WordPress 2.8.5: Security Hardening Release
WordPress recommend that all sites must upgrade to WP 2.8.5 version, to ensure the best security protection of your site.
Below are the highlights of the said 2.8.5 update.
* A fix for the Trackback Denial-of-Service attack that is currently being seen.
* Removal of areas within the code where php code in variables was evaluated.
* Switched the file upload functionality to be whitelisted for all users including Admins.
* Retiring of the two importers of Tag data from old plugins.
Meanwhile, the WordPress camp are also working on the new features for the coming of WordPress 2.9.
For more info about WordPress 2.5.8 update, please visit WordPress.org.
>> Updates:
While automatically updating my other WordPress site(not this one) via Dashboard, I encountered the problem below;
Unpacking the update.
Verifying the unpacked files
Installing the latest version
Could not copy file: /public_html/wp-content/upgrade/wordpress-2.8.5/wordpress/wp-comments-post.php
Installation Failed
I’d sign out and re-start my computer thinking that maybe it’s only a small problem and all it need is to re-start. Then, I login again, clicking the update automatically, but the same problem occurs.
The solution:
I’d tried the simplest solution, deactivate all my plug-ins including Akismet… then Viola!
Smooth.. 
Security Release Update:
WordPress 2.8.6 Security Release
WordPress released updates to WP 2.8.6 and available for download. The newly released fixes two security problems that can be exploited by registered, logged in users who have posting privileges. So, if your site or blog had many authors, then upgrading to 2.8.6 is a must.
Below are the 2 security problems that are fixed in this update;
* An XSS vulnerability in Press This, discovered by Benjamin Flesch.
* An issue with sanitizing uploaded file names that can be exploited in certain Apache configurations, discovered by Dawid Golunski,
Many thanks to Benjamin and Dawid for finding and reporting the said problems.
You can automatically update WP 2.8.6 on your Dashboard, or you can download WordPress 2.8.6 here.
October 26th, 2009 at 6:36 pm
tapos na akong nag link sayo…. pa link din
October 27th, 2009 at 2:12 am
Thanks! Also added you on news and info section, please check my links…
November 20th, 2009 at 5:58 am
哈哈,第一次来,留个脚印~顺便说下,你的博客挺不错的!
November 22nd, 2009 at 12:59 am
@伊清,我的网站访问的感谢!余太书签网站,自由和很多有用的东西! =)
November 24th, 2009 at 6:42 am
I like this place very much.
This is such a extraordinary place.
And it is not like other money orientating website, the info here is super useful.
I am definitely bookmarking it as well as sharing it with my friends.
November 25th, 2009 at 9:42 am
The E3′s been wow guides unsatisfactory fans and developers identically, and we all recognize they demand to shake things up or else. Contemporarily we hear of a rumor bordering the games trade incident as reported by Kotaku, and it seems like they’re reasoning of breach it to the public.
There’s no valid word on this further – we’ve heard lots of “accredited words” with reference to changes in the occasion’s dimensions, no more than to be rest unqualifiedly wrong later on – although it’s been said that the guess has already been brought forward towards scrutiny via the wow guides provisions of the Amusement Software Combine (ESA).
As a substitute for, what we set up as an update on Gamespot is a “No Annotation” commentary from ESA elder evil-doing president quest of communications and up on, Well-heeled Taylor.
As we do every year, the ESA solicits feedback wow guides and management from exhibitors and attendees on how best to habituate and evolve the E3 Media & Business Zenith to protect it meets their needs. Each atmosphere of the Pinnacle is opened for discussion, and that modify is continuing to fulfil a productive and effectual experience. Regarding today’s published reports, the ESA does not observe on rumors and guess, and will make an notice thither the details and logistics of the 2009 E3 Media & Business Summit at the pertinent time.
There’s been some major fallout in E3′s circle of pals, like Activision Blizzard who chose to leave out the interest this year, and instead assume its own upshot in the identical week. That’s apart from all the critics who’ve thrown in their two cents on the stylish variety of E3, wow guides such as EA’s John Riccitiello, Ubisoft’s Laurent Detoc, and EA Sports’ Peter Moore.
Disenchant’s look into if ESA can cook up something that last wishes as lure them retire from instead of the 2009 E3. Also gaol it posted here for the duration of more updates.
November 26th, 2009 at 1:18 am
Very outstanding site.
The info here is really helpful.
I will share it with my friends.
Cheers
November 26th, 2009 at 6:36 pm
@apasiaTex,
I removed the links because it has an error (403 Forbidden).
December 1st, 2009 at 11:52 pm
Very outstanding site.
The information here is very valuable.
I will share it with my friends.
Cheers
March 16th, 2010 at 7:13 am
[...] My thanks to Metalpigs blog for posting that – made my upgrade a lot simpler! If you would like to check out the article that I referenced above, then please click here. [...]
April 12th, 2010 at 12:00 am
Hey, superb blog.
August 3rd, 2010 at 7:56 am
Nice post and this mail helped me alot in my college assignement. Say thank you you seeking your information.
September 2nd, 2010 at 6:45 pm
You can be accountability a extraordinary romance onto your blogging site, chap. My spouse and i cause happened to be constantly a new booklover of your website. – bloodtestguide.com