WordPress 2.8.2 On The Way?

**Jeffro** · 07-20-2009, 12:49 AM

I was reading the latest post on the Akismet dev blog and it mentions WordPress 2.8.2 is forthcoming. I didn't know there was a need for 2.8.2 or that it was even planned. I wonder what has caused this new version to be developed. Anyone have any info?

http://blog.akismet.com/2009/07/20/n...version-2-2-6/

**Jeffro** · 07-20-2009, 01:42 AM

Annnd 2.8.2 is out the door which fixes a XSS vulnerability

http://wordpress.org/development/200...rdpress-2-8-2/

**Len** · 07-20-2009, 01:56 AM

Nice work by the devs! I hadn't even heard of any security issues and I watch several security/hacking related sites.

**conorp** · 07-20-2009, 03:25 AM

I just thought I would get your opinion on this. 2 of my blogs are still using 2.7. At the current time and for the next 4 weeks i'm stuck using incredibly slow internet. Like pages load fine but upload/videos etc are slow. A WordPress upgrade on my test site took approximately 2.5 hours. Obviously this isn't convenient as it brings the internet to a stand still. I personally considered 2.7 to be pretty safe. So what do you think. Do i need to update?

BTW, I'm counting down. 28 days :)

**Ryan** · 07-20-2009, 07:46 AM

Originally Posted by conorp

Do i need to update?

Probably a good idea. But why not just use the auto-update tool? That would totally bypass you having to upload anything at all.

**Martin** · 07-20-2009, 08:13 AM

Didn't see this update coming.

**itsananderson** · 07-20-2009, 08:19 AM

It would be unwise to post any information about this vulnerability before they were ready to release an update. Otherwise millions of blogs would be wide open until they were able to update. Looking at the changes, I'm not 100% sure the vulnerability could be exploited without the help of a poorly coded filter, but it was still an issue they wouldn't have announced without having an immediate fix.

**Jeffro** · 07-20-2009, 09:00 AM

Yeah, until information is released about this vulnerability, we won't know when it was introduced, which versions of WP are affected, etc. The best thing you could do is update just to play it safe. Ryan's right in that the automatic upgrade is the DOWNLOADED way of upgrading, no uploading required.

**itsananderson** · 07-20-2009, 09:08 AM

Well, the greatest thing about auto upgrade is that you never have to download the newest version to your own computer. So even the slowest internet connection isn't drastically effected. Your update will go as fast as your web host connection (which is likely a lot faster than your own connection).

**Dan Schulz** · 07-20-2009, 10:02 AM

I'll say this though - even on my (relatively) fast connection, it still took about 5-6 minutes to download and install to my test server (WampServer on my notebook). Now to see how it handles on my Web servers.

Thread: WordPress 2.8.2 On The Way?

LinkBack

Thread Tools

Display

WordPress 2.8.2 On The Way?

Posting Permissions