MediaWiki 1.19.19, 1.22.11, and 1.23.4 were released yesterday. The new versions include enhanced CSS filtering of SVG images for improved security. MediaWiki 220.127.116.11 also includes a couple of bug fixes.
More information is available in the release announcement for 1.19.19, 1.22.11, and 1.23.4.
Piwik 2.7.0 was released today.The new version includes a number of new features including a browser language report and Content Tracking. It also contains bug fixes.
The release contains a major database upgrade, so plan your upgrade accordingly. Also, there are two separate database upgrades that need to run in this release, so after the first ones runs it is normal for you to be prompted for another upgrade.
More information is available in the changelog.
concrete5 18.104.22.168 was released yesterday (22.214.171.124 was pulled due to installation bug). The new version includes bug fixes and improves functionality.
More information is available in the release notes.
Joomla 2.5.25, 3.2.5, and 3.3.4 were released today. All of the new versions fix a moderate severity login security issue and both 3.x releases fix a moderate severity cross-site scripting (XSS) vulnerability. Joomla 3.3.4 also includes a number of bug fixes.
More information is available in the release announcements for 2.5.25 and 3.3.4.
concrete5 126.96.36.199 was released yesterday. The new version include minor improvements and bug fixes. The new version also fixes three security issues: a full path disclosure vulnerability, a cross-site scripting (XSS) vulnerability, and database sanitation improvements.
concrete5 5.7 was released last Friday and 188.8.131.52 was released yesterday. This new version is a major overhaul of the software and you can not upgrade, instead a migration is required. It will also require that themes and add-ons have new versions created. More details of the changes made are available in the release notes. The developers currently recommend using it only if you are starting on a new project, as 5.7.1 will be the first 5.7.x version ready for general use. Support for 5.6.x will continue with “for security and critical bugs for at least a year”.
More information is available in the release notes for 184.108.40.206, 5.7, and 220.127.116.11.
Moodle 2.5.8, 2.6.5, and 2.7.2 were released today. All of the releases include security fixes and 2.6.5 and 2.7.2 also include bug fixes. Details of the security vulnerabilities fixed will be released later.
Update (September 15, 2014): Moodle has now released information on the security issues fixed in the releases. All three versions fix a minor vulnerability that exposes the name of the last person to post in a Q&A forum. Moodle 2.6.5 and 2.7.2 fix a vulnerability that “could potentially allow unauthorised access and privilege escalation” when using Central Authentication Service (CAS). This vulnerability was not fixed in 2.5.8 and CAS users “are encouraged to upgrade to a more recent release”.
More information is available in the release notes for 2.5.8, 2.6.5, and 2.7.2.
Piwik 2.6.0 and 2.6.1 were released today. Piwik 2.6.0 includes bug fixes and minor improvements. Piwiki 2.6.1 fixed an error introduced in 2.6.0.
More information is available in the changelog for 2.6.0.