WordPress 2.3.3 Released

Karol Krizka @ February 5, 2008

Blogging

WordPress.org has released an update to the popular blogging software (that also powers this blog). It is recommended that all users upgrade, because a critical vulnerabilty was found. According to the release announcement, blogs with registration enabled are vulnerable to post editing and creating via the XML-RPC interface. XML-RPC is the protocol used to remotely update blogs, so it is quite common on most blog.

The other fixed bugs include:

  • Trac 3780 gettext fails to determine byteorder on 64bit systems with php5.2.1
  • Trac 5090 maybe_create_table call to config.php issue
  • Trac 5273 some registration emails fail in 2.3.1 b/c of “callout verification”

To upgrade, WordPress included the following instructions, but I recommend using one of the automatic WordPress upgrade plugins, like WordPress Automatic Upgrade plugin, because it makes the whole process faster.

If you are interested only in the security fix, download the fixed version of xmlrpc.php and copy it over your existing xmlrpc.php. Otherwise, you can get the entire release here.

Did you enjoy this post? Then why not subscribe to my RSS feed or subscribe by e-mail? Also check out the many other FREE ways to appreciate a blogger.

« How To Quickly Install LigHTTPD, MySQL and PHP5 On Ubuntu PSP Homebrew Releases for February 4th »

Related Posts

RSS feed | Trackback URI

Comments »

No comments yet.

Name (required)
E-mail (required - never shown publicly)
URI
Subscribe to comments via email
Your Comment (smaller size | larger size)
You may use <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre lang="" line=""> in your comment.
Feed