Wordpress Version 2.3.2 Released

Sunday, December 30th, 2007 | Web Thinkering

Just before the year 2007 ends, Wordpress has released an urgent security version with a fix for a bug that exposes draft posts. The versions DB error page can also be customized with template. It seems that wordpress 2.3.1 has a loop-hole where it can give away your current database’ table structure.

Included in the WP 2.3.2 version were the following fixes:

  • sanitize_post and sanitize_post_field are very expensive no-ops 
  • wp_list_pages - set ‘hierarchical’ to 0 on ‘include’ 
  • Suppress DB errors unless WP_DEBUG is true 
  • Custom DB Error Page 
  • Limit post_password exposure in XML-RPC
  • etaWeblog.getRecentPosts 
  • query.php mistakenly uses is_admin() to check for admin privileges 
  • setup-config.php, install.php don’t check for a valid MySQL connection

No comments yet.

Leave a comment

PowWeb Hosting - Only $3.88 per month

Search