You are here: Home / Archives for WordPress

WordPress 2.8.4 : Security Release

August 12, 2009 By Leave a Comment

WordPress

Matt at WordPress has wrote a post announcing the security release for WordPress. This is highly recommended upgrade for all users of WordPress.

Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying.

We fixed this problem last night and have been testing the fixes and looking for other problems since then. Version 2.8.4 which fixes all known problems is now available for download and is highly recommended for all users of WordPress.

Filed Under: WordPress Tagged With: , ,

Habari : Can It Beat WordPress?

November 17, 2008 By Leave a Comment

Habari is another free, opensource blogging platform. Like WordPress, it’s written on PHP and supports by various database system like MySQL, SQLite and PostgreSQL. Current Version is 0.5.2  which was released on October 17, 2008.
habariClaimed by it community as “next-generation blogging”, Habari require latest version for most of it’s component like Apache 1.3x or higher where v2.x is recommended, MySQL 4.1.x or greater and PHP 5.2 or above.

Here are Habari main features,
[Read more...]

Filed Under: Blogosphere Tagged With: , ,

WordPress 2.6.2 Released

September 9, 2008 By Leave a Comment

WordPress 2.6.2 was released today and contains few bug fixes. Ryan from WordPress Blog explained,

“If you allow open registration on your blog, you should definitely upgrade.  With open registration enabled, it is possible in WordPress versions 2.6.1 and earlier to craft a username such that it will allow resetting another user’s password to a randomly generated password.  The randomly generated password is not disclosed to the attacker, so this problem by itself is annoying but not a security exploit.  However, this attack coupled with a weakness in the random number seeding in mt_rand() could be used to predict the randomly generated password.  Stefan Esser will release details of the complete attack shortly.  The attack is difficult to accomplish,  but its mere possibility means we recommend upgrading to 2.6.2.”

Even though I’m not enable open registration on my blog, I already upgraded to this latest release to keep my wordpress blog up-to-date cause there are also contains a handful of bug fixes. To see the detail, check out at http://wordpress.org/development/.

Filed Under: WordPress Tagged With: ,

WordPress 2.6 Released

July 16, 2008 By Leave a Comment

WordPress version 2.6 has been released on 14/July/2008, almost a month ahead of schedule. It’s available for download at  WordPress.org. This version, codename “Tyner” is promising to make WordPress more powerful CMS. One of notable new feature is you can now track changes to every post and page and easily post from wherever you are on the web. And of course there are dozens of incremental improvements to the features introduced in previous version 2.5.

Here you can see a brief video for this WorPress version 2.6.

Filed Under: WordPress Tagged With: