0byt3m1n1
Path:
/
home
/
kassiope
/
OLD
/
00-OLD
/
administrator
/
cache
/
[
Home
]
File: 3c788c8140c244baa4de05cad390c937.spc
a:4:{s:5:"child";a:1:{s:0:"";a:1:{s:3:"rss";a:1:{i:0;a:6:{s:4:"data";s:3:" ";s:7:"attribs";a:1:{s:0:"";a:1:{s:7:"version";s:3:"2.0";}}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";s:5:"child";a:1:{s:0:"";a:1:{s:7:"channel";a:1:{i:0;a:6:{s:4:"data";s:50:" ";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";s:5:"child";a:3:{s:0:"";a:7:{s:5:"title";a:1:{i:0;a:5:{s:4:"data";s:38:"Joomla! Developer - Vulnerability News";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:11:"description";a:1:{i:0;a:5:{s:4:"data";s:274:"Not only is Joomla! easy to use, but it is easy to add extra functionality through a flexible and powerful developer framework. The Joomla! Framework allows you to build exceptional extensions for Joomla! including components, modules, plugins, templates and language packs.";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"link";a:1:{i:0;a:5:{s:4:"data";s:46:"http://developer.joomla.org/security/news.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:13:"lastBuildDate";a:1:{i:0;a:5:{s:4:"data";s:31:"Wed, 26 May 2010 09:45:12 +0000";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:9:"generator";a:1:{i:0;a:5:{s:4:"data";s:44:"Joomla! 1.5 - Open Source Content Management";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:8:"language";a:1:{i:0;a:5:{s:4:"data";s:5:"en-gb";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"item";a:10:{i:0;a:6:{s:4:"data";s:31:" ";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";s:5:"child";a:2:{s:0:"";a:7:{s:5:"title";a:1:{i:0;a:5:{s:4:"data";s:56:"[20100423] - Core - Negative Values for Limit and Offset";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"link";a:1:{i:0;a:5:{s:4:"data";s:120:"http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/K3rjMh4AvSE/311-20100423-core-negative-values-for-limit-and-offset.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"guid";a:1:{i:0;a:5:{s:4:"data";s:101:"http://developer.joomla.org/security/news/311-20100423-core-negative-values-for-limit-and-offset.html";s:7:"attribs";a:1:{s:0:"";a:1:{s:11:"isPermaLink";s:5:"false";}}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:11:"description";a:1:{i:0;a:5:{s:4:"data";s:1227:"<ul> <li><strong>Project:</strong> Joomla!</li> <li><strong>SubProject:</strong> All</li> <li><strong>Severity: </strong>Moderate</li> <li><strong>Versions:</strong> 1.5.15 and all previous 1.5 releases</li> <li><strong>Exploit type:</strong> information Disclosure</li> <li><strong>Reported Date:</strong> 2010-Feb-21</li> <li><strong>Fixed Date:</strong> 2010-Apr-23</li> </ul> <h2>Description</h2> <p>If a user entered a URL with a negative query limit or offset, a PHP notice would display revealing information about the system.</p> <h2>Affected Installs</h2> <p>All 1.5.x installs prior to and including 1.5.15 are affected.</p> <h2>Solution</h2> <p>Upgrade to the latest Joomla! version (1.5.16 or later)</p> <p>Reported by Security List</p> <h2>Contact</h2> <p>The JSST at the <a title="Contact the JSST" href="http://developer.joomla.org/security.html">Joomla! Security Center</a>.</p><div class="feedflare"> <a href="http://feeds.joomla.org/~ff/JoomlaSecurityNews?a=K3rjMh4AvSE:926N0T6smCU:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/JoomlaSecurityNews?d=yIl2AUoC8zA" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/JoomlaSecurityNews/~4/K3rjMh4AvSE" height="1" width="1"/>";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:6:"author";a:1:{i:0;a:5:{s:4:"data";s:36:"dextercowley@gmail.com (Mark Dexter)";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:8:"category";a:1:{i:0;a:5:{s:4:"data";s:13:"Core Security";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:7:"pubDate";a:1:{i:0;a:5:{s:4:"data";s:31:"Fri, 23 Apr 2010 17:31:43 +0000";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}s:42:"http://rssnamespace.org/feedburner/ext/1.0";a:1:{s:8:"origLink";a:1:{i:0;a:5:{s:4:"data";s:101:"http://developer.joomla.org/security/news/311-20100423-core-negative-values-for-limit-and-offset.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}}}i:1;a:6:{s:4:"data";s:31:" ";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";s:5:"child";a:2:{s:0:"";a:7:{s:5:"title";a:1:{i:0;a:5:{s:4:"data";s:46:"[20100423] - Core - Installer Migration Script";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"link";a:1:{i:0;a:5:{s:4:"data";s:110:"http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/QLis4AG_-cs/310-20100423-core-installer-migration-script.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"guid";a:1:{i:0;a:5:{s:4:"data";s:91:"http://developer.joomla.org/security/news/310-20100423-core-installer-migration-script.html";s:7:"attribs";a:1:{s:0:"";a:1:{s:11:"isPermaLink";s:5:"false";}}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:11:"description";a:1:{i:0;a:5:{s:4:"data";s:1276:"<ul> <li><strong>Project:</strong> Joomla!</li> <li><strong>SubProject:</strong> All</li> <li><strong>Severity: </strong>Low</li> <li><strong>Versions:</strong> 1.5.15 and all previous 1.5 releases</li> <li><strong>Exploit type:</strong> Code upload</li> <li><strong>Reported Date:</strong> 2009-Dec-30</li> <li><strong>Fixed Date:</strong> 2010-Apr-23</li> </ul> <h2>Description</h2> <p>The migration script in the Joomla! installer does not check the file type being uploaded. If the installation application is present, an attacker could use it to upload malicious files to a server.</p> <h2>Affected Installs</h2> <p>All 1.5.x installs prior to and including 1.5.15 are affected.</p> <h2>Solution</h2> <p>Upgrade to the latest Joomla! version (1.5.16 or later)</p> <p>Reported by Nicola Bettini</p> <h2>Contact</h2> <p>The JSST at the <a title="Contact the JSST" href="http://developer.joomla.org/security.html">Joomla! Security Center</a>.</p><div class="feedflare"> <a href="http://feeds.joomla.org/~ff/JoomlaSecurityNews?a=QLis4AG_-cs:naYYLgM-_Fk:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/JoomlaSecurityNews?d=yIl2AUoC8zA" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/JoomlaSecurityNews/~4/QLis4AG_-cs" height="1" width="1"/>";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:6:"author";a:1:{i:0;a:5:{s:4:"data";s:36:"dextercowley@gmail.com (Mark Dexter)";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:8:"category";a:1:{i:0;a:5:{s:4:"data";s:13:"Core Security";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:7:"pubDate";a:1:{i:0;a:5:{s:4:"data";s:31:"Fri, 23 Apr 2010 17:27:34 +0000";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}s:42:"http://rssnamespace.org/feedburner/ext/1.0";a:1:{s:8:"origLink";a:1:{i:0;a:5:{s:4:"data";s:91:"http://developer.joomla.org/security/news/310-20100423-core-installer-migration-script.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}}}i:2;a:6:{s:4:"data";s:31:" ";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";s:5:"child";a:2:{s:0:"";a:7:{s:5:"title";a:1:{i:0;a:5:{s:4:"data";s:38:"[20100423] - Core - Sessation Fixation";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"link";a:1:{i:0;a:5:{s:4:"data";s:102:"http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/KWB_pRZpcP4/309-20100423-core-sessation-fixation.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"guid";a:1:{i:0;a:5:{s:4:"data";s:83:"http://developer.joomla.org/security/news/309-20100423-core-sessation-fixation.html";s:7:"attribs";a:1:{s:0:"";a:1:{s:11:"isPermaLink";s:5:"false";}}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:11:"description";a:1:{i:0;a:5:{s:4:"data";s:1621:"<ul> <li><strong>Project:</strong> Joomla!</li> <li><strong>SubProject:</strong> All</li> <li><strong>Severity: </strong>Moderate</li> <li><strong>Versions:</strong> 1.5.15 and all previous 1.5 releases</li> <li><strong>Exploit type:</strong> Session fixation</li> <li><strong>Reported Date:</strong> 2010-Mar-25</li> <li><strong>Fixed Date:</strong> 2010-Apr-23</li> </ul> <h2>Description</h2> <p>Session id doesn't get modified when user logs in. A remote site may be able to forward a visitor to the Joomla! site and set a specific cookie. If the user then logs in, the remote site can use that cookie to authenticate as that user.</p> <h2>Affected Installs</h2> <p>All 1.5.x installs prior to and including 1.5.15 are affected.</p> <h2>Solution</h2> <p>Upgrade to the latest Joomla! version (1.5.16 or later)</p> <p>Reported by Raúl Siles and Steven Pignataro</p> <p> <meta http-equiv="content-type" content="text/html; charset=utf-8" /></p> <h2>Contact</h2> <p>The JSST at the <a title="Contact the JSST" href="http://developer.joomla.org/security.html">Joomla! Security Center</a>.<a class="contentpagetitle" href="http://developer.joomla.org/../../../../security/news/308-20100423-core-password-reset-tokens.html">[20100423] - Core - Password Reset Tokens</a></p><div class="feedflare"> <a href="http://feeds.joomla.org/~ff/JoomlaSecurityNews?a=KWB_pRZpcP4:YPBfJesr9wI:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/JoomlaSecurityNews?d=yIl2AUoC8zA" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/JoomlaSecurityNews/~4/KWB_pRZpcP4" height="1" width="1"/>";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:6:"author";a:1:{i:0;a:5:{s:4:"data";s:36:"dextercowley@gmail.com (Mark Dexter)";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:8:"category";a:1:{i:0;a:5:{s:4:"data";s:13:"Core Security";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:7:"pubDate";a:1:{i:0;a:5:{s:4:"data";s:31:"Fri, 23 Apr 2010 17:22:05 +0000";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}s:42:"http://rssnamespace.org/feedburner/ext/1.0";a:1:{s:8:"origLink";a:1:{i:0;a:5:{s:4:"data";s:83:"http://developer.joomla.org/security/news/309-20100423-core-sessation-fixation.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}}}i:3;a:6:{s:4:"data";s:31:" ";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";s:5:"child";a:2:{s:0:"";a:7:{s:5:"title";a:1:{i:0;a:5:{s:4:"data";s:41:"[20100423] - Core - Password Reset Tokens";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"link";a:1:{i:0;a:5:{s:4:"data";s:105:"http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/UdLK-p0f7tQ/308-20100423-core-password-reset-tokens.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"guid";a:1:{i:0;a:5:{s:4:"data";s:86:"http://developer.joomla.org/security/news/308-20100423-core-password-reset-tokens.html";s:7:"attribs";a:1:{s:0:"";a:1:{s:11:"isPermaLink";s:5:"false";}}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:11:"description";a:1:{i:0;a:5:{s:4:"data";s:1341:"<ul> <li><strong>Project:</strong> Joomla!</li> <li><strong>SubProject:</strong> All</li> <li><strong>Severity: </strong>Low</li> <li><strong>Versions:</strong> 1.5.15 and all previous 1.5 releases</li> <li><strong>Exploit type:</strong> Unauthorised Access</li> <li><strong>Reported Date:</strong> 2010-Jan-07</li> <li><strong>Fixed Date:</strong> 2010-Apr-23</li> </ul> <h2>Description</h2> <p>When a user requests a password reset, the reset tokens were stored in plain text in the database. While this is not a vulnerability in itself, it allows user accounts to be compromised if there is an extension on the site with an SQL injection vulnerability.</p> <h2>Affected Installs</h2> <p>All 1.5.x installs prior to and including 1.5.15 are affected.</p> <h2>Solution</h2> <p>Upgrade to the latest Joomla! version (1.5.16 or later)</p> <p>Reported by Madis Abel</p> <h2>Contact</h2> <p>The JSST at the <a title="Contact the JSST" href="http://developer.joomla.org/security.html">Joomla! Security Center</a>.</p><div class="feedflare"> <a href="http://feeds.joomla.org/~ff/JoomlaSecurityNews?a=UdLK-p0f7tQ:a7Rqlg8nRSY:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/JoomlaSecurityNews?d=yIl2AUoC8zA" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/JoomlaSecurityNews/~4/UdLK-p0f7tQ" height="1" width="1"/>";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:6:"author";a:1:{i:0;a:5:{s:4:"data";s:36:"dextercowley@gmail.com (Mark Dexter)";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:8:"category";a:1:{i:0;a:5:{s:4:"data";s:13:"Core Security";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:7:"pubDate";a:1:{i:0;a:5:{s:4:"data";s:31:"Fri, 23 Apr 2010 00:00:00 +0000";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}s:42:"http://rssnamespace.org/feedburner/ext/1.0";a:1:{s:8:"origLink";a:1:{i:0;a:5:{s:4:"data";s:86:"http://developer.joomla.org/security/news/308-20100423-core-password-reset-tokens.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}}}i:4;a:6:{s:4:"data";s:31:" ";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";s:5:"child";a:2:{s:0:"";a:7:{s:5:"title";a:1:{i:0;a:5:{s:4:"data";s:42:"[20091103] - Core - Front-End Editor Issue";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"link";a:1:{i:0;a:5:{s:4:"data";s:107:"http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/DZ3tAwNXHSo/305-20091103-core-front-end-editor-issue-.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"guid";a:1:{i:0;a:5:{s:4:"data";s:88:"http://developer.joomla.org/security/news/305-20091103-core-front-end-editor-issue-.html";s:7:"attribs";a:1:{s:0:"";a:1:{s:11:"isPermaLink";s:5:"false";}}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:11:"description";a:1:{i:0;a:5:{s:4:"data";s:1220:"<ul> <li><strong>Project:</strong> Joomla!</li> <li><strong>SubProject:</strong> com_content</li> <li><strong>Severity:</strong> Moderate</li> <li><strong>Versions:</strong> 1.5.14 and all previous 1.5 releases</li> <li><strong>Exploit type:</strong> Front-End Editing</li> <li><strong>Reported Date:</strong> 2009-September-05</li> <li><strong>Fixed Date:</strong> 2009-November-03</li> </ul> <h2>Description</h2> <p>When logged into the front end with Author access, it was possible to replace an article written by another user.</p> <h2>Affected Installs</h2> <p>All 1.5.x installs prior to and including 1.5.14 are affected.</p> <h2>Solution</h2> <p>Upgrade to latest Joomla! version (1.5.15 or newer).</p> <p>Reported by Hannes Papenberg</p> <h2>Contact</h2> <p>The JSST at the <a title="Contact the JSST" href="http://developer.joomla.org/security.html">Joomla! Security Center</a>.</p><div class="feedflare"> <a href="http://feeds.joomla.org/~ff/JoomlaSecurityNews?a=DZ3tAwNXHSo:B436pLe8VbA:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/JoomlaSecurityNews?d=yIl2AUoC8zA" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/JoomlaSecurityNews/~4/DZ3tAwNXHSo" height="1" width="1"/>";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:6:"author";a:1:{i:0;a:5:{s:4:"data";s:36:"dextercowley@gmail.com (Mark Dexter)";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:8:"category";a:1:{i:0;a:5:{s:4:"data";s:13:"Core Security";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:7:"pubDate";a:1:{i:0;a:5:{s:4:"data";s:31:"Tue, 03 Nov 2009 16:31:02 +0000";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}s:42:"http://rssnamespace.org/feedburner/ext/1.0";a:1:{s:8:"origLink";a:1:{i:0;a:5:{s:4:"data";s:88:"http://developer.joomla.org/security/news/305-20091103-core-front-end-editor-issue-.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}}}i:5;a:6:{s:4:"data";s:31:" ";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";s:5:"child";a:2:{s:0:"";a:7:{s:5:"title";a:1:{i:0;a:5:{s:4:"data";s:39:"[20091103] - Core - XML File Read Issue";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"link";a:1:{i:0;a:5:{s:4:"data";s:103:"http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/1Y8W2XsF2z0/306-20091103-core-xml-file-read-issue.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"guid";a:1:{i:0;a:5:{s:4:"data";s:84:"http://developer.joomla.org/security/news/306-20091103-core-xml-file-read-issue.html";s:7:"attribs";a:1:{s:0:"";a:1:{s:11:"isPermaLink";s:5:"false";}}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:11:"description";a:1:{i:0;a:5:{s:4:"data";s:1612:"<ul> <li><strong>Project:</strong> Joomla!</li> <li><strong>SubProject:</strong> All</li> <li><strong>Severity: </strong>Low</li> <li><strong>Versions:</strong> 1.5.14 and all previous 1.5 releases</li> <li><strong>Exploit type:</strong> Extension Version Disclosure</li> <li><strong>Reported Date:</strong> 2009-October-13</li> <li><strong>Fixed Date:</strong> 2009-Nov-03</li> </ul> <h2>Description</h2> <p>It is possible to read the contents of an extension's XML file and find the version number of the installed extension. This could allow people to exploit a known security flaws for a specific version of an extension.</p> <h2>Affected Installs</h2> <p>All 1.5.x installs prior to and including 1.5.14 are affected.</p> <h2>Solution</h2> <p>Turn on Apache mod_rewrite and configure your .htaccess file to filter out XML files. In the htaccess.txt file shipped with version 1.5.15, lines 35-39 contain example code that will deny access to XML files. You can incorporate this code (or similar code) into your .htaccess file. Be sure to test that it does not cause problems on your site.</p> <p>Reported by WHK and Gergő Erdősi</p> <h2>Contact</h2> <p>The JSST at the <a title="Contact the JSST" href="http://developer.joomla.org/security.html">Joomla! Security Center</a>.</p><div class="feedflare"> <a href="http://feeds.joomla.org/~ff/JoomlaSecurityNews?a=1Y8W2XsF2z0:Hq3ZIXM6dd8:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/JoomlaSecurityNews?d=yIl2AUoC8zA" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/JoomlaSecurityNews/~4/1Y8W2XsF2z0" height="1" width="1"/>";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:6:"author";a:1:{i:0;a:5:{s:4:"data";s:36:"dextercowley@gmail.com (Mark Dexter)";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:8:"category";a:1:{i:0;a:5:{s:4:"data";s:13:"Core Security";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:7:"pubDate";a:1:{i:0;a:5:{s:4:"data";s:31:"Mon, 02 Nov 2009 01:03:19 +0000";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}s:42:"http://rssnamespace.org/feedburner/ext/1.0";a:1:{s:8:"origLink";a:1:{i:0;a:5:{s:4:"data";s:84:"http://developer.joomla.org/security/news/306-20091103-core-xml-file-read-issue.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}}}i:6;a:6:{s:4:"data";s:31:" ";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";s:5:"child";a:2:{s:0:"";a:7:{s:5:"title";a:1:{i:0;a:5:{s:4:"data";s:39:"[20090722] - Core - Missing JEXEC Check";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"link";a:1:{i:0;a:5:{s:4:"data";s:103:"http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/HiUGdggCF-M/302-20090722-core-missing-jexec-check.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"guid";a:1:{i:0;a:5:{s:4:"data";s:84:"http://developer.joomla.org/security/news/302-20090722-core-missing-jexec-check.html";s:7:"attribs";a:1:{s:0:"";a:1:{s:11:"isPermaLink";s:5:"false";}}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:11:"description";a:1:{i:0;a:5:{s:4:"data";s:1238:"<ul> <li><strong>Project:</strong> Joomla!</li> <li><strong>SubProject:</strong> Framework</li> <li><strong>Severity: </strong>Moderate</li> <li><strong>Versions:</strong> 1.5.12 and all previous 1.5 releases</li> <li><strong>Exploit type:</strong> Path Disclosure</li> <li><strong>Reported Date:</strong> 2009-July-21</li> <li><strong>Fixed Date:</strong> 2009-July-22</li> </ul> <h2>Description</h2> <p>Some files were missing the check for JEXEC. These scripts will then expose internal path information of the host.</p> <h2>Affected Installs</h2> <p>All 1.5.x installs prior to and including 1.5.12 are affected.</p> <h2>Solution</h2> <p>Upgrade to latest Joomla! version (1.5.13 or newer).</p> <p>Reported by Juan Galiana Lara (Internet Security Auditors)</p> <h2>Contact</h2> <p>The JSST at the <a title="Contact the JSST" href="http://developer.joomla.org/security.html">Joomla! Security Center</a>.</p><div class="feedflare"> <a href="http://feeds.joomla.org/~ff/JoomlaSecurityNews?a=HiUGdggCF-M:KZ37xDySTLE:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/JoomlaSecurityNews?d=yIl2AUoC8zA" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/JoomlaSecurityNews/~4/HiUGdggCF-M" height="1" width="1"/>";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:6:"author";a:1:{i:0;a:5:{s:4:"data";s:36:"dextercowley@gmail.com (Mark Dexter)";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:8:"category";a:1:{i:0;a:5:{s:4:"data";s:13:"Core Security";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:7:"pubDate";a:1:{i:0;a:5:{s:4:"data";s:31:"Wed, 22 Jul 2009 23:36:40 +0000";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}s:42:"http://rssnamespace.org/feedburner/ext/1.0";a:1:{s:8:"origLink";a:1:{i:0;a:5:{s:4:"data";s:84:"http://developer.joomla.org/security/news/302-20090722-core-missing-jexec-check.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}}}i:7;a:6:{s:4:"data";s:31:" ";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";s:5:"child";a:2:{s:0:"";a:7:{s:5:"title";a:1:{i:0;a:5:{s:4:"data";s:44:"[20090723] - Core - com_mailto Timeout Issue";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"link";a:1:{i:0;a:5:{s:4:"data";s:108:"http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/RIFoC5xJaB4/303-20090723-core-com-mailto-timeout-issue.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"guid";a:1:{i:0;a:5:{s:4:"data";s:89:"http://developer.joomla.org/security/news/303-20090723-core-com-mailto-timeout-issue.html";s:7:"attribs";a:1:{s:0:"";a:1:{s:11:"isPermaLink";s:5:"false";}}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:11:"description";a:1:{i:0;a:5:{s:4:"data";s:1179:"<ul> <li><strong>Project:</strong> Joomla!</li> <li><strong>SubProject:</strong> com_mailto</li> <li><strong>Severity: </strong>Low</li> <li><strong>Versions:</strong> 1.5.13 and all previous 1.5 releases</li> <li><strong>Exploit type:</strong> Email</li> <li><strong>Reported Date:</strong> 2009-July-28</li> <li><strong>Fixed Date:</strong> 2009-July-30</li> </ul> <h2>Description</h2> <p>In com_mailto, it was possible to bypass timeout protection against sending automated emails.</p> <h2>Affected Installs</h2> <p>All 1.5.x installs prior to and including 1.5.13 are affected.</p> <h2>Solution</h2> <p>Upgrade to latest Joomla! version (1.5.14 or newer).</p> <p>Reported by WHK and Gergő Erdősi</p> <h2>Contact</h2> <p>The JSST at the <a title="Contact the JSST" href="http://developer.joomla.org/security.html">Joomla! Security Center</a>.</p><div class="feedflare"> <a href="http://feeds.joomla.org/~ff/JoomlaSecurityNews?a=RIFoC5xJaB4:RxNR8sWo_h0:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/JoomlaSecurityNews?d=yIl2AUoC8zA" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/JoomlaSecurityNews/~4/RIFoC5xJaB4" height="1" width="1"/>";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:6:"author";a:1:{i:0;a:5:{s:4:"data";s:36:"dextercowley@gmail.com (Mark Dexter)";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:8:"category";a:1:{i:0;a:5:{s:4:"data";s:13:"Core Security";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:7:"pubDate";a:1:{i:0;a:5:{s:4:"data";s:31:"Wed, 22 Jul 2009 23:36:40 +0000";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}s:42:"http://rssnamespace.org/feedburner/ext/1.0";a:1:{s:8:"origLink";a:1:{i:0;a:5:{s:4:"data";s:89:"http://developer.joomla.org/security/news/303-20090723-core-com-mailto-timeout-issue.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}}}i:8;a:6:{s:4:"data";s:31:" ";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";s:5:"child";a:2:{s:0:"";a:7:{s:5:"title";a:1:{i:0;a:5:{s:4:"data";s:31:"[20090722] - Core - File Upload";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"link";a:1:{i:0;a:5:{s:4:"data";s:95:"http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/rhefmqvY3kw/301-20090722-core-file-upload.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"guid";a:1:{i:0;a:5:{s:4:"data";s:76:"http://developer.joomla.org/security/news/301-20090722-core-file-upload.html";s:7:"attribs";a:1:{s:0:"";a:1:{s:11:"isPermaLink";s:5:"false";}}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:11:"description";a:1:{i:0;a:5:{s:4:"data";s:1135:"<ul> <li><strong>Project:</strong> Joomla!</li> <li><strong>SubProject:</strong> TinyMCE editor</li> <li><strong>Severity: </strong>Critical</li> <li><strong>Versions:</strong> 1.5.12</li> <li><strong>Exploit type:</strong> Image File upload</li> <li><strong>Reported Date:</strong> 2009-July-22</li> <li><strong>Fixed Date:</strong> 2009-July-22</li> </ul> <h2>Description</h2> <p>Tiny browser included with TinyMCE 3.0 editor allowed files to be uploaded and removed without logging in.</p> <h2>Affected Installs</h2> <p>Version 1.5.12 only</p> <h2>Solution</h2> <p>Upgrade to latest Joomla! version (1.5.13 or newer).</p> <p>Reported by Patrice Lazareff.</p> <h2>Contact</h2> <p>The JSST at the <a title="Contact the JSST" href="http://developer.joomla.org/security.html">Joomla! Security Center</a>.</p><div class="feedflare"> <a href="http://feeds.joomla.org/~ff/JoomlaSecurityNews?a=rhefmqvY3kw:yPlGvByBTag:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/JoomlaSecurityNews?d=yIl2AUoC8zA" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/JoomlaSecurityNews/~4/rhefmqvY3kw" height="1" width="1"/>";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:6:"author";a:1:{i:0;a:5:{s:4:"data";s:36:"dextercowley@gmail.com (Mark Dexter)";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:8:"category";a:1:{i:0;a:5:{s:4:"data";s:13:"Core Security";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:7:"pubDate";a:1:{i:0;a:5:{s:4:"data";s:31:"Wed, 22 Jul 2009 23:17:38 +0000";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}s:42:"http://rssnamespace.org/feedburner/ext/1.0";a:1:{s:8:"origLink";a:1:{i:0;a:5:{s:4:"data";s:76:"http://developer.joomla.org/security/news/301-20090722-core-file-upload.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}}}i:9;a:6:{s:4:"data";s:31:" ";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";s:5:"child";a:2:{s:0:"";a:7:{s:5:"title";a:1:{i:0;a:5:{s:4:"data";s:39:"[20090606] - Core - Missing JEXEC Check";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"link";a:1:{i:0;a:5:{s:4:"data";s:103:"http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/tdX89H7fxHg/300-20090606-core-missing-jexec-check.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:4:"guid";a:1:{i:0;a:5:{s:4:"data";s:84:"http://developer.joomla.org/security/news/300-20090606-core-missing-jexec-check.html";s:7:"attribs";a:1:{s:0:"";a:1:{s:11:"isPermaLink";s:5:"false";}}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:11:"description";a:1:{i:0;a:5:{s:4:"data";s:1169:"<ul> <li><strong>Project:</strong> Joomla!</li> <li><strong>SubProject:</strong> Admin client</li> <li><strong>Severity: </strong>Moderate</li> <li><strong>Versions:</strong> 1.5.11 and all previous 1.5 releases</li> <li><strong>Exploit type:</strong> XSS</li> <li><strong>Reported Date:</strong> 2009-June-22</li> <li><strong>Fixed Date:</strong> 2009-June-30</li> </ul> <h2>Description</h2> <p>Some files were missing the check for JEXEC. These scripts will then expose internal path information of the host.</p> <h2>Affected Installs</h2> <p>All 1.5.x installs prior to and including 1.5.11 are affected.</p> <h2>Solution</h2> <p>Upgrade to latest Joomla! version (1.5.12 or newer).</p> <h2>Contact</h2> <p>The JSST at the <a href="http://developer.joomla.org/security.html" title="Contact the JSST">Joomla! Security Center</a>.</p><div class="feedflare"> <a href="http://feeds.joomla.org/~ff/JoomlaSecurityNews?a=tdX89H7fxHg:Q3M2PUgXU9I:yIl2AUoC8zA"><img src="http://feeds.feedburner.com/~ff/JoomlaSecurityNews?d=yIl2AUoC8zA" border="0"></img></a> </div><img src="http://feeds.feedburner.com/~r/JoomlaSecurityNews/~4/tdX89H7fxHg" height="1" width="1"/>";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:6:"author";a:1:{i:0;a:5:{s:4:"data";s:36:"dextercowley@gmail.com (Mark Dexter)";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:8:"category";a:1:{i:0;a:5:{s:4:"data";s:13:"Core Security";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:7:"pubDate";a:1:{i:0;a:5:{s:4:"data";s:31:"Wed, 01 Jul 2009 04:46:19 +0000";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}s:42:"http://rssnamespace.org/feedburner/ext/1.0";a:1:{s:8:"origLink";a:1:{i:0;a:5:{s:4:"data";s:84:"http://developer.joomla.org/security/news/300-20090606-core-missing-jexec-check.html";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}}}}}s:27:"http://www.w3.org/2005/Atom";a:1:{s:4:"link";a:2:{i:0;a:5:{s:4:"data";s:0:"";s:7:"attribs";a:1:{s:0:"";a:3:{s:3:"rel";s:4:"self";s:4:"type";s:19:"application/rss+xml";s:4:"href";s:42:"http://feeds.joomla.org/JoomlaSecurityNews";}}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}i:1;a:5:{s:4:"data";s:0:"";s:7:"attribs";a:1:{s:0:"";a:2:{s:3:"rel";s:3:"hub";s:4:"href";s:32:"http://pubsubhubbub.appspot.com/";}}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}s:42:"http://rssnamespace.org/feedburner/ext/1.0";a:3:{s:4:"info";a:1:{i:0;a:5:{s:4:"data";s:0:"";s:7:"attribs";a:1:{s:0:"";a:1:{s:3:"uri";s:18:"joomlasecuritynews";}}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:14:"emailServiceId";a:1:{i:0;a:5:{s:4:"data";s:18:"JoomlaSecurityNews";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}s:18:"feedburnerHostname";a:1:{i:0;a:5:{s:4:"data";s:28:"http://feedburner.google.com";s:7:"attribs";a:0:{}s:8:"xml_base";s:0:"";s:17:"xml_base_explicit";b:0;s:8:"xml_lang";s:0:"";}}}}}}}}}}}}s:4:"type";i:128;s:7:"headers";a:10:{s:12:"content-type";s:23:"text/xml; charset=UTF-8";s:4:"etag";s:27:"TJG726SGcPOcWCHG30HaWBDJEFk";s:13:"last-modified";s:29:"Wed, 26 May 2010 09:45:14 GMT";s:17:"transfer-encoding";s:7:"chunked";s:4:"date";s:29:"Wed, 26 May 2010 09:57:13 GMT";s:7:"expires";s:29:"Wed, 26 May 2010 09:57:13 GMT";s:13:"cache-control";s:18:"private, max-age=0";s:22:"x-content-type-options";s:7:"nosniff";s:16:"x-xss-protection";s:1:"0";s:6:"server";s:3:"GSE";}s:5:"build";s:14:"20090627192103";}