WordPress 2.6.5 in detail
WordPress 2.6.5 has been released and includes a number of changes including one security fix, here is a list of the changes in detail:
- Added a check for the correct post_type to
blogger.editPostandblogger.deletePost(#8267). - Updates to
update_post_meta()anddelete_post_meta()to ensure they work correctly with post revisions and don’t create the meta on the revision instead of the post (#7925). - Protection for a very difficult to exploit XSS issue (#8291).
- Fix for an XSS issue with the Atom and RSS feeds on some hosting setups ([9754], [9770]).
For a complete list of all the changes you can read this section of the branches/2.6 log on the WordPress bug tracker.
Note that we have skipping version 2.6.4 and jumped from 2.6.3 to 2.6.5 to avoid confusion with a fake 2.6.4 release that made the rounds.
There is not and never will be a version 2.6.4.
[...] Soeben wurde WordPress 2.6.5 veröffentlicht. Diese Version ist ein Sicherheitsrelease (Details) und behebt einen schwerwiegenden XSS-Exploit, desweiteren wurden einige kleinere Probleme [...]
Ankes Hundeblog » Blog Archiv » Sicherheitsrelease WordPress 2.6.5
November 27, 2008 at 5:35 pm
Thanks muchly for your efforts, I’m pushing the update out to a couple dozen blogs as I type this.
The Dave
November 28, 2008 at 12:13 am
Is there a definitive guide somewhere for the exact procedure to perform an update to a WP-MU site?
I see different instructions in different places and am unsure exactly which pertain to single-site WP and which are for WP-MU.
We are currently running WP-MU v2.6.1 and have never performed an upgrade.
Sorry if this is a noob question. Thanks for any advice.
Paul B
November 28, 2008 at 6:30 pm
@Paul B: I would suggest you try asking on the WP-MU support forums or ask donncha himself.
Peter Westwood
November 29, 2008 at 12:57 pm
I updated to 2.65 and suddenly it’s reverted back to the old dashboard… what happened?
Confused
yoganewbie
November 30, 2008 at 1:35 am
@Yoganewbie: I am not sure what you mean by that. There were no changes to the dashboard in 2.6.5.
If you want to follow up on this you would do better to post on the http://wordpress.org support forums where I am sure someone will help you.
Peter Westwood
November 30, 2008 at 9:31 am
Thank You Peter,
I figured it out. There was just a loose nut on my keyoboard. LOL
I was using the 2.7 beta 3 and I went back to 2.6.5
yoganewbie
November 30, 2008 at 3:31 pm
[...] Peter Westwood: WordPress 2.6.5 in detail – WordPress 2.6.5 has been released and includes a number of changes including one security fix, here is a list of the changes in detail:Add… [...]
Weekend Links - Nov 26, 2008 « OMNINOGGIN
December 11, 2008 at 7:41 pm
[...] announced a WordPress 2.6.3 XSS Vulnerability which is covered by those who upgraded to WordPress 2.6.5 a few months ago. They also reported on WordPress Security Predictions in 2009 which may include spoofing and DNS [...]
WordPress News: WordPress Resolutions, Tattoos, LiveJournal, Converters, Security, Plugins, and More « Lorelle on WordPress
January 18, 2009 at 8:26 pm
[...] think this vunerability was cleaned up in WordPress 2.6.5, but I’m not sure as I can’t find anyone else talking about this [...]
State Of Flux » Blog Archive » My WordPress install was hacked - oh no! - always changing
February 3, 2009 at 3:46 am