Couple days ago, the Joomla core team announced the released of Joomla 1.5 RC1 and Joomla 1.0.13. The team also said that they expect Joomla 1.5 RC2 will be released next August, so that means they are getting closer to Joomla 1.5 stable release.
Mean while Joomla 1.0.13 is released to fix some low level security vulnerability and some minor bug in the previous Joomla version. Among the fixed security are:
- HRS attack on variable “url”.
- Multiple fields subjected to cross-site scripting vulnerabilities.
- Fixed possible session fixation vulnerability in administrator application.
The Joomla core team also said that they will still continue the support for Joomla 1.0.xx series. Joomla! would continue to support the legacy code for the old codebase for quite some time.