for the next couple of weeks. As I announced it to the teams I work in I forgot security. Bump should be straightforward.
Bumped. ~3 → noglsa.