WordPress 2.8.5 Released

Posted on October 20, 2009 by Pete Mall

WordPress version 2.8.5 was released earlier today which addressed several security issues. The WordPress core team had identified several security hardening changes while working on WordPress 2.9 and felt it was worth the effort to back-port these changes to the 2.8 branch.

The headline changes in this release are:

  • A fix for the Trackback Denial-of-Service attack that is currently being seen.
  • Removal of areas within the code where php code in variables was evaluated.
  • Switched the file upload functionality to be whitelisted for all users including Admins.
  • Retiring of the two importers of Tag data from old plugins.

It is recommended to download and upgrade to version 2.8.5 or use the automatic upgrade function of WordPress under Tools > Upgrade from the admin area.

Related posts:

  1. WordPress 2.8.6 Security Release
  2. WordPress MU 2.8.6 Security and Bugfix Release
  3. How to Tweak the WordPress Generator Meta Tag
  4. Show Embedded Waves Only to Logged-in Users
This entry was posted in WordPress. Bookmark the permalink.

One Response to WordPress 2.8.5 Released

  1. Jason Hauritz says:
    October 22, 2009 at 9:25 am

    Thanks for the heads up… time to upgrade!

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>