WordPress 3.0.2 发布(安全更新)
WordPress 3.1 beta 1刚发布几天,WordPress就爆出了安全漏洞。WordPress官方紧急发布了WordPress 3.0.2,在后台可以看到升级提示。
最关键的是,这个安全漏洞影响到了WordPress之前发布的所有版本的WordPress。
WordPress安全漏洞描述:
This maintenance release fixes a moderate security issue that could allow a malicious Author-level user to gain further access to the site, addresses a handful of bugs, and provides some additional security enhancements. Big thanks to Vladimir Kolesnikov for detailed and responsible disclosure of the security issue!
WordPress 3.0.2的发布主要修复一个常规的安全漏洞,这个漏洞可以让别有目的的用户获得更多的用户数据,3.0.2的发布,除了修复了这个功能,对WordPress常规的安全也做了更新,使得WordPress更加安全。
感谢Vladimir Kolesnikov为这个安全漏洞提供详细的说明。
WordPress 3.0.2 下载地址:http://wordpress.org/latest.zip
官方原文
Posted November 30, 2010 by Mark Jaquith. Filed under Releases,Security.
WordPress 3.0.2 is available and is a mandatory security update for all previous WordPress versions. Haiku has become traditional:
Fixed on day zero
One-click update makes you safe
This used to be hardThis maintenance release fixes a moderate security issue that could allow a malicious Author-level user to gain further access to the site, addresses a handful of bugs, and provides some additional security enhancements. Big thanks to Vladimir Kolesnikov for detailed and responsible disclosure of the security issue!
Download 3.0.2 or update automatically from the Dashboard > Updates menu in your site’s admin area. You should update immediately even if you do not have untrusted users.
不错啊