| Security update : October 23, 2007 |
|
Hello, Here are the details : A - If you are using version up to and including 1.2.4.s, there is no vulnerability, and you don't need to take any action B - If you are using version 1.2.4.t or version 1.2.4.u, you need to patch your site : 1 - download the appropriate patch file from Joomlacode (sef404_t2.zip for version 1.2.4.t, or sef404_u2.zip for version 1.2.4.u)2 - unzip this file on your local computer. This will give you a sef404.php file 3 - upload using ftp this new file into the /components/com_sef directory, replacing the existing one C - if you are using version 1.2.4.w, you can either patch your site, or uninstall/re-install new version w2 Patching your site : 1 - download the appropriate patch file from Joomlacode (sef404_w2.zip)2 - unzip this file on your local computer. This will give you a sef404.php file 3 - upload using ftp this new file into the /components/com_sef directory, replacing the existing one Installing new version : 1 - Download the new version 1.2.4.w2, availaible now from Joomlacode2 - using joomla installer, UN-install the current w version from your site 3 - using Joomla installer, install the new version w2 All settings and data will be preserved in this process Very soon I'll be releasing next version of sh404SEF, which has a set of security features to avoid this kind of issues as much as possible, not only in sh404SEF, but in other Joomla extensions. In the mean time, I hope damages will be limited. I'll be available as much as can be at http:/:extensions.siliana.net to assist you in the upgrade process if needed. Your sincerely shumisha |
