DOCman Security Announcement

Joomlatools would like to announce the immediate availability of DOCman 1.5.8 and DOCman 1.4.1.

Recently a medium level vulnerability was discovered in DOCman. A user with editing permissions can potentially access confidential data. The following versions of DOCman are affected: 1.3.x, 1.4.x up to 1.4.0.stable, 1.5.x up to 1.5.7. Upgrading to either 1.4.1 or 1.5.8 resolves the issue.

Even though this is only a medium level vulnerability that will only affect a small percentage of sites, we recommend everybody to upgrade as soon as possible.

How to upgrade

If you are using DOCman 1.5.7 or older:

If you have purchased DOCman 1.5.x, you are automatically entitled to all 1.5.x updates. These are sent to you by email.

If you haven’t received your copy yet:

• check your spam filter
• allow our email queue a few more days to send out all the emails
• contact our support

Please see the README for upgrade instructions.

If you are using DOCman 1.4.0 or older:

As promised, DOCman 1.4.x will always be free of charge, and is still receiving security updates. However, it is no longer officially supported, and will not receive bug fix updates. There are two options:

• Update to DOCman 1.4.1 for free
• Upgrade to DOCman 1.5.8 for the price of lunch and a coffee. Upgrading is painless and preserves your data. You will get updates to all 1.5.x releases, as well technical support. And of course you are supporting a quality GPL-licensed Joomla extension!

Please see the README for upgrade instructions.

If you are using DOCman 1.3.x:

The 1.3.x series are no longer supported and should be considered very unsafe. Upgrading to 1.5.x happens in three steps: install a patch, upgrade to DOCman 1.4, upgrade to DOCman 1.5. Please see the README instructions included with DOCman 1.4 and 1.5 for more information.