WordPress 3.8 Beta 1

Wow that was quick, WordPress 3.8 Beta 1 has been released and the final release is targeted for Thursday, 12th December 2013!

I am looking forward to the new admin UI!

  • The new admin design, especially the responsive aspect of it. Try it out on different devices and browsers, see how it goes, especially the more complex pages like widgets or seldom-looked-at-places like Press This. Color schemes, which you can change on your profile, have also been spruced up.
  • The dashboard homepage has been refreshed, poke and prod it.
  • Choosing themes under Appearance is completely different, try to break it however possible.
  • There’s a new default theme, Twenty Fourteen.
  • Over 250 issues closed already.

Download: WordPress 3.8 Beta 1

1 Star2 Stars3 Stars4 Stars5 Stars (71 votes, average: 3.85 out of 5)

WordPress 3.5.2

WordPress 3.5.2 has been released and this is a security fix which fixes 12 bugs including the following security issues:

  • Blocking server-side request forgery attacks, which could potentially enable an attacker to gain access to a site.
  • Disallow contributors from improperly publishing posts, reported by Konstantin Kovshenin, or reassigning the post’s authorship, reported by Luke Bryan.
  • An update to the SWFUpload external library to fix cross-site scripting vulnerabilities. Reported by mala and Szymon Gruszecki.
  • Prevention of a denial of service attack, affecting sites using password-protected posts.
  • An update to an external TinyMCE library to fix a cross-site scripting vulnerability. Reported by Wan Ikram.
  • Multiple fixes for cross-site scripting. Reported by Andrea Santese and Rodrigo.
  • Avoid disclosing a full file path when a upload fails. Reported by Jakub Galczyk.

You ae advised to upgrade immediately.

Download: WordPress 3.5.2 or visit Dashboard -> Updates in your site admin to update now.

1 Star2 Stars3 Stars4 Stars5 Stars (59 votes, average: 3.85 out of 5)

WordPress 2.3 Released

WordPress 2.3 has been released and I have updated this site to it without any problems.

Copy + Paste from Development Blog

  1. Native tagging support allows you to use tags in addition to categories on your post, if you so choose. We’ve included importers for the Ultimate Tag Warrior, Jerome’s Keywords, Simple Tags, and Bunny’s Technorati Tag plugins so if you’ve already been using a tagging plugin you can bring your data into the new system. The tagging system is also wicked-fast, so your host won’t mind.
  2. Our new update notification lets you know when there is a new release of WordPress or when any of the plugins you use has an update available. It works by sending your blog URL, plugins, and version information to our new api.wordpress.org service which then compares it to the plugin database and tells you what the latest and greatest is you can use.
  3. We’ve cleaned up URLs a bunch in a feature we call canonical URLs which does things like enforce your no-www preference, redirect posts with changed slugs so a link never goes bad, redirect URLs that get cut off in emails on similar to the correct post, and much more. This helps your users, and it also helps your search engine optimization, as search engines like for each page to be available in one canonical location.
  4. Our new pending review feature will be great for multi-author blogs. It allows authors to submit a post for review by an editor or administrator, where before they would just have to save a draft and hope someone noticed it.
  5. There is new advanced WYSIWYG functionality (we call it the kitchen sink button) that allows you to access some features of TinyMCE that were previously hidden.
  6. Full and complete Atom 1.0 support, including the publishing protocol.
  7. We’re using the new jQuery whis is “800% faster.”
  8. Behind the user-facing tags system is a really kickass taxonomy system which, which adds a ton of flexibility. It’s probably the biggest schema upgrade since version 1.5.
  9. The importers have been revamped to be more memory efficient, and you can now add an importer through a plugin.
  10. Through hooks and filters you can now override the update system, the dashboard RSS feeds, the feed parser, and tons more than you could in 2.2.
  11. The new $wpdb->prepare() way of doing SQL queries.
  12. Finally there were over 351 tickets in Trac closed for this release, with over a hundred people contributing. This is the polish, the hundreds of tiny bug fixes and features that make WordPress what it is.

More detailed changes can be found in WordPress Codex.

1 Star2 Stars3 Stars4 Stars5 Stars (39 votes, average: 3.85 out of 5)

WordPress 2.8.4

WordPress 2.8.4 has been released and also similar to WordPress 2.8.3, this is a security fix.

Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying.

Changelog: WordPress 2.8.4
Download: WordPress 2.8.4
Download: Modified files since WordPress 2.8.3

1 Star2 Stars3 Stars4 Stars5 Stars (567 votes, average: 3.84 out of 5)

WordPress 2.8.1

WordPress 2.8.1 has been released.

WordPress 2.8.1 fixes many bugs and tightens security for plugin administration pages. Core Security Technologies notified us that admin pages added by certain plugins could be viewed by unprivileged users, resulting in information being leaked. Not all plugins are vulnerable to this problem, but we advise upgrading to 2.8.1 to be safe.

Some of the fixes:

  • Certain themes were calling get_categories() in such a way that it would fail in 2.8. 2.8.1 works around this so these themes won’t have to change.
  • Dashboard memory usage is reduced. Some people were running out of memory when loading the dashboard, resulting in an incomplete page.
  • The automatic upgrade no longer accidentally deletes files when cleaning up from a failed upgrade.
  • A problem where the rich text editor wasn’t being loaded due to compression issues has been worked around.
  • Extra security has been put in place to better protect you from plugins that do not do explicit permission checks.
  • Translation of role names fixed.
  • wp_page_menu() defaults to sorting by the user specified menu order rather than the page title.
  • Upload error messages are now correctly reported.
  • Autosave error experienced by some IE users is fixed.
  • Styling glitch in the plugin editor fixed.
  • SSH2 filesystem requirements updated.
  • Switched back to curl as the default transport.
  • Updated the translation library to avoid a problem with mbstring.func_overload.
  • Stricter inline style sanitization.
  • Stricter menu security.
  • Disabled code highlighting due to browser incompatibilities.
  • RTL layout fixes.

Full Changelog in WordPress 2.8.1

Download: WordPress 2.8.1

1 Star2 Stars3 Stars4 Stars5 Stars (193 votes, average: 3.84 out of 5)