Linux.com
Everything Linux and Open Source
New WordPress 2.2.1 fixes bugs, blocks exploits
By: Shirl Kennedy
WordPress yesterday released WordPress 2.2.1, which incorporates a number of small bug fixes and tweaks, along with some security issues that make this a required upgrade.
According to the announcement, this release addresses three vulnerabilities:
- Remote shell injection in PHPMailer
- Remote SQL injection in XML-RPC
- Unescaped attribute in default theme
WordPress 2.2, released just over a month ago, contained "over 200 bug fixes" as well as several new features, including the ability to integrate Widgets into your blog without installing a plugin. Since then, the WordPress community has repaired a number of other small bugs and refined a few other elements, including Atom feed validation fixes, XML-RPC fixes, Widget backward compatibility fixes, Widget backward compatibility fixes, and Page and Text Widget improvements.
The highly popular WordPress, written in PHP and backed by a MySQL database, is a freely available blogging platform released under the GPL. It was recently chosen as the WebWare 100 winner in the Publishing category.
Shirl Kennedy is the senior editor of the DocuTicker and ResourceShelf weblogs as well as the "Internet Waves" columnist for Information Today. She has been writing about technology since 1992.