caerma Posted January 5, 2007 Share Posted January 5, 2007 (edited) We have a pretty important release available for everyone, it includes an important security fix and it's recommended that everyone upgrade. This is the latest release in our stable 2.0 line, which we've committed to maintaining for several more years. Here's what's new: The aforementioned security fixes. HTML quicktags now work in Safari browsers. Comments are filtered to prevent them from messing up your blog layout. Compatibility with PHP/FastCGI setups. For developers, there's a new anti-XSS function called attribute_escape(), and a new filter called "query" which allows you filter any SQL at runtime. (Which is pretty powerful.) Thanks to Mark Jaquith for handling this release and Stefan Esser for responsibly reporting the security issue. As always, you can download the latest version of WordPress here. As a side note, this is probably our last release before 2.1 is out, which will be our first major feature release in quite a while. 2.1 just entered beta stage, so if you're interested in helping out with that process consider joining our beta group. As a reminder, if you're a plugin or theme author you should check your code to make sure it's compatible with 2.1 before the release. Link to comment Share on other sites More sharing options...
Rappy Veteran Posted January 5, 2007 Veteran Share Posted January 5, 2007 Thanks for heads up Caerma :) Donno if i'll update this version...might just wait till 2.1 :) Link to comment Share on other sites More sharing options...
Jase Posted January 5, 2007 Share Posted January 5, 2007 Excellent News :D Link to comment Share on other sites More sharing options...
zeroday Posted January 5, 2007 Share Posted January 5, 2007 (edited) Thanks for the news. edit: can you use fantastico to upgrade? Edited January 5, 2007 by Al Link to comment Share on other sites More sharing options...
MediaSoldier Posted January 5, 2007 Share Posted January 5, 2007 yeah you can Al if your fantastico is up to date on your host i did it with 2.0.4 Link to comment Share on other sites More sharing options...
zeroday Posted January 5, 2007 Share Posted January 5, 2007 I did a manual upgrade, I didnt know you can upgrade with Fantastico :rofl: Oh well, at least its working :D Link to comment Share on other sites More sharing options...
Tech Star Posted January 5, 2007 Share Posted January 5, 2007 Thanks a lot for the update. :) Link to comment Share on other sites More sharing options...
Hurmoth Posted January 5, 2007 Share Posted January 5, 2007 Thanks for the heads up (Y) I'm running 2.0.5, normally I'm big on updating to the latest and great, but I think I'm going to hold off for 2.1. Link to comment Share on other sites More sharing options...
MindTooth Posted January 5, 2007 Share Posted January 5, 2007 (edited) In the process of upgrading.. Ed1t: Uploading. Ed2t: Done. Edited January 5, 2007 by Nordoelum Link to comment Share on other sites More sharing options...
Shaidar Posted January 5, 2007 Share Posted January 5, 2007 I'm surprised to read that some Wordpress users don't immediately update their WP to the latest version. PHP applications are very difficult to secure, a lot of bugs and security holes are fixed in every new version. Not always documented, for obvious reasons. Maybe on a shared hosting it's not that important, but when you are running WP on your own server, my personal opinion is "always update"! Link to comment Share on other sites More sharing options...
Echilon Posted January 7, 2007 Share Posted January 7, 2007 The last time I upgraded, they released a list of all the changes so you could manually update the files if you'd done alot of customisation, but I can't find it anywhere. Is it just for major upgrades? Link to comment Share on other sites More sharing options...
primexx Posted January 7, 2007 Share Posted January 7, 2007 The last time I upgraded, they released a list of all the changes so you could manually update the files if you'd done alot of customisation, but I can't find it anywhere. Is it just for major upgrades? no there is actually someone who looks through comparing the files, and makes a package of only those that changed. I cant find it but i'mm sure it's there. also, the 2.0.5->2.0.6 upgrade guide actually tells you what to overwrite. also, you're supposed to keep a log of what you modify within the source files so it's easy to upgrade later on. Link to comment Share on other sites More sharing options...
Echilon Posted January 7, 2007 Share Posted January 7, 2007 no there is actually someone who looks through comparing the files, and makes a package of only those that changed. I cant find it but i'mm sure it's there.also, the 2.0.5->2.0.6 upgrade guide actually tells you what to overwrite. also, you're supposed to keep a log of what you modify within the source files so it's easy to upgrade later on. You're "supposed" to eat five portions of fruit a day, but how many people actually do? I'll have a trawl through the Wordpress forums tomorrow. Link to comment Share on other sites More sharing options...
bangbang023 Veteran Posted January 7, 2007 Veteran Share Posted January 7, 2007 I'm surprised to read that some Wordpress users don't immediately update their WP to the latest version. PHP applications are very difficult to secure, a lot of bugs and security holes are fixed in every new version. Not always documented, for obvious reasons.Maybe on a shared hosting it's not that important, but when you are running WP on your own server, my personal opinion is "always update"! Indeed. I'm on shared hosting, but I also have a lot of people who do not care for me. I'd be afraid to run a potentially vulnerable backend because I was too lazy to upgrade. Link to comment Share on other sites More sharing options...
Futurix Posted January 7, 2007 Share Posted January 7, 2007 You're "supposed" to eat five portions of fruit a day, but how many people actually do? I'll have a trawl through the Wordpress forums tomorrow. Manual WordPress upgrades are easy - compare your current blog installation with stock 2.0.5 (or whatever version you have), and then apply differences to fresh copy of 2.0.6 (I use WinMerge for this). Link to comment Share on other sites More sharing options...
primexx Posted January 8, 2007 Share Posted January 8, 2007 Manual WordPress upgrades are easy - compare your current blog installation with stock 2.0.5 (or whatever version you have), and then apply differences to fresh copy of 2.0.6 (I use WinMerge for this). nice program! Link to comment Share on other sites More sharing options...
Simon Veteran Posted January 8, 2007 Veteran Share Posted January 8, 2007 For those of you holding off for 2.1, last I heard that would be in 2008. Might be a good idea to keep updating. I'm gonna update mine when my next major site update goes live, hopefully tomorrow. w00t, forum! Link to comment Share on other sites More sharing options...
Rappy Veteran Posted January 8, 2007 Veteran Share Posted January 8, 2007 For those of you holding off for 2.1, last I heard that would be in 2008. Might be a good idea to keep updating.I'm gonna update mine when my next major site update goes live, hopefully tomorrow. w00t, forum! 2008 :| I wasnt going to update but I might do soon then :) Link to comment Share on other sites More sharing options...
bangbang023 Veteran Posted January 8, 2007 Veteran Share Posted January 8, 2007 For those of you holding off for 2.1, last I heard that would be in 2008. Might be a good idea to keep updating.I'm gonna update mine when my next major site update goes live, hopefully tomorrow. w00t, forum! 2008? It's already in the beta phase. Link to comment Share on other sites More sharing options...
Techno_Funky Posted January 8, 2007 Share Posted January 8, 2007 The best blogging CMS ever made IMO ,thanks for the heads up :yes: Link to comment Share on other sites More sharing options...
Aperture Posted January 8, 2007 Share Posted January 8, 2007 2008? It's already in the beta phase. Vista was in beta phase for 4 years. Link to comment Share on other sites More sharing options...
arturogoga Posted January 8, 2007 Share Posted January 8, 2007 Do I have to disable and re-enable my plugins before updating? Or can I just overwrite all the files? Link to comment Share on other sites More sharing options...
zeroday Posted January 8, 2007 Share Posted January 8, 2007 Its recommended to disable them. Link to comment Share on other sites More sharing options...
Justin- Posted January 8, 2007 Share Posted January 8, 2007 I went ahead with 2.1 Beta 1. Works pretty well, I just had a few issues with template tags I didn't use correctly, and I had to fix a plugin that I had modified. I like the new login screen ... I wish they'd make a new Site Admin. :p Link to comment Share on other sites More sharing options...
bangbang023 Veteran Posted January 9, 2007 Veteran Share Posted January 9, 2007 Vista was in beta phase for 4 years. And this is far from being an operating system. Link to comment Share on other sites More sharing options...
Recommended Posts