Joomla 1.0.4 [Sundial ]

Вышла новая версия Joomla 1.0.4. Никаких нововведений в Joomla 1.0.4 нет, пофиксены всяческие ошибки и закрыты потенциальные дыры в безопасности. Разработчики рекомендуют установить обновления до версии 1.0.4.

Перечень исправлений Joomla 1.0.4

Critical Level Threat
 * Potentional XSS injection through GET and other variables
 * Hardened SEF against XSS injection
 
Low Level Threat
 * Potential SQL injection in Polls modules through the Itemid variable
 * Potential SQL injection in several methods in mosDBTable class
 * Potential misuse of Media component file management functions
 * Add search limit param (default of 50) to `Search` Mambots to prevent search flooding
 
---
 
 # Fixed Artifact artf1967 displays with an escaped apostrophe in both title and TOC.
 * SECURITY: Hardened SEF against XSS injection
 # replaced charset=utf-8 to charset=iso-8859-1 in language file
 * SECURITY: Fixed XSS injection of global variable through the _GET array
 ^ Replaced install.png with new image
 - Reverted artf2139 : admin menu xhtml
 + Added clone function for PHP5 backwards compatibility
 # Fixed artf2137 : editorArea xhtml
 # Fixed artf2139 : admin menu xhtml
 # Fixed artf2136 : Admin menubar valid xhtml
 # Fixed artf2135 : Admin invalid xhtml
 # Fixed artf2140 : mosMenuBar::publishList
 # Fixed artf2027 : uploading images from custom component
 # PERFORMANCE: Fixed artf1993 : Inefficient queries in com_content
 # Fixed artf2021 : artf1791 : Failed Login results in redirect to referring page
 # Fixed artf2021 : appendMetaTag() prepends instead of appends
 # Fixed artf1981 : incorrect url's at next/previous links at content items
 # Fixed artf2079 : SQL error in category manager thru contact manager
 # Fixed artf1586 : .htaccess - RewriteEngine problem
 # Fixed artf1976 : Check for custom icon in mod_quickicon.php
 # Fixed issue with RSS module not displaying inside module rendering wrapper
 # Fixed contact component dropdown select category bug
 # Fixed mod_quickicon `redeclaration of function` error possibilities
 # Fixed  artf1648 : tinyMCE BR and P elements
 # Fixed artf1700 : TinyMCE doesn't support relative URL's for images
 * SECURITY: Fixed artf1978 : mod_poll SQL Injection Vulnerability [ Low Level Security Bug ]
 * SECURITY: Fixed SQL injection possibility in several mosDBTable methods [ Low Level Security Bug ]
 * SECURITY: Fixed malicious injection into filename variables in com_media [ Low Level Security Bug ]
 ^ mosDBTable::publish_array renamed to publish
 ^ mosDBTable::save no longer updates the ordering (must now be done separately)
 * SECURITY: Add search limit param (default of 50) to `Search` Mambots to prevent search flooding  
    [ Low Level Security Bug ]
 # Fixed custom() & customX() functions in menu.html.php no checking for image in /administrator/images/
 # Fixed artf1953 : Page Class Suffix in Contacts component
 # Fixed artf1945 : mosToolTip not generating valid xhtml
 + modduleclass_sfx support to mod_poll
 # Fixed artf1902 : Incorrect number of table cells in mod_poll
 # Fixed bug which prevented component uninstall if another XML file was in the directory
 # Fixed artf1888 : linkable [category|section] URL incorrect
 # Fixed artf1620 : Hardcoded words in pdf.php
 # Fixed artf1887 : Content: Bug in creation date generation
 # Fixed artf1277 : News Feed Display Bad Accent character
 # Fixed artf1739 : Problem with the menuitem type url and assigned templates and modules
 # Fixed artf1574 : Who is online after update to Joomla 1.0.3 no more work correctly
 # Fixed artf1666 : Notice: on component installation
 # Fixed artf1573 : Manage Banners | Error in Field Name
 # Fixed artf1597 : Small bug in loadAssocList function in database.php
 # Fixed artf1832 : Logout problem
 # Fixed artf1769 : Undefined index: 2 in includes/joomla.php on line 2721
 # Fixed artf1749 : Email-to-friend is NOT actually from friend
 # Fixed artf1591 : page is expired at installation
 # Fixed artf1851 : 1.0.2 copy content has error
 # Fixed artf1569 : Display of mouseover in IE gives a problem with a dropdown-box
 # Fixed artf1869 : Poll produces MySQL-Error when accessed via Component Link
 # Fixed artf1694 : 1.0.3 undefined indexes filter_sectionid and catid on "Add New Content"
 # Fixed artf1834 : English Localisation
 # Fixed artf1771 : Wrong mosmsg
 # Fixed artf1792 : "Receive Submission Emails" label is misleading
 # Fixed artf1770 : Undefined index: HTTP_USER_AGENT
 ^ Upgraded TinyMCE Compressor [1.02]
 ^ Upgraded TinyMCE [2.0 RC4]
 # Fixed artf1671 : Media Manager
 # Fixed artf1814 : Tab Class wrong
 # Fixed artf1086 : Icons at the control panel fall apart
 # Fixed bug where a new database object with the same username, password and host but different database    name would kill Joomla! 
 # Fixed artf1733 : $contact->id used instead of $Itemid
 # Fixed artf1654 : base url above title tag
 # Fixed artf1738 : Registration - javascript alert
 # Fixed artf1695 : Show Empty Categories in Section does not work
 # Fixed artf1710 : Unnecessary queries (optimization)
 # Fixed artf1711 : Missing whitespace in search results
 # Fixed artf1706 : Mambo logo not removed from admin images
 # Fixed artf1708 : Search CMT: Hardcoded date format
 # Fixed artf1689 : Joomla! Installer - Wording still not correct
 # Fixed artf1692 : email and print buttons (maybe also the PDF) does not validate
 # Fixed missing autoclear in "list-item" stock template
 # Fixed artf1577 : MenuLink Blog section error
  Applyed Feature Requests:
^ Artifact artf1282 : Easier sorting of static content in creating menu links
^ Artifact artf1162 : Remove hardcoding of <<, <, > and >> in pageNavigation.php