As of 05 November, 2010 the latest version of Joomla 1.5.22 has been released. While the beta testing of 1.6 continues and slowly underway to a public release the Joomla Bug Squad has identified potential security risks in 1.5.21 and previous version of Joomla. While in most cases it isn’t critical for an update to the latest version of Joomla the Bug Squad highly recommends that everyone does indeed update their Joomla version to its latest release. Updating your Joomla installation can truly be a 1 minute procedure with the help of one of its components.
Before you proceed any further I would highly advise that you create a backup of your MySQL database in case something goes wrong. It’s merely a safety precaution and you’re better off being safe than sorry. Once you’re ready to upgrade your Joomla 1.5.x installation to 1.5.22 please follow the short steps below.
- Log in to the administration area of your Joomla website by going to http://www.myjoomladomain.com/administrator
- In a separate tab or window of your browser download the Update Manager component for Joomla 1.5.x and install it as you would normally perform a component installation.
- Once you’ve installed the Updated Manager Component for Joomla 1.5.x select it by going to Components – Update Manager. Select the Download the Updated File link that has been provided to you and Joomla will automatically download the latest Joomla package.
- Choose the Patch Package version when prompted on which of the two to choose. A full package is not required for upgrading from 1.5.x. to 1.5.22.
- Upgrade Completed! That’s it.
If you happen to run across some errors during this process then there may be a corrupt table in your database that will need to be repaired. You can do this by logging into PhpMyAdmin and accessing the appropriate database. Worse case scenario you will get a white page after attempting to complete the upgrade at which point you’ll have to clearly restore your site by reverting back to the original database that you previously made a copy of (and I hope that you did as well).
Security Fixes in Joomla 1.5.22
The upgrade release notes indicate that Joomla 1.5.21 contains a core SQL vulnerability for a possible database injection. Even though this is a low priority risk if you’re running a Joomla website in a production environment I would highly suggest that you upgrade your Joomla installation. If you’re interested in keeping tabs on securities for Joomla you can learn more about the Joomla! Security Strike Team whose sole purpose is to protect Joomla from security breaches.