WordPress 2.3.2 Available for Download
WordPress has just released an urgent security update for the 2.3 series. If you’re blog is powered by WordPress 2.3, then you should upgrade to this latest version right away. The upgrade fixes a security bug that allows people to view your timestamped posts. You may have seen a few posts around Blogsphere showing how to see what Shoemoney is going to post tomorrow. Well, once Shoe upgrades his WordPress, you won’t be able to do that anymore.
WordPress 2.3.2 also suppresses some error messages that can give away information about your database table structure and limits and stops some information leaks in the XML-RPC and APP implementations. There’s also a bonus that allows you to define a custom DB error page. See the full list of changes here.
This is not a major release and as such it will not change your DB structure. Upgrading should be as easy as uploading and replacing the old WordPress files. That’s what I did anyway. You can see a list of full bug fixes here.
- Posted in Wordpress
- 38 comments what's your take?
Sorry, the comment form is closed at this time.
Loading ...
WordPress Never Stop !!
Reply to this commentWell at least they do improve and serve us with more secure platform rather than just ignore the bugs.
Reply to this commentI know that if you know the URL of a post you can view it before it goes live but I didn’t know there was another way.
I better go update now.
Reply to this commentdoes anybody else know, how? it could be cool as a little test
Reply to this commentI noticed the time stamp issue and thought that it shouldn’t work that way, but then just dismissed it. I guess that for the A-list bloggers, it could be detrimental for others to see your post before it’s officially published.
Reply to this commentThanks! I probably wouldn’t have updated until much later if it wasn’t for this post
Reply to this commentThanks, i’ll be upgrading my blog shortly.
Reply to this commentGood catch and good explanation, John. Funny, I took more than an hour off to drink coffee and work down the list of un-reads in my feedreader this morning and I didn’t come across anyone else mentioning this until I got to you (saving the best ’til last ;-)).
I highly recommend techie-buzz’s automatic update plug-in. makes these upgrades a snap and also let’s you do backup as part of the process very painlessly. It’s available at:
Reply to this commenthttp://techie-buzz.com/wordpress-plugins/wordpress-automatic-upgrade-plugin.html
for those who hate manual piece by piece updating.
Thanks for the info John… and thanks for the link to the Wordpress plugin Dave, it’s gonna make updating all my blogs that much faster!
Reply to this commentGood work Mr Chow. I just read it here first! The automatic updater you turned me on to wrks a treat as well. Cheers!
Reply to this commentYes I saw on my blog Dashboard about New Version Update i didnt update yet , I wanna do this soon
Reply to this commentDarn! If only I knew about this earlier, so I could have sneaked into posts
-Mike
Reply to this commentDam, I’ve like 6 blogs that will need updating. Thanks for the heads up.
Reply to this commentuse the plugin..it will be easier and fun
Reply to this commentno one can read my timestamped posts
Reply to this commentgoooooo wordpress!
Reply to this commentThanks a lot for the heads up!
Reply to this commentFor people who want to have a full secure on his work or personal detail, upgrading would be a good idea. Thanks for showing us John.
Reply to this commentThanks for the heads up
Reply to this commentNewbie question. I’ve never done this before. Will I lose all of the tweaks, such as custom header, installed widgets, and other stuff that I’ve done?
If so, is there an easy way to get everything back? I just don’t want to end up back at the basic Kubrick design. Thanks a lot.
Reply to this commentNo you will not lose those.Made a backup anyway before upgrading.
Reply to this commentWill do. Thank you.
Reply to this commentI’m still updating. Heck, I never knew you could see what Shoe was posting, before he posted it.
Reply to this commentThx for the tip.
Reply to this commentWordpress just continues to updates and give the best to it’s users.
Reply to this commentThanks for the heads up on this John.
Reply to this commentThank you for the info about the update. Security is the first.
Reply to this commentAfter the upgrade several of my plug-ins stopped working. Specifically, Brian’s Threaded Comments, and WP-Cache. Anyone else running into this? My comments look terrible now.
Reply to this commentI know what I did find, my theme no longer displays correctly, I had to go back to 2.3.1 to get it to work properly again.
Reply to this commentHere technical reason documentation.
Reply to this comment=== WordPress Charset SQL Injection Vulnerability ===
exact=1&sentence=1&s=%b3%27)))/**/AND/**/ID=-1/**/UNION/**/SELECT/**/1,2,3,4,5,user_pass,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24/**/FROM/**/wp_users%23
I don’t know if I’m going to upgrade right away or not. Decisions, decisions.
Reply to this commentThanks for reporting it, John. My blog jumped from 50 to 200 subscribers today.
Reply to this commentFor many, they rather people read their timestamp posts since it gives them one more visitors
Reply to this comment“If you’re blog is powered by WordPress”
No, I am not a blog.
Reply to this comment