Barely 10 days after the release of WordPress 2.0.6, WordPress has upgraded it with version 2.0.7. It is recommended that everyone upgrade to this latest version.
Recently a bug in certain versions of PHP came to our attention that could cause a security vulnerability in your blog. We’re able to work around it fairly easily, so we’ve decided to release 2.0.7 to fix the PHP security problem and the Feedburner issue that was in 2.0.6. It is recommended that everyone running WordPress 2.0.6 or lower upgrade to this new version.
Because this is a much smaller update than previous versions, you do not have to update all of WordPress’ files if you’re upgrading from version 2.0.6. Here is the list of files that have changed since 2.0.6:
- wp-admin/inline-uploading.php
- wp-admin/post.php
- wp-includes/classes.php
- wp-includes/functions.php
- wp-settings.php
- wp-includes/version.php
We know it sucks to have a release only 10 days after our last one, but we think it’s important enough for your blog to be secure to do it, and hopefully only having to change a few files will make the upgrade easier than normal.
The upgrade has a security fix and fixes a problem with FeedBurner. A few readers were reporting that the last WordPress messed up the feed. This problem should be fixed now.
Did you enjoy this post? Get John Chow Dot Com updates via email...
Stay up to date with all of John Chow’s tips for making money online and blog posts by subscribing via email. Your email will be kept private and never shared with anyone.
One of the most common complaint (or excuse) I hear from potential new bloggers is they don’t know how to install WordPress. Terms like FTP and CPanel are like a foreign language and setting up a database might as well be setting up the space shuttle for a launch. Because of the technology barrier, many would-be bloggers never start their blogs...
{ 19 comments }
Did they mention which PHP versions have the problem? I imagine that it is a much smaller user base that needs to be concerned about this patch.
I didn’t even get the chance to upgrade to 2.0.6.
I’ll upgrade to the latest soon now.
Bah, I just updated to 2.0.6 the other day
Just upgraded to 2.0.6
Oh well this is what happens if one can’t code his own stuff and needs to rely on others. Still its great open cms so no complaints here.
And let the upgrades begin! Thanks for the 411 on this one…much appreciated.
I posted about this earlier as well. I never updated to 2.0.6, but I went ahead and updated this time around.
Thanks for posting this update as I had not seen it yet. Just finished updating the site. Any idea if this is how your site got hit last week or had you not done the 2.0.6 security update?
hope this makes it harder for someone to hack your blog.
With 2.1 right around the corner you might want to wait for 2.1.1, if you catch my drift.
Maybe this new update was designed just for you, John.
Does Wordpress always make upgrades this fast ? How easy / difficult is to make this upgrades ?
I just got my bog updated. I seldom go to wordpress to check if there is update. I know about both 2.06 and 2.07 update here. It is good to know that.
Aw, that was an easy update. However, with all the Wordpress hacks I keep hearing about, it seems like a worthwhile upgrade.
As much as I like the upgrade that lists the top commenters… Is there an upgrade that can also display a listing of their comments to read?
Thanks for the updates John.
FT
yup, noticed it right away. need to update
Raghu, the update is very easy if you are coming from 2.0.6 but will be a little more involved if upgrading from an older version.
For the others, try to make a habit of checking your dashboard every now and then as there will always be a post about any updates. This one I happened to see here before seeing it on my dashboard though.
Any idea if site scrapers are being widely used to find old Wordpress blogs?
I should seriously stop editing the provided template functions. Thankfully I started using a lib/ directory with my newer blogs.
Thanks for the note, helped me to remind that I’m still hosting a 2.0.5 blog – pretty much like time to give it an update!