WordPress 2.6.2 Release

Stumble It!

As most of you have probably already seen in your Dashboard, yesterday afternoon saw the official WordPress 2.6.2 Release. And as mentioned in the comments on my intitial news break on the 2.6.2 Beta, the focus is on two security patches to cover weaknesses in PHP’s random number generation (which affects password encryption strength), and in MySQL’s field length checking. These weren’t (technically) security bugs in WordPress, per se, but in the underlying PHP/MySQL stack. Fortunately, we’re able to route around them. This is mainly a problem if your site allows users to register for a user login, however, I would still recommend this upgrade for all users, just to be on the safe side.

For those of you who are PHP/MySQL developers yourselves, I highly recommend reading Stefan Esser’s explanation of the PHP mt_srand() bug and the MySQL SQL Column Truncation issue. He provides some really good detail of the problems. Stefan is also the developer of the PHP Suhosin module, which provides extra security-related features and protections to PHP.

It’s also important to note that these problems don’t just affect WordPress — many other PHP/MySQL applications could be vulnerable to future problems if they don’t examine and patch their code.

Stumble It!

Other Posts of Interest

This entry was written by Dougal, posted on September 9, 2008 at 3:35 pm, filed under Announcements, Community, WordPress and tagged , , , , , , , , , , . Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL.

8 Comments

  1. Flug says:
    October 16, 2008 at 11:40 am

    The new version is great. Not only the security updates, that like we all know have been more than neccessary, but especially the design options are great.

    Reply
  2. MikeMech says:
    September 30, 2008 at 9:52 am

    You’re quite faster then my Drupal security news :-)
    Think it’s about time to switch some of my Drupal sites back to WordPress now…

    Reply
  3. Kazir says:
    September 24, 2008 at 6:56 am

    Wordpress is my love :) it’s great cms – I always wait for new version

    Reply
  4. Sowin says:
    September 23, 2008 at 4:51 am

    I still wait for better wersion but this is almost great :)

    Reply
  5. Riman says:
    September 17, 2008 at 4:46 am

    I try this version and it’s nice :)

    Reply
  6. farshad says:
    September 12, 2008 at 7:02 am

    Hey, did someone change up the post editor?

    Reply
  7. Jonathan says:
    September 11, 2008 at 11:38 am

    Hey, did someone change up the post editor? It seems like its missing a whole bunch of stuff now that I’ve upgraded. For instance – where is my add link button gone? I’ve got these nice drop down menus for some things like font size etc, but no linky linky!!!!

    Reply
  8. Wordpress 2.6.2 Upgrade | Prasys' Blog says:
    September 10, 2008 at 11:43 am

    [...] For those of you who are geeky and would like to read the changelog (aka the upgrades) , you may want to click here (WordPress 2.6.2 Release) [...]

    Reply

Leave a Reply

Your email is never shared.

I'm happy to use Increase Sociability.