SUSE Linux 10.1 discontinued and out of support

SUSE Linux 10.1 has reached End of Life : /

 
Quote from the opensuse-security-announce mailing list:

With the release of an mysql security fix on August 13 we have released
the last update for SUSE Linux 10.1. (Actually 10.1 was discontinued on
May 31st, but the queue took a bit longer to flush from all updates.)

 
See: http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00004.html

Critical Bug in Joomla 1.5.5 (and older 1.5.x versions)

The password of the user with the lowest ID (typically an administrator) can be reset by an unauthorized user in Joomla 1.5.x installations prior version 1.5.6 because of a bug in the password remind functionality.

All 1.5.x installations prior to and including 1.5.5 are affected

The Joomla developer team advises to upgrade to 1.5.6 (or patch the /components/com_user/models/reset.php file with the code below).

After global $mainframe; on line 113 of reset.php, add:

if(strlen($token) != 32) {
    $this->setError(JText::_('INVALID_TOKEN'));
    return false;
}


 
See: Joomla! Developer – Password Remind Functionality