|
Free
Report...
$47.00 Value
|
|
Get Your
Just Click Below! |
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Jul | ||||||
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 | |||
2.7.1, the first 2.7 maintenance release, is now available. 2.7.1 fixes 68 tickets. You can automatically upgrade from 2.7 to 2.7.1 via the Tools->Upgrade menu, or you can download the package and upgrade manually.
Consult the list of fixed tickets and the full set of changes between 2.7 and 2.7.1 for details.
With the release of RC1, we’re in the final leg of development before the release of 2.7. 280 commits since beta 3 have polished the new admin UI (including new menu icons created by the winners of our icon design contest) and fixed all known blocker bugs.
We think RC1 is ready for everyone to try out. Please download RC1 and help us make the final release the best it can be. As always, back up your blog before upgrading.
WordPress 2.7 Beta 3 has been released for your testing pleasure. Here are some of the changes since Beta 2 (over 160 changes in total):
If you have already installed Beta 1 or Beta 2, you can update to Beta 3 via the Tools -> Update menu. If you have problems, or if this is your first time in the 2.7 beta ring, you can download and upgrade the old fashioned way.
WordPress 2.7 Beta 2 is ready. Here is a quick rundown of changes since beta 1.
If you have already installed beta 1, you can update to beta 2 via the Tools -> Update menu. Beta 1 does have a bug in the automatic upgrade that breaks certain setups, so be prepared to download and install Beta 2 manually if you experience problems.
The first public beta of WordPress 2.7 is here at last. Join the thousands of people already testing 2.7 by downloading 2.7 Beta 1. As previously mentioned on this blog, 2.7 is bringing a new visual design. This design is almost completely implemented, but there are still a few areas that aren’t quite finished in Beta 1. There are also several glitches in certain browsers. Beta 1 provides the best experience in Firefox and Safari. Don’t worry, we are working on IE and Opera and will have those looking good in time for the final release.
Speaking of the final release, it will not be available on November 10th as originally scheduled. We are two weeks behind schedule at the moment. We need a little more time to finish the visual design, do a round of user testing against that finished design, and do a proper round of public beta testing. Our plan is to keep working as if Nov. 10 is still the release date. However, instead of releasing the final 2.7 on the 10th, we will make a release candidate available instead. The release candidate is intended to be a high-quality, almost-finished release that we are comfortable recommending for broad use. After Nov. 10, the focus will be on fixing high impact bugs turned up by those of you testing the release candidate. I suspect 2.7 will be ready for final release by the end of November. A specific date will be set as we progress through the public beta cycle and get a feel for how solid the release is.
A vulnerability in the Snoopy library was announced today. WordPress uses Snoopy to fetch the feeds shown in the Dashboard. Although this seems to be a low risk vulnerability for WordPress users, we wanted to get an update out immediately. 2.6.3 is available for download right now. If you don’t want to download the whole release to get the security fix, you can download the following two files and copy them over your 2.6.2 installation.
Stefan Esser recently warned developers of the dangers of SQL Column Truncation and the weakness of mt_rand(). With his help we worked around these problems and are now releasing WordPress 2.6.2. If you allow open registration on your blog, you should definitely upgrade. With open registration enabled, it is possible in WordPress versions 2.6.1 and earlier to craft a username such that it will allow resetting another user’s password to a randomly generated password. The randomly generated password is not disclosed to the attacker, so this problem by itself is annoying but not a security exploit. However, this attack coupled with a weakness in the random number seeding in mt_rand() could be used to predict the randomly generated password. Stefan Esser will release details of the complete attack shortly. The attack is difficult to accomplish, but its mere possibility means we recommend upgrading to 2.6.2.
Other PHP apps are susceptible to this class of attack. To protect all of your apps, grab the latest version of Suhosin. If you’ve already updated Suhosin, your existing WordPress install is already protected from the full exploit. You should still upgrade to 2.6.2 if you allow open user registration so as to prevent the possibility of passwords being randomized.
2.6.2 also contains a handful of bug fixes. Check out the full changeset and list of changed files.
With 2.6.1, we’re continuing our trend of releasing a maintenance release shortly after a major release in order to get fixes for the inevitable “dot zero” bugs into your hands without a long wait. If you’re happy with 2.6, however, keep on using it. You need not upgrade to 2.6.1 if 2.6 is getting the job done.
2.6.1 offers several improvements for international users. Styling of the admin for right-to-left languages is much improved thanks to the efforts of the Farsi and Hebrew translation teams, and a mysterious gettext bug caused by certain PHP configurations is now fixed. For IIS users, 2.6.1 fixes several permalink problems. Image insertion problems in the Press This feature experienced by IE users are also fixed. Of note to everyone is a fix for a performance bug in the admin where those with a lot of plugins would experience slowness on some pages.
Check out the full list of over 60 fixes to see if 2.6.1 has something to offer you. A full diff and list of changed files is also available. Download 2.6.1 and enjoy.
I’m happy to announce that version 2.6 of WordPress.org is now available, almost a month ahead schedule. Version 2.6 “Tyner,” named for jazz pianist McCoy Tyner, contains a number of new features that make WordPress a more powerful CMS: you can now track changes to every post and page and easily post from wherever you are on the web, plus there are dozens of incremental improvements to the features introduced in version 2.5.
We’ve prepared a brief video tour of 2.6, if you have 3 minutes and 29 seconds to spare, it’s worth a watch:
If you’d like to embed the tour video in your blog, copy and paste this code for the high quality version:
<embed src="http://v.wordpress.com/mARhRBcT/fmt_dvd" type="application/x-shockwave-flash" width="640" height="385" flashvars="blog_domain=http://wordpress.org/development/2008/07/wordpress-26/&width=640&height=385"> </embed>
And here’s a smaller version, 400 pixels wide:
<embed src="http://v.wordpress.com/mARhRBcT/fmt_std" type="application/x-shockwave-flash" width="400" height="250" flashvars="blog_domain=http://wordpress.org/development/2008/07/wordpress-26/&width=400&height=250"> </embed>
Here’s a more textual overview of what’s hawt in 2.6:
With the power of modern computers, it’s silly that we still use save and editing metaphors from the time when the most common method of storage was floppy disks. WordPress has always respected the importance of your writing with auto-save, and now we’re taking that to another level by allowing you to view who made what changes when to any post or page through a super-easy interface, much like Wikipedia or a version control system.
This is handy on any blog in case you make a mistake and want to go back to an older version of a post, and it’s super handy for multi-author blogs where you can see every change tracked by person.
A few months ago on my blog we started a conversation about the posting bookmarklet in WordPress and which systems we should look to for inspiration, like Flock, FriendFeed, Facebook, Tumblr, and Delicious. From these suggestions and the Quick Post plugin by Josh Kenzer, we developed a Press This bookmark you can add to your toolbar that provides a fast and smart popup to do posts to your WordPress blog:
For example, if you click “Press This” from a Youtube page it’ll magically extract the video embed code, and if you do it from a Flickr page it’ll make it easy for you to put the image in your post. On my blog I’ve been experimenting with using different categories and the in_category() function — such as video, quote, aside, et cetera — to create a more tumblelog-like format.
Gears is an open source browser extension project started by Google that developers like us can use to give you features we wouldn’t normally be able to. There are a lot of things we can do with Gears in the future, but in this release we’ve stuck to using what’s called a “Local Server” to cache or keep a copy of commonly-used Javascript and CSS files on your computer, which can speed up the loading of some pages by several seconds (they just pop right up!). You can install Gears for Firefox or Internet Explorer, with support for Safari and Opera pending. WordPress works just fine without it, you just get a little extra juice when you have it installed.
Now when you select a theme it pops up a window that shows the theme live with all your content, instead of immediately making it active on your site. This is great for just test driving themes before making a switch over publicly, and it is also helpful when you are developing a theme and need to test it but don’t want everybody to see your ongoing mistakes development.
Here are some of the smaller features and improvements in 2.6:
wp-config file and wp-content directories to a custom location, for “clean” SVN checkouts.WordPress.org had over 75 people contributing code to WordPress 2.6. In addition to the core commit team we had contributions from Dion Hulse, Austin Matzko, Otto42, Benedict Eastaugh, and pishmishy. AaronCampbell and Marco Zehe provided more than a few patches. Back among the top code contributors is Jacob Santos. Alex Concha continues to have WordPress’ back. Joining bug reporting and gardening elite are hakre, Simon Wheatley, mtekk, and Matty Rob. Finally, congratulations to our Peter Westwood on your recent wedding! I’m also proud to announce we’re adding a new core committer to the team: Andrew Ozz (azaozz) has been a huge help to the core team this year, particularly around TinyMCE and making the WYSIWYG something that works for you, not against you.
Because of the new capabilities to make WordPress a clean SVN checkout, plugin and theme authors should do their best to handle forms and posts through WP rather than trying to post to their files directly, here’s a quick Codex article about how to do it using our forward-compatible APIs.
2.6 is pretty much identical to 2.5 from a plugin and theme compatibility point of view, so upgrades from 2.5 should be pretty painless. The 2.5 branch will no longer be maintain so everyone is encouraged to upgrade. Our standard 3-step upgrade instructions apply to this release. There were at least 1,984,047 downloads of the 2.5 series, the fastest growing release we’ve ever had, and I think all of those people will find 2.6 adds a level of polish that really makes WP a pleasure to use every day. (At least I do. :))
There have been rumors and allegations that there was a so-called “easter egg” added to 2.6 early in its development. These rumors and allegations are completely false!
P.S. If you’re a fan of WordPress, consider joining our fan page on Facebook.
Version 2.5.1 of WordPress is now available. It includes a number of bug fixes, performance enhancements, and one very important security fix. We recommend everyone update immediately, particularly if your blog has open registration. The vulnerability is not public but it will be shortly.
In addition to the security fix, 2.5.1 contains many bug fixes. If you are interested only in the security fixes, you can download these corrected copies of wp-includes/pluggable.php, wp-admin/includes/media.php, and wp-admin/media.php. Replace your existing copies of these files with these new copies.
If you download the entire 2.5.1 release, you will be getting over 70 other fixes. 2.5.1 focuses on fixing the most annoying bugs and improving performance. Here are some highlights:
Since 2.5 your wp-config.php file allows a new constant called SECRET_KEY which basically is meant to introduce a little permanent randomness into the cryptographic functions used for cookies in WordPress. You can visit this link we set up to get a unique secret key for your config file. (It’s unique and random on every page load.) Having this line in your config file helps secure your blog.
Many thanks to Steven Murdoch for responsibly reporting the security issue (CVE-2008-1930) and Alex Concha for reporting an XSS issue.
