The Joomla! Project now announces the immediate release of Joomla! 1.0.15 [Daytime]. This release addresses a security vulnerability and it is recommended that you upgrade immediately. Begin by testing on a backup copy of your site. Once you have verified that your site works as expected, backup your live site and upgrade as soon as possible.

Joomla! 1.0.15 addresses a security issue discovered since our last stable release, Joomla! 1.0.14. After adequate testing on a backup or sandbox version of your live site, you should backup your live site and upgrade to 1.0.15.
Security Fixes

    * SECURITY [HIGH]  Fixed remote file inclusion vulnerability.

Explanation
In Joomla! 1.0.13, the following line was added to the configuration.php file:

    if(!defined('RG_EMULATION')) { define( 'RG_EMULATION', 0 ); }

This file is located in the root directory of your Joomla! Web site. Including this extra line protects against possible remote file inclusion.

Web sites created with Joomla! 1.0.13 or later already contain this line. However, Web sites upgraded from 1.0.12 or earlier are missing this line. All this upgrade does is add that line to the configuration.php file if that line does not already exist. Another way to address the vulnerability is to simply add the line to your configuration.php file manually.