| Home | Forum | Advertise | Contact Me | About WPTavern | WPWeekly Show Info |
![]() |
| |||||||
| General WordPress Talk about news, share great posts and more |
![]() |
| | Share | LinkBack | Thread Tools | Display Modes |
| ||||
|
I was reading the latest post on the Akismet dev blog and it mentions WordPress 2.8.2 is forthcoming. I didn't know there was a need for 2.8.2 or that it was even planned. I wonder what has caused this new version to be developed. Anyone have any info? http://blog.akismet.com/2009/07/20/n...version-2-2-6/ |
| ||||
|
Annnd 2.8.2 is out the door which fixes a XSS vulnerability http://wordpress.org/development/200...rdpress-2-8-2/ |
| ||||
|
It would be unwise to post any information about this vulnerability before they were ready to release an update. Otherwise millions of blogs would be wide open until they were able to update. Looking at the changes, I'm not 100% sure the vulnerability could be exploited without the help of a poorly coded filter, but it was still an issue they wouldn't have announced without having an immediate fix.
|
| ||||
|
Yeah, until information is released about this vulnerability, we won't know when it was introduced, which versions of WP are affected, etc. The best thing you could do is update just to play it safe. Ryan's right in that the automatic upgrade is the DOWNLOADED way of upgrading, no uploading required.
|
| ||||
|
Well, the greatest thing about auto upgrade is that you never have to download the newest version to your own computer. So even the slowest internet connection isn't drastically effected. Your update will go as fast as your web host connection (which is likely a lot faster than your own connection).
|
![]() |
| Thread Tools | |
| Display Modes | |
| |