Where is the security announcement?

Resolved solutionsphp
(@solutionsphp)

17 years, 10 months ago

I read about a new security vulnerability in WordPress:
http://www.gentoo.org/security/en/glsa/glsa-200606-08.xml

I see that 2.0.3 has been released with a fix, but where is the annoucement about this security issue? I’ve looked on wordpress.org, the doc wiki, the forums, and can’t find an official notification. I am subscribed (2 different email addresses) to the WP announcement mailing list, but I’ve never received any email from that list ( with NO server side spam filtering).

Did WordPress notify users? If so, can someone please point me in the direction of this notification?

Also, has a fix for v. 1.5.3-1beta been provided?

TIA!
SAM 🙂

Viewing 6 replies - 1 through 6 (of 6 total)

virtuallynicky
(@virtuallynicky)

17 years, 10 months ago

I got notified by my dashboard of the release.. but don’t know what the security issue was, if that is what you mean?

Thread Starter solutionsphp
(@solutionsphp)

17 years, 10 months ago

Ah ha! I just found it on the WP blog:
http://wordpress.org/development/2006/06/wordpress-203/

Wow, more than 10 days ago! I need to find more time to read feeds.

Is it true that this vulnerability only affects blogs where users can register?

Is it true that you need to install a plugin to fix other bugs this upgrade introduces?
http://txfx.net/code/wordpress/wordpress-203-tuneup/

Is WP planning a consolidated 2.0.4 release that fixes these new bugs? (If so, I will wait for this.)

Has anyone had a look at how this bug can be remedied in 1.5.3-1beta?

I found it earlier but can’t find it now: where is the list of changed files in the new 2.0.3 release?

Thanks again!
SAM 🙂

Thread Starter solutionsphp
(@solutionsphp)

17 years, 10 months ago

Thanks! I’m using dashlite on all my sites to speed up the admin, so I do not get feeds on my dash.

Bhoney
(@bhoney)

17 years, 10 months ago

I found out via WordPress planet which I visit daily.Something should be added to the forums though.Who really visits those other sites?

Nazgul
(@nazgul)

17 years, 10 months ago

And I think this blog post answers some of your questions.

Thread Starter solutionsphp
(@solutionsphp)

17 years, 10 months ago

Thank you for the link! I will upgrade a couple of my 1.5.3-1beta sites to 2.0.3, test them out and go from there.
http://codex.wordpress.org/Upgrading_WordPress#Detailed_Upgrade_Instructions_for_1.5.x_to_2.0.2_and_2.0_to_2.0.2

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘Where is the security announcement?’ is closed to new replies.

Where is the security announcement?

Tags

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics