Sven Welzel — Der Blog

Tag: wordpress

  • Some quick updates

    Time for some housekeeping – WordPress, plugins etc all patched and back to where they should be (taken long enough) — some more updates on PHP, scheduler integration and large data transfer info coming up soon!

  • Three Oh Five – WordPress Upgrade are out

    The upgrade to 3.0.5 was resleased yesterday. From the release notes:

    Two moderate security issues were fixed that could have allowed a Contributor- or Author-level user to gain further access to the site.

    One information disclosure issue was addressed that could have allowed an Author-level user to view contents of posts they should not be able to see, such as draft or private posts.

    Two security enhancements were added. One improved the security of any plugins which were not properly leveraging our security API. The other offers additional defense in depth against a vulnerability that was fixed in previous release.

    Download and upgrade now!

  • Upgrade to WordPress 3.0.4 – HTML Sanitation bug

    From the WordPress Development Blog:

    Version 3.0.4 of WordPress, available immediately through the update page in your dashboard or for download here, is a very important update to apply to your sites as soon as possible because it fixes a core security bug in our HTML sanitation library, called KSES. I would rate this release as β€œcritical.” (more…)

  • Nudge, nudge, wink, wink – WordPress Upgrade

    … it’s time to go 0-3, I think — WordPress 3.0.3 is out – but the update is really only applicable to remote publishing-enabled systems…

    WordPress 3.0.3 is available and is a security update for all previous WordPress versions.

    This release fixes issues in the remote publishing interface, which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish, or delete posts.

  • WordPress 3.0.2 is out

    Don’t forget to upgrade inplace or download! It is a mandatory security update for all previous WordPress versions, and upgrades are easy πŸ™‚

  • WordPress 3.0.1 – I’m sure you’ve upgraded already

    I’m sure you’ve done it already, but WordPress 3.0.1 (a maintenance release) is out since Friday and you should have upgraded (and updated the database) already by downloading the 3.0.1 version.

    List of revised files:

    (more…)

  • Upgrade and update WordPress without the FTP/FTPS options

    You may not have FTP or FTPS running on your server (either by choice or decision).

    In order to manage that, there is a simple workaround you can implement. (more…)

  • WordPress 3.0 is out!

    Just a quick note – remember to upgrade now! But you knew that already! πŸ™‚

    218 people helped fixing the 1217 bugs, with a new default theme called Twenty Ten and a whole lot more.
    (more…)

  • And it’s 2.9.2 time

    WordPress has upgraded to 2.9.2, which fixes the issue that “logged in users can peek at trashed posts belonging to other authors”.

    So upgrade already! πŸ™‚

  • And it’s time for 2.9.1

    After a few reported issues with prior WordPress version upgrade 2.9, 2.9.1 is here to save the day (full version, not even RC πŸ™‚

    From the source:

    This release addresses a handful of minor issues as well as a rather annoying problem where scheduled posts and pingbacks are not processed correctly due to incompatibilities with some hosts.

    Yipee!! πŸ™‚

  • And it’s time for 2.9!

    As also noted on the blog, it’s time to upgrade (if you haven’t already) to version 2.9 of WordPress. There are a huge whack of benefits and improvements (over 500 bugfixes), like the online image editor and easier video embedding that’s included now.

    Well done, guys!!

    When doing the upgrade, just make sure all the /pomo/ files and wp-settings are updated appropriately…

  • Drupal 7 – Impressions

    So I’ve installed the current beta (for non-production environments) of Drupal 7 on an nginx/php/mysql setup to test speed, interface and ease of use. It was a double-whammy operation, on the one hand testing the server environment, and on the other, the new software. It’s not production-ready, so I don’t expect it to be ready by any stretch of the imagination. So these are just impressions. (more…)

  • And we’re on 2.8.6

    Another quick upgrade to make it safe — 2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges. Not really pertinent here but good to keep it closed πŸ™‚ The patching deals mainly with untrusted user issues, but “upgrading to 2.8.6 is recommended”.

    But you knew that already πŸ™‚

  • A note on WordPress security…

    There’s a note on why to keep patching – How To Keep WordPress Secure over at the WordPress dev blog – definately worth a read.

    Good sense.