The Mambo Foundation has recently carried out their first Annual General Meeting and voting for the 2006-2007 Board of Directors on 1 July 2006. The votes have been tallied and based on the votes cast by the membership, the new Board of Directors will be as follows:

• President- Ric Shreves
• Vice- President- Akarawuth Tamrareang
• Treasurer- Paulino Michelazzo
• Secretary- Alain Schmalz
• Ordinary Director- Marco Rossi

On behalf of Mambo Communities, we would like to congratulate the new board of Directors. The new Directors will begin their term of office on 1 August of this year.

Mambo on!!

 Mambo Communities recently formed a partnership with Webzo to offer a range of Mambo Flash Tutorials on the Mamboserver.com sites. There are 12 tutorials available now.

Webzo offers a unique service, they specialize in the design and development of flash tutorials, and they do it absolutely free. What is the catch? Like us, they are interested in building partnerships and in return they just want to be recognised and given credit for their work.

Click here to view full list of tutorials.

For more information on how to get your free flash tutorials designed by Webzo, click here.

Team Mambo would like to announce the availability of the Second public Release Candidate for the new Version 4.6 of the Mambo Open Soure CMS. The Release Candidate comes after an extended RC1 period during which the Team took feedback from a large number of users and made enhancements to the system. The RC2 release includes a number of significant changes which the Team wishes to evaluate before going to a final Production Release.

You should note that while these changes includes enhancements to improve stability and solve problems reported during the RC1 period, the RC2 release also includes new features and may reveal new issues which will require additional work before the final release. Your feedback on these issues is invaluable. We have created a new tracker to allow easier reporting of issues. If you have feedback on this release, visit the Tracker.

A SQL injection vulnerability has been identified in Mambo versions <= 4.6RC1. Meaning that current production version 4.5.4 as well as recent versions 4.5.3h, 4.5.3, and 4.5.2.3 are at risk. The quickest way to plug this hole is to open /components/com_weblinks/weblinks.php and add the following two lines at line 250.

 $row->title = $database->getEscaped($row->title);

$row->catid = $database->getEscaped($row->catid);

We recommend you patch this as soon as possible. For those not comfortable with editing the files manually, security patches are now available for download on the Mamboxchange site.