Another Rushed Wordpress Security Release
I see that Wordpress has rushed out a new version, v 2.3.3, of it’s popular blogging software to mend security holes. The Wordpress blog says:
WordPress 2.3.3 is an urgent security release. A flaw was found in our XML-RPC implementation such that a specially crafted request would allow any valid user to edit posts of any other user on that blog.
Wasn’t it just a little while ago that they published another urgent security release?
February 5th, 2008 at 1:35 pm
It’s a pain to have so many bug releases?
I’d agree but if they are really necessary then I’d have them sooner than later.
February 5th, 2008 at 1:38 pm
@Anthony: Updates are good. Always good news. What’s not great is that this is the second “urgent” version release in a row.. My confidence in WP is a little shaken.
February 5th, 2008 at 2:15 pm
I’d agree that it’s shaken my confidence slightly. I love WP as a platform and have been using it since it was B2. Hate to see it founder with security holes
February 5th, 2008 at 6:24 pm
Well, at least they’re handling it better now. They went through a nasty period a while ago where they were extremely secretive about important security fixes, and would not emphasise to uses that they were important.
February 5th, 2008 at 6:25 pm
(This: http://wank.wordpress.com/2006/07/28/this-months-security-hole/)
February 12th, 2008 at 2:45 am
The number of security related upgrades / updates for WP and some of the other Php/MySQL systems is scary