Posts Tagged ‘Security’

WordPress 2.2.2

Posted on August 2007 at about 10:30 PM by hwa

Just upgraded my WordPress to version 2.2.2! Very nice figure. 🙂

Anyway! Please go to WordPress download section to download the latest version, for the instruction on how to upgrade your WordPress, you can go here, or you here for fresh installation instruction.

WordPress 2.1.3 And 2.0.10

Posted on April 2007 at about 10:06 PM by hwa

WordPress had released their latest branch of WordPress 2.1 and WordPress 2.0, this release is a security update and also fixed several issues, including the XSS issues, one major XML-RPC issue.

Head over to their download page to download the latest version of WordPress, and if you are upgrade from previous version, here are the upgrade instructions. 🙂

WordPress MU 1.2

Posted on March 2007 at about 5:17 AM by hwa

WordPress MU 1.2 just released not long ago, according to Donncha, most of the changes are bug fixes, but there are some security fix as well, so it’s advised that all the WordPress MU user upgrade to the latest version! And if you encounter any problems, please go to WordPress MU forum.

Apparently there are some problems with the theme in WordPress MU 1.2, but worry not! Because version 1.2.1 is here!! 😆 So if you upgrade from 1.2, all you have to do is just change the following files:

  • wp-admin/themes.php
  • htaccess.dist
  • wp-includes/version.php
  • wp-admin/admin-db.php
  • wp-admin/themes.php
  • wp-admin/wpmu-themes.php

Oh and don’t forget to go "Site Admin > Themes" and click save to update the theme list! 😉

WordPress 2.1.2 Emergency Security Upgrade

Posted on March 2007 at about 4:05 PM by hwa

WordPress.org had released their WordPress 2.1.2 today, but sadly it’s is not a feature upgrade, instead it’s an emergency security upgrade due to believe that a hacker had changed one of the WordPress 2.1.1 file in one of the WordPress server, here is what Matt said:

It was determined that a cracker had gained user-level access to one of the servers that powers wordpress.org, and had used that access to modify the download file. We have locked down that server for further forensics, but at this time it appears that the 2.1.1 download was the only thing touched by the attack. They modified two files in WP to include code that would allow for remote PHP execution.

This is something very serious and the thing that u think will ever happen in your nightmare, but now it happened, so if your are using WordPress 2.1.1, Please upgrade immediately!!

WordPress 2.1.1 And 2.0.9

Posted on February 2007 at about 3:27 AM by hwa

Since the release of WordPress 2.1, WordPress is now divided into two main version, the WordPress 2.1 which require PHP version 4.2 or greater and MySQL version 4.0 or greater and as well as some several minimum requirements.

Today WordPress got new bugfix and security release for each of their version, the WordPress 2.1.1 and WordPress 2.0.9. According to Matt, the version 2.1.1 have around 30 bug fixes and version 2.0.9 is only security update.

You can head over to WordPress official site To download WordPress 2.1.1, and to download version 2.0.9 please go to their release archive.

WordPress 2.0.7 And bbPress 0.75

Posted on January 2007 at about 1:12 AM by hwa

Today WordPress just released it latest version, WordPress 2.0.7, this release is mainly focus on security fix in a PHP bug, the FeedBurner issue in WordPress 2.0.6 also solved in this version. Other changes are:

  • Security fix for wp_unregister_GLOBALS() to work around the zend_hash_del_key_or_index bug in PHP 4 versions less than 4.4.3 and PHP 5 versions less than 5.1.4 with register_globals set to “On.”
  • Feeds now properly serve 304 Not Modified headers instead of mismatched 200/304 headers (a.k.a. the FeedBurner bug).
  • Backport of another 304 Not Modified fix from WordPress 2.1
  • Deleting WordPress Pages no longer gives an “Are You Sure?” prompt.
  • After deleting a WordPress Page, you are now properly redirected to the Edit Pages screen.
  • Sending an image at original size in Internet Explorer no longer adds an incorrect “height” attribute.

You can download the latest version of WordPress at here, or head over to Mark’s blog to get the necessary upgrade file if you are upgrading from WordPress 2.0.6.

Mark also mention in WordPress development blog that the next major release of WordPress (WordPress 2.1) will be out soon by the end of this month.

Other than that bbPress 0.75 also released today, same like WordPress 2.0.7 one of the major fix is the PHP bug. To download latest version of bbPress please go here.