WordPress 2.0.7

An updated version of WordPress is now available (2.0.7). This update is released just ten days after the release of 2.0.6. The reason for this update is a vulnerability that resides in the Zend Engine (the PHP core) that has huge impact on the security of PHP scripts. Additional techinal details on the PHP vulnerability can be found on the site of the Hardened-PHP project.

The WordPress team has worked around the issue of providing us with a fix that addresses the PHP security problem and the Feedburner problem that was identified in 2.0.6. It is recommended that everyone running WordPress 2.0.6 or lower upgrade to this new version.

Here are the changes that have been made since 2.0.6:

  • Security fix for wp_unregister_GLOBALS() to work around the zend_hash_del_key_or_index bug in PHP 4 versions less than 4.4.3 and PHP 5 versions less than 5.1.4 with register_globals set to “On.”
  • Feeds now properly serve 304 Not Modified headers instead of mismatched 200/304 headers (a.k.a. the FeedBurner bug)
  • Backport of another 304 Not Modified fix from WordPress 2.1
  • Deleting WordPress Pages no longer gives an “Are You Sure?” prompt.
  • After deleting a WordPress Page, you are now properly redirected to the Edit Pages screen.
  • Sending an image at original size in Internet Explorer no longer adds an incorrect “height” attribute.
Categories
WordPress
Comments rss
Comments rss
Trackback
Trackback

« Site Update WordPress 2.1 »

One response

Do you work on WordPress too??

Benjamin JancewiczNo Gravatar | January 17, 2007

Do you work on WordPress too??

Leave a comment

You can use these tags : <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>