October 24, 2008 – 7:08 am
A vulnerability in the Snoopy library was announced today. WordPress uses Snoopy to fetch the feeds shown in the Dashboard. Although this seems to be a low risk vulnerability for WordPress users, we wanted to get an update out immediately. 2.6.3 is available for download right now. If you don’t want to download the whole […]
September 9, 2008 – 2:30 am
Stefan Esser recently warned developers of the dangers of SQL Column Truncation and the weakness of mt_rand(). With his help we worked around these problems and are now releasing WordPress 2.6.2. If you allow open registration on your blog, you should definitely upgrade. With open registration enabled, it is possible in WordPress versions 2.6.1 and […]
August 15, 2008 – 12:00 pm
With 2.6.1, we’re continuing our trend of releasing a maintenance release shortly after a major release in order to get fixes for the inevitable “dot zero” bugs into your hands without a long wait. If you’re happy with 2.6, however, keep on using it. You need not upgrade to 2.6.1 if 2.6 is getting the […]
We’re doing some usability testing in New York City. Join in if you’re in the area.
April 25, 2008 – 11:54 pm
Version 2.5.1 of WordPress is now available. It includes a number of bug fixes, performance enhancements, and one very important security fix. We recommend everyone update immediately, particularly if your blog has open registration. The vulnerability is not public but it will be shortly.
In addition to the security fix, 2.5.1 contains many bug fixes. […]
February 5, 2008 – 1:02 pm
WordPress 2.3.3 is an urgent security release. If you have registration enabled a flaw was found in the XML-RPC implementation such that a specially crafted request would allow a user to edit posts of other users on that blog. In addition to fixing this security flaw, 2.3.3 fixes a few minor bugs. […]
December 30, 2007 – 6:44 am
WordPress 2.3.2 is an urgent security release that fixes a bug that can be used to expose your draft posts. 2.3.2 also suppresses some error messages that can give away information about your database table structure and limits and stops some information leaks in the XML-RPC and APP implementations. Get 2.3.2 now to […]
October 27, 2007 – 4:55 am
WordPress 2.3.1 is now available. 2.3.1 is a bug-fix and security release for the 2.3 series.
2.3.1 fixes over twenty bugs. Some of the notable fixes are:
Tagging support for Windows Live Writer
Fixes for a login bug that affected those with a Blog Address different than
their WordPress Address
Faster taxonomy database queries, especially tag intersection […]
October 25, 2007 – 6:53 am
WordPress 2.3.1 is almost ready to go. Before we send it out the door, we’re making a release candidate available so everyone can give it a last look.
2.3.1 fixes over twenty bugs. Some of the notable fixes are:
Tagging support for Windows Live Writer
A login bug that affected those with a Blog Address […]
September 19, 2007 – 12:50 pm
The first release candidate for WordPress 2.3 is now available. We’ve spent the week since beta 3 fixing bugs and shaping RC1 into release candidate material. If you would like try RC1 and help us get 2.3 ready for its final release on Monday the 24th, download RC1 here and report any […]
Unknown Feed
BlogoSquare