WordPress (Version 2.6.5)
  • No Related Posts
    Pages
    Categories
    Archives
    Premium Themes
By Wordpress | No CommentsLeave a Comment
Last updated: Wednesday, November 26, 2008 | 2035 Views

WordPress 2.6.5 is immediately available and fixes one security problem and three bugs. We recommend everyone upgrade to this release.

The security issue is an XSS exploit discovered by Jeremias Reith that fortunately only affects IP-based virtual servers running on Apache 2.x. If you are interested only in the security fix, copy wp-includes/feed.php and wp-includes/version.php from the 2.6.5 release package.

2.6.5 contains three other small fixes in addition to the XSS fix. The first prevents accidentally saving post meta information to a revision. The second prevents XML-RPC from fetching incorrect post types. The third adds some user ID sanitization during bulk delete requests. For a list of changed files, consult the full changeset between 2.6.3 and 2.6.5.

Note that we are skipping version 2.6.4 and jumping from 2.6.3 to 2.6.5 to avoid confusion with a fake 2.6.4 release that made the rounds. There is not and never will be a version 2.6.4.

The latest stable release of WordPress (Version 2.6.5) is available in two formats from the links to your right.

What’s Next?

With our famous 5-minute installation, setting up WordPress for the first time is simple. We’ve created a handy guide to see you through the installation process. If you’re upgrading your existing installation, we’ve got a guide for that, too. And should you run into any trouble along the way, our support forums are a great resource, where seasoned WordPress experts volunteer their time to help you get the most out of your blog.

FR

Une nouvelle version de Wordpress taggée 2.6.5 vient de voir le jour. Elle patche juste un petit problème de sécurité. Vous n’êtes pas obligé de tout envoyer mais juste de mettre à jour les 2 fichiers suivants :

  • /wp-includes/post.php
  • /wp-includes/version.php
  • /wp-includes/feed.php
  • /xmlrpc.php
  • /wp-admin/users.php

Et sinon, oui, je confirme, il n’y a pas eu de version 2.6.4 car une fausse 2.6.4 contenant pleins de backdoor a trainé sur le net il y a peu… L’équipe de wordpress est donc passé direct à la 2.6.5

http://wordpress.org/latest.zip

Comments

There are no comments just yet

Leave a Comment

    Most Recent
    Most Popular
    Recent Comments
All free Wordpress - Theme By Theme Studio.ma.
RSS FeedHome RSS FeedRSS FeedRSS FeedBack to Top