WordPress 2.8.2 Released to Patch Security Issue

Hot on the heels of the recent 2.8.1 update

for WordPress Baker, Auttomatic and its development community have released yet another .1 update to patch an important security vulnerability, applicable to all custom installations running versions 2.8 and 2.8.1.

The official statement:

“WordPress 2.8.2 fixes an XSS vulnerability. Comment author URLs were not fully sanitized when displayed in the admin. This could be exploited to redirect you away from the admin to another site. Download 2.8.2 or automatically upgrade from the Tools->Upgrade page of your blog’s admin.”

If you are running any version above 2.7, you will most likely see a notice at the top of your admin panel advising you of this most recent update, with the option to do a one-click update. It is strongly recommended you do so as soon as possible.

The update replaces some ten files, but does not appear to modify the database structure in any way.

About the Author:

Keram is a new media consultant, music producer, actor and writer who opines on SEO at blogging-fool.com download deck the halls movie Godsend buy and society at theculturepin.com

Stone Cold dvdrip

.

WordPress v2.8.1 – Why You Should Update Now

Although WordPress 2.8 (“Baker”) was a thing of beauty and brought a plethora of significant changes and improvements, it comprised hundreds of patches, fixes and some rather heavy new behaviors – for example the ability to simply deactivate a widget rather than remove it outright, or to drag and drop widgets back and forth.

Given the amount of new functionality added, the release was surprisingly stable, but invariably, some annoyances and even security holes came with it. Well the good people at Auttomatic hurried to get everything patched as best they could, and the real thanks must go to the community of programmers that rushed to plug up the leaks.

Among the most important fixes in 2.8.1:

Files being deleted during upgrade

Many users complained, and some became downright angry that using the automatic updater for Worpdress was a risky affair to say the least, and often left all sorts of junk behind or even worse, it inefficiently removed files no longer needed, often breaking installations completely. Thankfully, it was a bug, it was identified, and has been patched in 2.8.1

PHP Warning at menu-header.php line 118
Sometimes terrible things happen after installing a plugin or updating, like an ugly warning suddenly showing up at the top of your meticulously crafted WordPress site. This can lead to great frustration and confusion, especially for those who don’t read php and no real answers forthcoming about how to fix it. The cause for this warning is now fixed, and no it wasn’t your fault.

Warnings after post/page save
Speaking of annoyances and confusion – 2.8 introduced a glitch wherein trying to leave a post entry page warned that the content had not been saved. I am not sure whether this is also what led to the ensuing “there is a previous autosave of this post” message, but rest assured, your work was being saved, but the alarm bells were going off anyway. Fixed in 2.8.1.

Another nice little optimization introduced is that the admin dashboard memory usage is reduced.  Some people were running out of memory when loading the dashboard, resulting in an incomplete page.  This should make things run a little quicker and smoother.

Furthermore they have increase download_url() timeout from 30 to 60 giving you a little more wiggle room before getting a nasty timeout error.

Security Fix

Last, but never least, security is the main reason to update your WP installation to 2.8.1 as soon as possible. As the developer’s state:

“Core Security Technologies notified us that admin pages added by certain plugins could be viewed by unprivileged users, resulting in information being leaked. Not all plugins are vulnerable to this problem, but we advise upgrading to 2.8.1 to be safe.”

Don’t leave your precious site vulnerable to attack. If you are already running WordPress Baker, install this latest point 1 patch now.

To learn more about the WordPress 2.8.1 patch to Baker, visit the official patch notes page at WordPress.org

To see a comprehensive lists of fixes since 2.8 visit this page that displays a complete listing.

One final note – for those of you using the SimplePress Forums, be sure to download and install the latest update

Sphere

(4.0.4) so that it is fully compatible with 2.8.1

About the Author:

Keram is a new media consultant, music producer, actor and writer who opines on SEO at blogging-fool.com

and society at theculturepin.com. Keram recently released a solo acoustic CD titled “Box”.