April 25, 2008

Upgrade to WordPress 2.5.1 - Now!

Just upgraded this blog to WordPress 2.5.1 as I’ve only just spotted that it’s available. Probably the most important feature is a security fix that is pretty ugly:

An attacker, who is able to register a specially crafted username on a Wordpress 2.5 installation, is able to generate authentication cookies for other chosen accounts. This vulnerability exists because it is possible to modify authentication cookies without invalidating the cryptographic integrity protection. If a Wordpress blog is configured to freely permit account creation, a remote attacker can gain Wordpress-administrator access and then elevate this to arbitrary code execution as the web server user.

However there are also a number of other enhancements including:

  • Performance improvements for the Dashboard, Write Post, and Edit Comments pages.
  • Better performance for those who have many categories
  • Media Uploader fixes
  • An upgrade to TinyMCE 3.0.7
  • Widget Administration fixes
  • Various usability improvements
  • Layout fixes for IE

If you haven’t got it yet, now the time to upgrade

2 Readers Commented »

  1. Sherrilynne Starkie on April 26th, 2008

    1

    2. Should I be doing this?

  2. Mayooresan on April 26th, 2008

    2

    3. thanks for the tips!

Leave a Comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

« What’s that flashing light?Make money when you search the Web »

Media Corner

2

3

4

5

6

  • Cloudshout

  • Scoutle

  • Gadget Corner

  • Entrecard

  • EntreDroppers

  • Linkage

  • Networking

    Blog Directory - Blogged View Owen Cutajar's profile on LinkedIn

     

    Support Bloggers' Rights!
    Support Bloggers' Rights!