Posts Tagged ‘2.6’

« Older Entries
26th November 2008

WordPress 2.6.5

Posted by Lester Chan at 02:23 in WordPress

WordPress 2.6.5 has been released. This release fixes a security problem as well as 3 other minor fixes.

he security issue is an XSS exploit discovered by Jeremias Reith that fortunately only affects IP-based virtual servers running on Apache 2.x. If you are interested only in the security fix, copy wp-includes/feed.php and wp-includes/version.php from the 2.6.5 release package.

2.6.5 contains three other small fixes in addition to the XSS fix. The first prevents accidentally saving post meta information to a revision. The second prevents XML-RPC from fetching incorrect post types. The third adds some user ID sanitization during bulk delete requests. For a list of changed files, consult the full changeset between 2.6.3 and 2.6.5.

Note that we are skipping version 2.6.4 and jumping from 2.6.3 to 2.6.5 to avoid confusion with a fake 2.6.4 release that made the rounds. There is not and never will be a version 2.6.4.

5 files have been changed:

  1. /wp-admin/users.php
  2. /wp-includes/feed.php
  3. /wp-includes/post.php
  4. /wp-includes/version.php
  5. xmlrpc.php

You can just download this 5 files and upload it to your server

Tags: ,

2 Comments | 3,577 views

Email This Post Email This Post Print This Post Print This Post

1 Star2 Stars3 Stars4 Stars5 Stars (29 votes, average: 3.52 out of 5)
24th October 2008

WordPress 2.6.3

Posted by Lester Chan at 12:14 in WP-RelativeDate, WordPress

WordPress 2.6.3 is out, it fixes a Snoopy class vulnerability.

A vulnerability in the Snoopy library was announced today. WordPress uses Snoopy to fetch the feeds shown in the Dashboard. Although this seems to be a low risk vulnerability for WordPress users, we wanted to get an update out immediately. 2.6.3 is available for download right now. If you don’t want to download the whole release to get the security fix, you can download the following two files and copy them over your 2.6.2 installation.

Replace these 2 files:

  1. wp-includes/class-snoopy.php
  2. wp-includes/version.php

Download full version:

Tags: ,

Comments Off | 2,124 views

Email This Post Email This Post Print This Post Print This Post

1 Star2 Stars3 Stars4 Stars5 Stars (42 votes, average: 3.86 out of 5)
9th September 2008

WordPress 2.6.2

Posted by Lester Chan at 09:49 in Site, WordPress

WordPress 2.6.2 has been released.

Stefan Esser recently warned developers of the dangers of SQL Column Truncation and the weakness of mt_rand(). With his help we worked around these problems and are now releasing WordPress 2.6.2. If you allow open registration on your blog, you should definitely upgrade. With open registration enabled, it is possible in WordPress versions 2.6.1 and earlier to craft a username such that it will allow resetting another user’s password to a randomly generated password. The randomly generated password is not disclosed to the attacker, so this problem by itself is annoying but not a security exploit. However, this attack coupled with a weakness in the random number seeding in mt_rand() could be used to predict the randomly generated password. Stefan Esser will release details of the complete attack shortly. The attack is difficult to accomplish, but its mere possibility means we recommend upgrading to 2.6.2.

Here is a list of bugs fixed:

  • Can’t control where a user redirects to when they log in
  • Bug in textpattern import
  • include mysql version in version check query string
  • RSS widget shouldn’t link if there isn’t a link
  • get_post_meta fails to unserialize when $single=false
  • typing error in wp-settings.php
  • comment_max_links causes confusion when zero
  • get_posts not working properly
  • Insert image into post always inserts full size
  • Filter news on templates cant work
  • Typo in post revisions

Here is a list of changed files:

  • wp-login.php
  • wp-settings.php
  • /wp-includes/formatting.php
  • /wp-includes/pluggable.php
  • /wp-includes/post.php
  • /wp-includes/query.php
  • /wp-includes/version.php
  • /wp-includes/widgets.php
  • /wp-admin/css/press-this-ie.css
  • /wp-admin/import/textpattern.php
  • /wp-admin/includes/image.php
  • /wp-admin/includes/template.php

Download WordPress 2.6.2

Tags: ,

2 Comments | 3,595 views

Email This Post Email This Post Print This Post Print This Post

1 Star2 Stars3 Stars4 Stars5 Stars (77 votes, average: 3.62 out of 5)
15th August 2008

WordPress 2.6.1

Posted by Lester Chan at 13:32 in Site, WordPress

WordPress 2.6.1 has been released and it is a very minor release. Not security flaws has been found and hence WordPress 2.6.1 is not a security fix so if you are comfortable with WordPress 2.6 like me, you don’t have to upgrade.

2.6.1 offers several improvements for international users. Styling of the admin for right-to-left languages is much improved thanks to the efforts of the Farsi and Hebrew translation teams, and a mysterious gettext bug caused by certain PHP configurations is now fixed. For IIS users, 2.6.1 fixes several permalink problems. Image insertion problems in the Press This feature experienced by IE users are also fixed. Of note to everyone is a fix for a performance bug in the admin where those with a lot of plugins would experience slowness on some pages.

I am so looking forward to WordPress 2.7 as lots of features which are available as plugin will be built into the core.

Download WordPress 2.6.1

*UPDATE* I decided to upgrade to stopped the nagging upgrading message to appear.

Tags: ,

13 Comments | 4,698 views

Email This Post Email This Post Print This Post Print This Post

1 Star2 Stars3 Stars4 Stars5 Stars (202 votes, average: 3.82 out of 5)
15th July 2008

Lester Chan’s WordPress Plugins July 2008 Update

Posted by Lester Chan at 22:50 in WP-Ban, WP-DBManager, WP-DownloadManager, WP-EMail, WP-PageNavi, WP-PluginsUsed, WP-Polls, WP-PostRatings, WP-PostViews, WP-Print, WP-RelativeDate, WP-ServerInfo, WP-Stats, WP-Sticky, WP-UserOnline

Here is my July 2008 WordPress plugins update containing all my 15 WordPress plugins. All of them should work on WordPress 2.5 as well as WordPress 2.6. It is not tested for any version below that.

In general, most of the updates are bug fixes. These updates in theory should be able to work till WordPress 2.7 when it comes out end of this year.

My new semester will begin on 2nd week August 2008, and hence I will be busy with my school work. So no updates to my plugins will be out till the end of this year unless it is a critical bug or a security issue.

Be sure to read the readme.html and checkout the changelog for more information and most importantly NOTE THE TABS AT THE TOP

WP-Ban 1.31
» Readme/Changelog
» Download Mirror #1
» Download Mirror #2
» Support Forum

WP-DBManager 2.31
» Readme/Changelog
» Download Mirror #1
» Download Mirror #2
» Support Forum

WP-DownloadManager 1.31
» Readme/Changelog
» Demo
» Download Mirror #1
» Download Mirror #2
» Support Forum

WP-EMail 2.31
» Readme/Changelog
» Demo
» Download Mirror #1
» Download Mirror #2
» Support Forum

WP-PageNavi 2.31
» Readme/Changelog
» Demo
» Download Mirror #1
» Download Mirror #2
» Support Forum

WP-PluginsUsed 1.31
» Readme/Changelog
» Demo
» Download Mirror #1
» Download Mirror #2
» Support Forum

WP-Polls 2.31
» Readme/Changelog
» Demo
» Download Mirror #1
» Download Mirror #2
» Support Forum

WP-PostRatings 1.31
» Readme/Changelog
» Demo
» Download Mirror #1
» Download Mirror #2
» Support Forum

WP-PostViews 1.31
» Readme/Changelog
» Demo
» Download Mirror #1
» Download Mirror #2
» Support Forum

WP-Print 2.31
» Readme/Changelog
» Demo
» Download Mirror #1
» Download Mirror #2
» Support Forum

WP-RelativeDate 1.31
» Readme/Changelog
» Demo
» Download Mirror #1
» Download Mirror #2
» Support Forum

WP-ServerInfo 1.31
» Readme/Changelog
» Download Mirror #1
» Download Mirror #2
» Support Forum

WP-Sticky 1.31
» Readme/Changelog
» Demo
» Download Mirror #1
» Download Mirror #2
» Support Forum

WP-Stats 2.31
» Readme/Changelog
» Demo
» Download Mirror #1
» Download Mirror #2
» Support Forum

WP-Useronline 2.31
» Readme/Changelog
» Demo
» Download Mirror #1
» Download Mirror #2
» Support Forum

If you like or love my plugins a lot, do consider making a donation to me. My Paypal email address is lesterchan AT gmail DOT com. Thank you =D

Tags: ,

25 Comments | 6,832 views

Email This Post Email This Post Print This Post Print This Post

1 Star2 Stars3 Stars4 Stars5 Stars (78 votes, average: 4.13 out of 5)

Updated To WordPress 2.6

Posted by Lester Chan at 14:49 in Plugins, Site

I have updated this site to WordPress 2.6 along with the latest versions of my plugins. Do report any bug you find =)

I will release all my plugins updates tomorrow.

Tags:

6 Comments | 2,745 views

Email This Post Email This Post Print This Post Print This Post

1 Star2 Stars3 Stars4 Stars5 Stars (30 votes, average: 3.97 out of 5)

WordPress 2.6 Release

Posted by Lester Chan at 14:16 in WordPress

WordPress 2.6 has been released.

Here are some new features of WordPress 2.6:

  • Post Revisions: Wiki-like tracking of edits
  • Press This!: Post from wherever you are on the web
  • Shift Gears: Turbo-speed your blogging
  • Theme Previews: See it before your audience does
  • Word count
  • Image captions under your image
  • Bulk management of plugins
  • A completely revamped image control to allow for easier inserting, floating, and resizing. It’s now fully integrated with the WYSIWYG
  • Drag-and-drop reordering of Galleries
  • Plugin update notification bubble
  • Customizable default avatars
  • You can now upload media when in full-screen mode
  • Remote publishing via XML-RPC and APP is now secure (off) by default
  • Full SSL support in the core, and the ability to force SSL for security
  • You can now have many thousands of pages or categories with no interface issues
  • Ability to move your wp-config file and wp-content directories to a custom location, for “clean” SVN checkouts
  • Select a range of checkboxes with “shift-click.”
  • You can toggle between the Flash uploader and the classic one
  • A number of proactive security enhancements, including cookies and database interactions
  • Stronger better faster versions of TinyMCE, jQuery, and jQuery UI

2.6 is pretty much identical to 2.5 from a plugin and theme compatibility point of view, so upgrades from 2.5 should be pretty painless. The 2.5 branch will no longer be maintain so everyone is encouraged to upgrade.

» Download WordPress 2.6

PS: The current version of my plugins should work well with WordPress 2.6 except WP-DownloadManager. Nevertheless, I will release updates to all of them tomorrow.

Tags: , ,

1 Comment | 4,613 views

Email This Post Email This Post Print This Post Print This Post

1 Star2 Stars3 Stars4 Stars5 Stars (18 votes, average: 4.06 out of 5)
3rd July 2008

Beta Version Of My Plugins Updated To WordPress 2.6

Posted by Lester Chan at 16:39 in Plugins, Site

Whenever WordPress releases a .1 update and it is during my school holidays (May to August) or (December to January). I am always able to get all my plugins compatible with it before it is actually released and have some buffer for testing.

I had spent the whole night yesterday making my plugins work wells with WordPress 2.6 and perhaps even WordPress 2.7 while maintaining the backward compatibility with WordPress 2.5.

All my 15 plugins are available at the Downloads Page under Beta Scripts. It used to be 16 plugins, but I stopped developing WP-Wap and hence it became 15.

Do help me test it out either on WordPress 2.5 or WordPress 2.6 Beta. They should work just fine for both versions.

This site is running all 15 of them and it is based on WordPress 2.5. If you found any of my plugins that are not working well on this site, do let me know as well. I will update this site to WordPress 2.6 when RC1 comes out.

If everything goes fine, I will release the updates 2 days after WordPress 2.6 is being released.

PS: My mom always nag at me to get a job especially during my 3 months (summer holidays) from May to August. But I told her by developing plugins, I can get donations as well. If you really like my plugins and appreciate my effort that I have put into it, do drop me a donation. My Paypal email is lesterchan AT gmail DOT com. Thank You =)

Tags: ,

5 Comments | 2,213 views

Email This Post Email This Post Print This Post Print This Post

1 Star2 Stars3 Stars4 Stars5 Stars (58 votes, average: 3.91 out of 5)
2nd July 2008

My Plugins With WordPress 2.6 Part 2

Posted by Lester Chan at 18:46 in Plugins, WordPress

My good friend Ozh has written an article entitled, What Plugin Coders Must Know About WordPress 2.6. It is a good read if you are a plugin developer for WordPress.

Both of us have came to a conclusion that if you move your /wp-content/ folder to elsewhere, you may need to manually specify the path to wp-config.php in the respective plugins that make use of them as there is no 100% way of guessing the path to wp-config.php.

So my recommendation is DO NOT MOVE the /wp-content/ folder. It is OK to move wp-config.php to a level higher, but try not to touch /wp-content/.

With regards to my plugins, I will release a .01 update bringing the version to 1.31 and 2.31 for the respective plugins. This update will make sure that the plugin will work for BOTH WordPress 2.5 and WordPress 2.6. That is right, I will maintain backward compatibility with WordPress 2.5 for the next update as WordPress 2.6 is just a minor release.

When WordPress 2.7 comes out in November 2008, I will bump all the versions to 1.40 and 2.40 respectively and I will remove the backward compatibility feature to WordPress 2.5.

Tags: ,

4 Comments | 2,656 views

Email This Post Email This Post Print This Post Print This Post

1 Star2 Stars3 Stars4 Stars5 Stars (36 votes, average: 3.94 out of 5)
25th June 2008

My Plugins With WordPress 2.6 Beta

Posted by Lester Chan at 03:03 in Plugins, WordPress

I have downloaded WordPress 2.6 Beta 1 and installed it. Not much difference from WordPress 2.5 in terms of the layout.

Now on the extreme top menu on the extreme right, there is a link called “Speed up!” which links to Google Gears.

In the Dashboard, right under “Right Now”, there is a comment break down added to it. Here is an example: “You have 1 post, 1 page, contained within 1 category and 0 tags. Current comment break down: 1 total, 1 approved, 0 spam and 0 awaiting moderation.”

When you write a page or post, underneath the “Save” and “Published” button, there is a word count indicator.

The display of themes under “Available Themes” has also changed a little.

Now back to serious business.

I am still deciding whether or not to maintain WordPress 2.5 compatibility for the next wave of updates for my plugins as WordPress 2.6 introduces a lot of constants like “WP_PLUGIN_URL”, “WP_PLUGIN_DIR”
“WP_CONTENT_DIR”, “WP_CONTENT_URL”, etc.

2 potential issues that would break my plugin in WordPress 2.6 and I will be unable to fix it unless I find another way to do the AJAX, “Allow wp-config.php to exist one level up from WordPress root directory
and “Allow wp-content directory to exist in a custom location (not relative to ABSPATH)“.

Argh! WordPress 2.5 has the shortest development cycle!

Tags: ,

7 Comments | 3,121 views

Email This Post Email This Post Print This Post Print This Post

1 Star2 Stars3 Stars4 Stars5 Stars (53 votes, average: 3.77 out of 5)
« Older Entries

 

Page 1 of 212»