WORDPRESS 2.3.3 IS AVAILABLE!!!!

Viewing 15 replies - 1 through 15 (of 78 total)
  • Thread Starter whooami

    (@whooami)

    also, if you want just the changed files, in a zip ..Ive made a zip available on my site —

    https://www.village-idiot.org/archives/2008/02/04/wordpress-2-3-3/

    Bugger… Now I have to update 5 sites ??

    Better safe then sorry I guess.

    Thread Starter whooami

    (@whooami)

    Better safe..

    Much.

    Is there a summary of the changes (not just the changed files)? Seems like there should be a “News” category on this site…

    Seems to be a major security fix!

    WordPress 2.3.3 is an urgent security release. A flaw was found in our XML-RPC implementation such that a specially crafted request would allow any valid user to edit posts of any other user on that blog. In addition to fixing this security flaw, 2.3.3 fixes a few minor bugs. If you are interested only in the security fix, download the fixed version of xmlrpc.php and copy it over your existing xmlrpc.php. Otherwise, you can get the entire release here.

    @motocafe: Check the “blog” link at the top of every page (also in your WP Dashboard page).

    *3780 gettext fails to determine byteorder on 64bit systems with php5.2.1
    *5273 some registration emails fail in 2.3.1 b/c of “callout verification”
    *5090 maybe_create_table call to config.php issue.

    In addition to the xmlrpc issue.

    Upgraded all of my sites to the latest available version and everything is working like a charm. ??

    after updating the permalinks “Date and name based” are not functioning. I had to switch to “Default”

    The last time I upgraded I lost all the customization I had made to my theme. Even trying to restore from my backup did not restore the modified files.

    Is there anything different about this upgrade from the last one that deleted weeks worth of work?

    just upload the changed files mentioned above.

    Frewfrux: This might seem overly obvious in hindsight, but don’t change the “Default” theme. If that’s your base, make a copy of it in a sep. theme directory and work from there. That way, updates to Default won’t impact you.

    If I’ve got a blog on 2.2.2 (for plugin reasons) do I need to update that one as well? What release is vulnerable?

    Usually, EVERY earlier release is vulnerable.

    Heh, yeah…Hindsight is 20/20. From the looks of it I can just update specific files. The last update I did was from one version of WordPress to another, so that wasn’t an option.

Viewing 15 replies - 1 through 15 (of 78 total)
  • The topic ‘WORDPRESS 2.3.3 IS AVAILABLE!!!!’ is closed to new replies.