WordPress blog has released WordPress 2.5.1, which bring “a number of bug fixes, performance enhancements, including one very important security fix.” The vulnerability is not public but it will be shortly. If your blog has open registration, it’s recommend that you download and update immediately.
If you are interested only in the security fixes, you can download these corrected copies of wp-includes/pluggable.php, wp-admin/includes/media.php, and wp-admin/media.php. Replace your existing copies of these files with these new copies.
If you download the entire 2.5.1 release, you will be getting over 70 other fixes in addition to the security fix. 2.5.1 focuses on fixing the most annoying bugs and improving performance. Here are some highlights:
- Performance improvements for the Dashboard, Write Post, and Edit Comments pages.
- Better performance for those who have many categories
- Media Uploader fixes
- An upgrade to TinyMCE 3.0.7
- Widget Administration fixes
- Various usability improvements
- Layout fixes for IE
Secret lives of blogs
Since 2.5 your
wp-config.php file allows a new constant called
SECRET_KEY which basically is meant to introduce a little permanent randomness into the cryptographic functions used for cookies in WordPress. You can visit this link we set up to get a unique secret key for your config file. (It’s unique and random on every page load.) Having this line in your config file helps secure your blog.
WordPress, Brecker, Blogging Software, Blogging Platform, Open Source, Open-Source, Release, Download