Comments on: Wordpress 2.04 Beta 2 includes a vital security fix.

By: guvenlik sistemleri

guvenlik sistemleri — Fri, 08 Aug 2008 22:08:20 +0000

Thank you for your post it is valuable information for me

By: Digital Ramble » Blog Archive » wordpress security issue revisited

Digital Ramble » Blog Archive » wordpress security issue revisited — Fri, 28 Jul 2006 17:42:29 +0000

[...] OK, thanks to Brian Layman who did some additional detective work, it turns out there’s a beta release available to plug the security issue. I haven’t installed it yet since I’m not in the position of being seriously compromised by having lots of registered users or comment activity, but for those WordPress bloggers with bigger setups or who don’t want to use the workaround, there are beta versions of WP 2.0.4 (which itself looks to have a stable release out in a few days, which is what I’m waiting for). Check Brian’s article for the latest beta downloads, it looks like they’re being pretty frequently updated right now. [...]

By: Brian

Brian — Fri, 28 Jul 2006 16:58:25 +0000

Beta 3 was released 7 minutes ago at 12:38pm EST/16:38 UTC. I’ve updated the links above to point at beta3. The only change between b2 and b3 is a minor fix I tested and improved for Ryan last night. In some rare circumstances the author link at the bottom of the posts might have been incorrect. Those of us without themes that support multiple authors would be unaffected by this change. So, there’s no real reason to get b3 if you have b2 installed already. The release MAY come sooner than I mentioned in this article. Perhaps by as much as 3 days sooner…but I wouldn’t mind another evening just to try to exploit this version.

By: gattaca

gattaca — Fri, 28 Jul 2006 10:40:57 +0000

Thanks for the clarification. I’m fairly used to people overreacting on the security front. It’s always good to get a level setting before the FUD takes over. That being said I have to head back into my bunker before they detect my presence on the surface.

Thanks for the trackback.

cheers

By: Liquidmatrix Security Digest

Liquidmatrix Security Digest — Fri, 28 Jul 2006 10:32:36 +0000

[...] UPDATE: OK, now I have a much better idea. Thanks to this posting by Bryan Layman at the Code Cave we have some actual information rather than the Chicken Little approach. The really good news is that Ryan Boren released the beta version of WordPress 2.0.4 on Sunday. The Beta2 version of the release includes a fix for this issue. [...]

By: Collin

Collin — Fri, 28 Jul 2006 06:58:30 +0000

Thanks for the trackback.

For my part, I don’t have any other registered users. It’s only me that writes my blog and I have never seen the point of becoming a subscriber on someone else’s blog.

When someone like Dr Dave releases the information then I’m gonna take it kind of seriously. It was simple enough just to nip into my dashboard and turn the option off.

If/when the bug gets fixed I can turn it back on. By spreading the word we can hopefully stop the bug becoming a big problem.

I am running 2.0.3 but I’m not going to update to 2.0.4 yet, I am one of those people that likes stable releases. I’ve played with the beta on my local testing server, but will wait to do my live blogs.

That said, I’m not sure my photoblog is up-to-date…. Oops!