We're seeing a sort of Wal-Martisation of this world - Pundit on BBC Radio 4
|
|
|
Wordpress update fixes security flaws
DEVELOPERS at Wordpress.org have released an updated version of the popular open source website content management system and blogging tool, which fixes several security issues.
The outfit suggests that users update to Wordpress 3.1.1 as soon as possible, and among the 30 fixes are patches for three serious sounding security holes.
The first has to do with hardening CSRF prevention in the media uploader, while a second addresses a cross site scripting (XSS) vulnerability.
A third patch prevents PHP crashes in certain environments, which are amusingly described as situations where Wordpress.org needs to handle "devilishly devised links in comments".
Wordpress 3.1.1 also hardens security around media uploads. Other than that you should find performance improvements, fixes for IIS6 support, and tools to sort out plugin compatibility issues.
Along with Wordpress 3.1.1 the developers released a haiku saying, "Only the geeks know what half this stuff even means. Don't worry - update." You can download Wordpress 3.1.1 directly from its website or automatically update from the Wordpress dashboard.
Built on PHP and SQL and free to everybody, Wordpress has become extremely popular, evolving over time from a simple blogging system to an adaptable content management system that manages many sophisticated commercial websites.
Because of its popularity, Wordpress users need to be aware of any security issues and updates as soon as possible. Hackers can sometimes take advantage of websites running outdated versions. µ
Tags: Security
Share this:
Share
There was meant to be a link there to Wikipedia's article on "Malebolge", from Dante's "Inferno" version of Hell, which is where I quoted text from. You can look that up while I'm finding out what "simony" is - maybe it was linked and I overlooked it. I think it's nicking money from the church cOllection plate, probably when you're holding the plate.
According to another website, you may be using a vulnerable edition of BackWPup for your WordPress backups.
"devilishly devised links in comments"
Aha, malebolgeformed URLs! <http: /
"As the eighth of nine circles, Malebolge is one of the worst places in hell to be. In it, sinners guilty of "simple" fraud are punished (that is, fraud that is committed without particularly malicious intent, whereas Malicious or "compound" fraud — fraud that goes against bond of love, blood, honor, or the bond of hospitality — would be punished in the ninth circle). Sinners of this category include counterfeiters, hypocrites, grafters, seducers, sorcerers and simonists."
Counterfeiters - yep. Possibly seducers and simonists, I have to look one of those up.