WordPress 2.3.3 Released
WordPress.org has released an update to the popular blogging software (that also powers this blog). It is recommended that all users upgrade, because a critical vulnerabilty was found. According to the release announcement, blogs with registration enabled are vulnerable to post editing and creating via the XML-RPC interface. XML-RPC is the protocol used to remotely update blogs, so it is quite common on most blog.
The other fixed bugs include:
- Trac 3780 gettext fails to determine byteorder on 64bit systems with php5.2.1
- Trac 5090 maybe_create_table call to config.php issue
- Trac 5273 some registration emails fail in 2.3.1 b/c of “callout verification”
To upgrade, WordPress included the following instructions, but I recommend using one of the automatic WordPress upgrade plugins, like WordPress Automatic Upgrade plugin, because it makes the whole process faster.