WordPress 2.6.5 Releases and WordPress 2.7 Countdown
WordPress 2.6.5 is available and fixes one security problem and three bugs. If your hosting is supplied with Fantastico Deluxe Software please check to see you upgrade options. While the countdown of the eagerly awaited full version of WordPress 2.7 will be released December 10, though it could be sooner if testing on WordPress.com goes well. We recommend everyone upgrade to WordPress 2.6.5 urgently.
NumAfrica hosted blogs can upgrade with Fantastico via cpanel which creates a backup during the upgrade. This saves you from having to download and then upgrade your wordpress installation.
So why upgrade ? The security issue is an XSS exploit discovered by Jeremias Reith that fortunately only affects IP-based virtual servers. If you are interested only in the security fix, copy wp-includes/feed.php and wp-includes/version.php from the 2.6.5 release package.
2.6.5 contains three other small fixes in addition to the XSS fix. The first prevents accidentally saving post meta information to a revision. The second prevents XML-RPC from fetching incorrect post types. The third adds some user ID sanitization during bulk delete requests. For a list of changed files, consult the full changeset between 2.6.3 and 2.6.5.
Note that WordPress are skipping version 2.6.4 and jumping from 2.6.3 to 2.6.5 to avoid confusion with a fake 2.6.4 release that made the rounds. There is not and never will be a version WordPress 2.6.4.
Update Now: Due to the recent security release of WordPress 2.6.5 and the stable WordPress 2.7 Release Candidate 1, it is recommended that you upgrade to RC1 so when the final WordPress 2.7 version is released, the automatic upgrade will update your version quickly and easily.
Some breaks in themes and plugins have been reported so if you upgrade from older versions of WordPress, see Upgrading WordPress in the WordPress Codex, the online manual for WordPress Users, and if you need more help, see the extended upgrade instructions. Backup or wait for the Fantastico Software update.
Tags: Cpanel, Fantastico, NumAfrica, security, Software, WordPress
You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.