Posts Tagged ‘Security’
WordPress MU 1.2 just released not long ago, according to Donncha, most of the changes are bug fixes, but there are some security fix as well, so it’s advised that all the WordPress MU user upgrade to the latest version! And if you encounter any problems, please go to WordPress MU forum.
Apparently there are some problems with the theme in WordPress MU 1.2, but worry not! Because version 1.2.1 is here!! 😆 So if you upgrade from 1.2, all you have to do is just change the following files:
Oh and don’t forget to go
"Site Admin > Themes" and click save to update the theme list! 😉
WordPress.org had released their WordPress 2.1.2 today, but sadly it’s is not a feature upgrade, instead it’s an emergency security upgrade due to believe that a hacker had changed one of the WordPress 2.1.1 file in one of the WordPress server, here is what Matt said:
It was determined that a cracker had gained user-level access to one of the servers that powers wordpress.org, and had used that access to modify the download file. We have locked down that server for further forensics, but at this time it appears that the 2.1.1 download was the only thing touched by the attack. They modified two files in WP to include code that would allow for remote PHP execution.
This is something very serious and the thing that u think will ever happen in your nightmare, but now it happened, so if your are using WordPress 2.1.1, Please upgrade immediately!!
Since the release of WordPress 2.1, WordPress is now divided into two main version, the WordPress 2.1 which require PHP version 4.2 or greater and MySQL version 4.0 or greater and as well as some several minimum requirements.
Today WordPress got new bugfix and security release for each of their version, the WordPress 2.1.1 and WordPress 2.0.9. According to Matt, the version 2.1.1 have around 30 bug fixes and version 2.0.9 is only security update.
Today WordPress just released it latest version, WordPress 2.0.7, this release is mainly focus on security fix in a PHP bug, the FeedBurner issue in WordPress 2.0.6 also solved in this version. Other changes are:
- Security fix for wp_unregister_GLOBALS() to work around the zend_hash_del_key_or_index bug in PHP 4 versions less than 4.4.3 and PHP 5 versions less than 5.1.4 with register_globals set to “On.”
- Feeds now properly serve 304 Not Modified headers instead of mismatched 200/304 headers (a.k.a. the FeedBurner bug).
- Backport of another 304 Not Modified fix from WordPress 2.1
- Deleting WordPress Pages no longer gives an “Are You Sure?” prompt.
- After deleting a WordPress Page, you are now properly redirected to the Edit Pages screen.
- Sending an image at original size in Internet Explorer no longer adds an incorrect “height” attribute.
Mark also mention in WordPress development blog that the next major release of WordPress (WordPress 2.1) will be out soon by the end of this month.