gHacks technology news » wordpress upgrade http://www.ghacks.net A technology blog covering software, mobile phones, gadgets, security, the Internet and other relevant areas. Tue, 24 Nov 2009 23:31:44 +0000 http://wordpress.org/?v=2.8.6 en hourly 1 Wordpress 2.8.5 Security Update http://www.ghacks.net/2009/10/21/wordpress-2-8-5-security-update/ http://www.ghacks.net/2009/10/21/wordpress-2-8-5-security-update/#comments Wed, 21 Oct 2009 13:53:23 +0000 Martin http://www.ghacks.net/?p=17549 wordpressThe Wordpress developers have released version 2.8.5 of their popular blogging software. The version is considered a security upgrade and therefor mandatory for all Wordpress blog owners who run their own Wordpress blog (but not those running a blog at Wordpress.com). The developers are calling this released a hardening release as it tightens Wordpress security to make Wordpress blogs more secure than before. The release is also fixing a Trackback denial of service attack that is currently in the wild.

The most important changes in Wordpress 2.8.5 are therefor:

  • A fix for the Trackback Denial-of-Service attack that is currently being seen.
  • Removal of areas within the code where php code in variables was evaluated.
  • Switched the file upload functionality to be whitelisted for all users including Admins.
  • Retiring of the two importers of Tag data from old plugins.

Wordpress blogs are currently not announcing the new release. It is expected that this will change in the next hours so that the automatic update option becomes available for Wordpress webmasters who use it to update their website. Webmasters who manually update their blog can visit the Wordpress page to download the latest version of Wordpress. Additional information about the security release are available in the blog post that announced the upgrade.

Tags: , , ,

Related posts

]]> http://www.ghacks.net/2009/10/21/wordpress-2-8-5-security-update/feed/ 4 Don’t upgrade to Wordpress 2.3 yet http://www.ghacks.net/2007/09/25/dont-upgrade-to-wordpress-23-yet/ http://www.ghacks.net/2007/09/25/dont-upgrade-to-wordpress-23-yet/#comments Tue, 25 Sep 2007 14:32:34 +0000 Martin http://www.ghacks.net/2007/09/25/dont-upgrade-to-wordpress-23-yet/ The new version 2.3 of the blog script Wordpress has been released about 12 hours ago and lots of webmasters are starting to prepare their blogs to upgrade their version to the recent one. There is however one difficulty with this new release which will affect a lot of webmasters who try to upgrade their blog.

The new version of Wordpress introduces some elementary changes to certain functions which can very well break a few plugins that are installed on the blog in question. Mostly plugins that deal with categories are affected. One that I’m using for instance is the plugin Simple Tagging but a handful of other plugins like Ultimate Tag Warrior, Popularity Contest and Ajax Comments are affected as well.

Those plugins display error messages when opening the website which does not look great and could limit the display of the blog as well. I tried to update one of my minor blogs first which has all the plugins installed that I use at Ghacks as well and found out that the only possibility for me was to deactivate the plugin in question.

I suggest you build a local version of your blog and see if the upgrade to Wordpress 2.3 breaks the design or displays errors messages. If that is the case I would wait for plugin updates to be released before making the switch.

Read More:

wordpress 2.3 Plugin Compatibility
wordpress 2.3 download

Tags: , , ,

Related posts

]]> http://www.ghacks.net/2007/09/25/dont-upgrade-to-wordpress-23-yet/feed/ 3