Ryan Boren has announced the mandatory WordPress 2.6.2 upgrade has been released and WordPress users are required to download WordPress 2.6.2 and upgrade immediately.
This mandatory security upgrade adds protection for a SQL Column Truncation and other security and bug fixes. There is a full changeset and list of changed files to help you find the differences, and a specific changeset for downloading will be available soon.
The vulnerability impacts all PHP applications, not just WordPress, specifically open registration on WordPress blogs. Boren says the attack is difficult to accomplish, but WordPress would rather be safer than sorrier if this is manipulated in the future. If you allow open registration on your WordPress blog, upgrade immediately and follow the instructions in the announcement.
WordPress 2.7 is due later this fall. If you are interested in following the development of WordPress and WordPress related applications, here is a list:
- WordPress Development Updates Blog
- WPDevel Twitter
- WordPress Development Trac Timeline
- WordPress iPhone App Trac Timeline
- WordPress Roadmap
- Blog Herald WordPress Wednesday News
Site Search Tags: wordpress, wordpress news, wordpress versions, wordpress upgrade, wordpress update, wordpress 2.6, wordpress 2.6.2, security, security update, mandatory update, upgrade, download, download wordpress