Just a quick point of clarification. WordPress 2.1.2 is a mandatory security upgrade for all users of 2.1 or 2.1.1
It doesn’t matter if you installed 2.1.1 on the first day it came out, well before the cracker modified the file on wordpress.org. It doesn’t matter if you upgraded to 2.1.1 using SVN. WordPress 2.1.2 has a security fix that 2.1.1 doesn’t have. And it has several fixes that 2.1 doesn’t have. So please, upgrade to 2.1.2 now.
Pingback: Rxbbx Blog Wordpress 2.1.2
Pingback: pseudotecnico:blog » Blog Archive » URGENTE: aggiornate a WordPress 2.1.2!!
Pingback: » WP 2.1.2 nuovo aggiornamento consigliato dato che la 2.1.1 è stata dichiarata pericolosa » WordPress Italy
Pingback: Wolly Weblog » WP 2.1.2 nuovo aggiornamento OBBLIGATORIO dato che la 2.1.1 è stata dichiarata pericolosa
Pingback: L’urlo del coniglio » Wordpress 2.1.1 “crackato”, passare subito a 2.1.2
Pingback: You didn’t hear? Upgrade now! at Holy Shmoly!
Pingback: Aggiornamento critico per Wordpress » StormedBrains
Pingback: gidibao’s Cafe » Blog Archive » Emergency update
Pingback: WordPress 2.1.2 - Viktig sikkerhetsoppgradering | Norsk WP
It would have been more usefull if you said why and what problems its fixes.
Mark – are you having more luck than I am on conveying the enormity of the situation? :-p
Pingback: » Cracker Modifies 2.1.1 Download Files on Wordpress Servers
I linked to the changeset that closed the vulnerability. My main concern right now is making sure everyone upgrades.
Pingback: ThemePress » Donncha: You didn’t hear? Upgrade now!
I upgraded two blogs to 2.1.2, now http://whatever.com/feed/ says it can’t connect to the database!
Whew! Clearing the cache seemed to fix it. …sorry for panicking.
Pingback: Levysoft » Aggiornamento critico a Wordpress 2.1.2
Given the nature of this latest “attack”, would it be possible to be begin providing md5 checksums of all downloads? Or are those already available somewhere?
(Of course, if the attacker was able to modify the download package, he very well might have been able to modify the public checksum as well.)
So no diff file this time? You’ve gotta be kidding me. This isn’t a matter of national security here.
I’m not editing files twice this week. Yes, my upgrade habits are sloppy. That’s why I use diffs.
Gol, id’
….sure like not to hit that stupid ‘submit’ button by accident. =/
Pingback: WordPress 2.1.2 Important Upgrade! If You Didn’t » D’ Technology Weblog — Technology, Blogging, Gadgets, Fashion, Life Style.
Pingback: drivebyshooter.net » Blog Archive » WordPress 2.1.2 is a mandatory upgrade
I’m still having problems with the new WP version and PHP 5.2.1. I don’t get permalinks like “/%category%/%postname%/” to work. Some say it doesn’t happen on PHP 5.1. Does anyone know a workaround for this problem?
Pingback: WordPress Wednesday: Mandatory Update Reminder, WordCamp2007, Instant Upgrade Plugin, SxSW Conference, and More at The Blog Herald
Pingback: WordPress Wednesday: New WordPress Plugin Directory, WordPress Theme Viewer Upgraded, Summer of Code, and More at The Blog Herald
Pingback: WordPress Wednesday: Hot WordPress Plugins, Slideshows on WordPress.com, Translation Trouble, and More at The Blog Herald
Pingback: WordPress Wednesday: New Security Release, Updated WordPressMU, More WordPress Plugins, and Time to Get Naked at The Blog Herald
Pingback: WordPress Wednesday: New Security Release, Updated WordPressMU, More WordPress Plugins, and Time to Get Naked » TechAddress
This post is great. thank you for sharing these helpful infos. I appreciate your work man
hi,
I am very glad to thank yousharing this post.I also appreciate your work here.nice blog
Pingback: Choosing Conference Venues | zikwinner