Browsed by
Tag: Automattic

WordPress 2.8.6 Released and a 2.9 Preview

WordPress 2.8.6 Released and a 2.9 Preview

I got the notice last night that WordPress 2.8.6 was released to fix a pair of security holes.  So I hopped right into the admin console from my Iphone and in 2 minutes, it was updated.  If you have a WordPress installation, I urge you to update right away as well. This will almost certainly be the last release prior to the much anticipated release of 2.9 which is our next major (feature related) release.  Aaron Brazell had a great…

Read More Read More

WordPress 2.8.5 Released

WordPress 2.8.5 Released

A new WordPress release came out last night. Unlike the previous, this is what they are calling “a hardening release”, i.e. it is generally designed to make the code base more secure, but doesn’t fix any known vulnerabilities.  As with all minor level releases, I suggest you update as soon as possible, if for no other reason than to stay current. From their blog: A fix for the Trackback Denial-of-Service attack that is currently being seen. Removal of areas within…

Read More Read More

WordPress 2.8.4 – Update Now

WordPress 2.8.4 – Update Now

The folks at Automattic released a security update for WordPress today due to a very specific bug: …a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. While this isn’t an incredibly nasty…

Read More Read More

WordPress Revision History to the Rescue

WordPress Revision History to the Rescue

(Uh, Jeff, Kelly, move on, nothing to read here.  Nothing of interest to you at all…really…) I had one of those moments today.  Mistakes were made.  Bad mistakes.  The “oh crap, I’m editing on the production site, not the qa or dev server” type of mistakes that immediately have you picturing your career dissipation light suddenly burning bright. So I noticed after working on this highly important site that I’d accidently overwritten something on the live site.  Yech. Luckily, as…

Read More Read More

WordPress 2.6.3 Released, and Issues with Auto Upgrade

WordPress 2.6.3 Released, and Issues with Auto Upgrade

The folks at Automattic today released WordPress 2.6.3 which is a minor security patch to the Snoopy script they use for displaying rss feeds in the admin area.  Not an utterly crucial upgrade, but one you might want to take just to be sure your secure.  The upgrade took me 5 minutes using the auto upgrade plugin. One issue that I noticed while using the auto upgrade plugin, which was also upgraded, was that the script failed repeatedly on the…

Read More Read More

WordPress 2.6 – It’s a CMS, Baby!

WordPress 2.6 – It’s a CMS, Baby!

I remember when I first setup WordPress back in 2003, the old 1.x days, my comment was that “It’s just like a CMS (content management system) with most of the functionality removed.” Well, with the release of WordPress 2.6, I can finally eat my words. It’s now simply a content management system, and a darned good one at that. That’s right, content management system. To call it a blogging platform is to sell it short. It’s now all the features…

Read More Read More

Techcrunch Says WordPress a Massive Security Risk

Techcrunch Says WordPress a Massive Security Risk

(The link to the article is lower in this post, to ensure the proper text appears in the Techcrunch trackback…) Techcrunch yesterday featured an article by Nik Cubrilovic with the salacious title “WordPress Security Issues Lead To Mass Hacking. Is Your Blog Next?”  – from that article: Due to its popularity as a blogging platform, WordPress has become a prime target for hackers looking to take over blogs for search-engine optimization (SEO) of other sites they control, traffic-redirection and other…

Read More Read More