J! 3.3.6 and 2.5.27 Security Releases and Shellshock

Joomla 3.3.6 and Joomla 2.5.27 have been released.

Shellshock is a real threat

Both packages are high priority security releases. So, all Joomla 3.X websites should upgrade to Joomla 3.3.6 and all Joomla 2.5 series to Joomla 2.5.27. According to the Joomla technical requirements, the Joomla 3.3.6 release will only work on PHP versions 5.3.10 or better.

Here is a quick summary that will help you decide:

If your website is using

  • a Joomla 2.5.X version, you should update to Joomla 2.5.27 and plan to update to Joomla 3.X as soon as possible since support for Joomla 2.5 stops end of this year.
  • a Joomla 3.3.X version, you should update to Joomla 3.3.6.
  • a Joomla 3.2.X version (because 3.2.X still supports PHP 5.3.1 through 5.3.9), you should update to Joomla 3.2.7.

As usual backup before upgrading your Joomla websites and verify that all third party extensions (including your template) are compatible. do-more-33n_480 J! 3.3.6 and 2.5.27 Security Releases and Shellshock | ::: PHMC GPE LLC :::: Marketing & Corp. Communication Agency

In case you upgraded to 2.5.26/3.2.6/3.3.5

If you had previously upgraded to one of the "short-lived" 2.5.26/3.2.6/3.3.5 releases in which an upgrader bug slipped in, you will notice that the one-click upgrade method will not work to upgrade to 2.5.27/3.2.7/3.3.6. Instead, you would need to use one of the alternative upgrade methods B or C.

Shellshock is a real threat

Disclosed on September 24th, 2014, Shellshock, also known as Bashdoor, is a family of security bugs affecting the widely used Unix Bash shell. Simply put, this bug allows remote attackers to execute arbitrary code on hosting environments using unpatched Bash shells.

Security wise, this ia as bad as it gets and the potential harm that can be inflicted is enormous. Everyone needs to take action now to either patch their hosts as needed or make sure that their hosting environments are secure.

So, if you are in charge of maintaining a host that has a Unix Bash shell, you need to patch it now. Also make sure that you upgrade all your computers and network and any other embedded equipment that might contain bash. Also old ones, since that security bug is present and got unnoticed since 22 years.

Even though you might not be aware that you are using a Bash shell, your webserver environment might be using it to execute your Joomla PHP.

If you have a website that is being hosted somewhere, you need to contact the host helpdesk and confirm that your environment is secure against this bug.

eykws250x50 J! 3.3.6 and 2.5.27 Security Releases and Shellshock | ::: PHMC GPE LLC :::: Marketing & Corp. Communication Agency

 

 

acacia J! 3.3.6 and 2.5.27 Security Releases and Shellshock | ::: PHMC GPE LLC :::: Marketing & Corp. Communication Agencyanchor J! 3.3.6 and 2.5.27 Security Releases and Shellshock | ::: PHMC GPE LLC :::: Marketing & Corp. Communication Agency

 

CB_Sketch_01-250 J! 3.3.6 and 2.5.27 Security Releases and Shellshock | ::: PHMC GPE LLC :::: Marketing & Corp. Communication Agency

 

X-Pulse, The Ho1.us Think Tank

sngine_3a6149782b1d3edd59f93c5d9e480374 J! 3.3.6 and 2.5.27 Security Releases and Shellshock | ::: PHMC GPE LLC :::: Marketing & Corp. Communication Agency

 

X-Pulse a Reg TM® of PHMC GPE LLC 



At a Glance...

We believe in what we do, and that it is worth doing well. Others may see this as a cost-adding factor.
We at PHMC GPE believe that our working model will bring added value for our Customers to strengthen their businesses.
PHMC GPE LLC is an innovative company constantly keeping its knowledge and skills up-to-date. We are providing solutions to our clients meeting ROI and maintaining profitability.
PHMC GPE LLC is constantly working on new innovations. This ensures our clients to get flexible and scalable solutions.

 

Holistic Overview #1



TipsBuilderWS-Bot J! 3.3.6 and 2.5.27 Security Releases and Shellshock | ::: PHMC GPE LLC :::: Marketing & Corp. Communication Agency

Holistic Overview #1


Holistic Overview #1

Social PHMC GPE


GDPR Compliant acacia J! 3.3.6 and 2.5.27 Security Releases and Shellshock | ::: PHMC GPE LLC :::: Marketing & Corp. Communication Agencyanchor J! 3.3.6 and 2.5.27 Security Releases and Shellshock | ::: PHMC GPE LLC :::: Marketing & Corp. Communication Agency

Company Offices

 

  • usa J! 3.3.6 and 2.5.27 Security Releases and Shellshock | ::: PHMC GPE LLC :::: Marketing & Corp. Communication AgencyNewark USA
    uk J! 3.3.6 and 2.5.27 Security Releases and Shellshock | ::: PHMC GPE LLC :::: Marketing & Corp. Communication AgencyLondon UK
    usa J! 3.3.6 and 2.5.27 Security Releases and Shellshock | ::: PHMC GPE LLC :::: Marketing & Corp. Communication Agency Broadway USA

 

 

X-Pulse, The Ho1.us Think Tank

sngine_3a6149782b1d3edd59f93c5d9e480374 J! 3.3.6 and 2.5.27 Security Releases and Shellshock | ::: PHMC GPE LLC :::: Marketing & Corp. Communication Agency

 

X-Pulse a Reg TM® of PHMC GPE LLC 

Marketing and Corporate Communication Agency, Print, ON and OFF Line...

TipsBuilderWS-Bot J! 3.3.6 and 2.5.27 Security Releases and Shellshock | ::: PHMC GPE LLC :::: Marketing & Corp. Communication Agency

Positioned to Influence... Appointed to succeed !