Support » Fixing WordPress » Upgrading to 1.5.12 – idle curiosity question

  • I haven’t upgraded from 1.5.11 yet. Was there some compelling reason to do so? I found one thread which seemed to indicate that there was some sort of security fix again, though nothing specific was mentioned. That thread also seemed to indicate that one could delete just a couple of files and upload the same ones from the new distro.

    Could anyone verify the above before I go through the whole upgrade process for several blogs again? Podz?

Viewing 5 replies - 1 through 5 (of 5 total)
  • Check out this link for the announcement about the security fix.

    Here is the changelog of files that changed in version 1.5.1.2.

    Make a backup of all of your current files and database, then you can replace just these files and most probably re-run /wp-admin/upgrade.php and be at 1.5.1.2.

    Regards

    Well, yeah. I know how to do it, it’s the same as the last three times. Couldn’t get the changelog page to load earlier, but thanks for the announcement link – that’s really what I needed to know. I wouldn’t use the default theme if it was the only one out there, so as long as the “vulnerability” was only with it, I won’t worry further.

    Thanks.

    The vunerability had nothing to do with the themes. It had to do with trackback code and left the possibility open for an SQL injection vunerability.

    Quote from the announcement:

    “It has come to our attention that under certain circumstances there is a security vulnerability in WordPress that may be triggered if you’re running the default template.”

    Sounds like the default template to me….

    masquerade has the detail.
    I would upgrade.

    The risks may be small but they were significant enough for this fix to not only appear, but to do so quickly.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Upgrading to 1.5.12 – idle curiosity question’ is closed to new replies.