The Joomla Project released Jomla 2.5.4. The latest variant contains 3 new features and a large number of fixes that address problems which affected the previous variants.
The new features include the option to show full CMS version number in the generator tag, access level for content languages, and an improvement in the auto-update process to make it more reliable across different hosts.
In the security sector, a low priority information disclosure error, which allowed an attacker to view some administrative backend details without authorization, was resolved. The prior versions were also affected by an inadequate filtering issue in the update manager, which led to a cross-site scripting (XSS) vulnerability.
Joomla 2.5.4 also comes with fixes for 157 tracker problems.
Users are advised to update to the latest variant, not only to protect themselves against potential attacks, but also to benefit from the new feature additions.
via Softpedia