WordPress v2.0.7 released within 10 days of v2.0.6 – new security fixes

WordPress LogoWordPress v2.0.7 was released just a couple of hours back with a bunch of new security fixes. This release comes within 10 days of the last one (v2.0.6) – which addressed some other vulnerabilities. This is a much smaller update requiring you to replace only a couple of files. However, WordPress stresses on the importance of undergoing this upgrade…

we think it’s important enough for your blog to be secure to do it, and hopefully only having to change a few files will make the upgrade easier than normal.

The updated files are:

  • wp-admin/inline-uploading.php
  • wp-admin/post.php
  • wp-includes/classes.php
  • wp-includes/functions.php
  • wp-settings.php
  • wp-includes/version.php

Here are the list of fixes…

  • Security fix for wp_unregister_GLOBALS() to work around the zend_hash_del_key_or_index bug in PHP 4 versions less than 4.4.3 and PHP 5 versions less than 5.1.4 with register_globals set to “On.”
  • Feeds now properly serve 304 Not Modified headers instead of mismatched 200/304 headers (a.k.a. the FeedBurner bug).
  • Backport of another 304 Not Modified fix from WordPress 2.1
  • Deleting WordPress Pages no longer gives an “Are You Sure?” prompt.
  • After deleting a WordPress Page, you are now properly redirected to the Edit Pages screen.
  • Sending an image at original size in Internet Explorer no longer adds an incorrect “height” attribute.

It is highly recommended that you perform this upgrade. Installation instructions can be found here.

Incidentally, WordPress 2.1 – the next major version it scheduled to be released sometime around the month-end.

Previous release coverage: WordPress 2.0.6 released with security fixes

A raver at heart - the only way I can aptly describe me is a bouncing ball of sheer energy. Blame it all on my air sign - but I find it extremely difficult to affix myself a certain spot (apart from when I'm sitting in with my hi-tech paraphernalia) . Traveling's foremost on my itinerary. Photography comes only second to that.. and of course there's my computer - which is the very essential elixir of life for me & deserves a special mention. My free time's spent in mastering the art of spinning Fire-Pois as well as having fun with my other trip toys. If you've no clue as to what Pois are, check out this site: http://www.homeofpoi.com/ The roar of blazing fire rushing past your ears gives you the most natural high ever. Apart from that Meditation helps me a lot in the course of daily life. I envision myself retiring to a li'l recluse on some secluded white-sanded island surrounded by azure waters - someday in not-too-far future.. and rave like a mad cow till my last breath... ;) On a side note, a lot of my friends have been complaining about the lack of my proper name anywhere in my profile... So here it goes - yours truly is better known as Sourjya Sankar Sen. :D Yeah, I know it's pretty long & winding & almost teeth-breaking, but my name does compliment my length and breadth quite well.

Trackbacks & Pings

  • Final Tag » WordPress v2.0.7 released within 10 days of v2.0.6 - new security fixes :

    […] F.i.n.a.l.t.a.g.m.u.s.t.r.u.n.t.h.e.l.a.t.e.s.t.w.o.r.d.p.r.e.s.s.v.e.r.s.i.o.nread more | digg story […]

    9 years ago
  • WordPress 2.1 is born… | Chaos Laboratory :

    […] This was certainly a very nice way to start the day. I’d just sat down with a steaming cup of tea and fired up my browser, when my news aggregator (FeedReader) popped up a message from one of my acquaintance’s blog regarding a post that outlined the upgrade process to WordPress 2.1. I was so totally taken aback !!! To be honest I wasn’t expecting it anytime before the month-end and in light of the last few security patches, I had even begun doubting whether it would be on schedule. Nevertheless, this came as a very pleasant surprise. […]

    9 years ago

Leave a Reply Text

Your email address will not be published. Required fields are marked *