NEW: Upgrade to 1.5.2

  • Read the dev blog.

    Backing up your database and files is recommended before ANY upgrade

    ==== The official method.====
    Upgrade just like any other upgrade:
    – delete
    /wp-admin
    /wp-includes (but NOT your languages folder!!)
    all wp-* files at root EXCEPT wp-config.php
    (Leave /wp-content and /wp-images alone.)

    – upload the replacements for what you have deleted (so don’t upload /wp-content or /wp-images)

    Use the link in the Dev blog to read the Codex page on upgrading.

    There is no need to run upgrade.php after doing this.

    ====The UNofficial method====
    Right now I don’t have the changelog, but a list of the changed files is below. If you do it this way, you are on your own as far as support is concerned.
    wp-admin/categories.php
    wp-admin/edit-page-form.php
    wp-admin/post.php
    wp-admin/upload.php
    wp-admin/users.php
    wp-commentsrss2.php
    wp-includes/comment-functions.php
    wp-includes/functions-post.php
    wp-includes/pluggable-functions.php
    wp-includes/template-functions-category.php
    wp-includes/version.php
    wp-settings.php
    xmlrpc.php

    These can be downloaded from here:
    https://firasd.ath.cx/wordpress-changed-final.zip

    =====
    Before posting questions, please read all other posts in this thread and also the Codex page. It may well save you time.

Viewing 15 replies - 46 through 60 (of 94 total)
  • Thread Starter Mark (podz)

    (@podz)

    ” i feel like this is owned by b gates”

    All the Linux distros also update – every system updates.
    If the market shares of Windows and Linux were switched, not only would the hackers refocus their attention to Linux, but you’d hear very very little about Windows problems.
    Go drop ‘linux critical updates’ into Google – there are a couple of million hits.

    (This is not to start a Windows / Linux argument, I’m just illustrating a point).

    And no one says you have to upgrade, I’ve stopped updating many of my shareware programs – too dang expensive.

    Call me a noob, if you must, but I have a question… I upgraded, as per the instructions in the first post of this thread, and upon the first log-in, I noticed that my Write Post screen was no longer “broken” in Opera. [by Broken, I mean that my category list was left aligned, but my actual Post box was positioned below it, instead of next to it.].
    I noticed, now, that the category box was aligned to the RIGHT of my POST box, and there were no breaking or styling errors.

    However, I recently logged in again, to see things back the way they were!

    Did I do something wrong, should I install from scratch, am I crazy, has this happened to someone else, etc., are my questions. Hopefully they will be answered shortly. Thanks much. = )

    Wow, I thought I had broken WP for sure.

    I tried the unoffical method first, that broke my WP, probably because I did not run upgrade.php (am I supposed to do this when using the unofficial method? the instructions just say NOT to use it for the official method)

    So then I tried the offical method, did everything perfectly, but still somehow got database connection errors (even though I kept my original wp-config file) seems to be working right now, even though I have not changed anything, all I did was hit F5 a bunch of times. I think I’m in the clear.

    TommyGeorge
    the first thing i would do is empty out your browsers cache to make sure you’re not loading the page from the cache rather than the newest version.

    ut-oh .. disable plugins?? Hmm .. I just converted my 1.5.1.2. version to 1.5.2. using the “unofficial” suggestion, on Page 1 of this forum. I first deleted the files, then copied over the new ones. So far, everything appears to be fine. But, now that I think of it, I remember some of my early plug-ins suggested I modify files besides the template design and plug-in directories.. but i never marked it down. I hope it’s okay. But, I can post. I can see my blog. I think I’m okay. Am I? Are there tell tale signs to look for to indicate it wasn’t a clean upgrade?

    Are you? We certainly don’t know which plugins required you to edit which files. If you overwrote those files, then those plugins more than likely won’t work properly. Are you OK? Only you can tell.

    Just as little warning to all those now installing 1.5.2

    WordPress 1.5.2 does not fix the remote code execution vulnerability. It just renders the published exploit useless.

    After inserting 10 magic characters into the exploit it will still work against 1.5.2

    Thread Starter Mark (podz)

    (@podz)

    I’ve asked for advice on this.

    ionic: I assume you have already contacted [email protected].
    No need to reply if you have (though if you haven’t, please do so).

    EDIT: (didn’t want to bump the thread) After seeing your response below: Thanks!

    Yes I did and it is fixed for 2 days in the Subversion tree.

    Beel: I stand corrected, I did not edit any files in the wp-admin directory, but have added to the folder.. // I have now converted two blogs .. both are unique and I guess share the same database. https://PetLvr.com/blog/ and https://1800HART.com/blog/ .. In both, a plug-in used is “UserOnline” v.1.5 by GaMerz … it seemed to work fine in the first conversion .. In the second conversion, well – I’m getting a bad error that I don’t understand. .

    “WordPress Database Error: You have an error in your SQL Syntax. Check the Manual that corresponds to your MySql server version for the right syntax to use near ‘Set timestamp=1124271908″,ip=’142.161.171.143’, .,. blah blah blah” … Those two numbers are recurring in my sidebar. The second, is my IP address, but don’t know what the first represents. I was as careful on the 2nd conversion and I was on the 1st conversion.

    Any thoughts?

    Thanks for that download, link sure help me out and upgraded my exisiting board to 1.5.2 within second nice work.

    https://henchstersp.xstorm.co.uk/

    Cheers

    Just upgraded four blogs in ~ 10 minutes.

    Longest part was the file upload.

    Great work everyone. Thanks!

    -kj-

    ionic, this was already fixed in 1.5.2, I suggest you go download the packages before you start throwing up secirty advisories on the public forums and creating FUD in unknowing users.

    masquerade, errare humanum est.

    WordPress 1.5.2 does NOT fix the remote code execution exploit.

Viewing 15 replies - 46 through 60 (of 94 total)
  • The topic ‘NEW: Upgrade to 1.5.2’ is closed to new replies.

Tags