wordpress 2.0.6发布了!更新信息如下:
补上了一个安全漏洞;
HTML quicktags可以在Apple浏览器Safari上正常使用;
格式化留言,防止它们破坏blog布局;
PHP/FastCGI安装兼容性调整。
为解决这个安全漏洞添加了attribute_escape()函数。
还增加了名为“query”的filter。
冰古blog »
wordpress »
2007 »
01 »
06 »
wordpress 2.0.6
[…] 5 查看 | 收藏 wordpress2.0.6刚出不久就有feedburner bug,现在又有hacker发现2.0.6的SQL注入漏洞。 别不信邪,还是先用着wordpress2.0.7RC1吧。 WordPress2.0.7RC1 change: 1. worked around a PHP bug for PHP4 < 4.4.3 and PHP5 < 5.1.4 with register_globals ON that could lead to SQL injection or other security breaches 2. Feeds should properly show 304 Not Modified headers (a.k.a. the FeedBurner bug) instead of mismatched 200/304 headers 3. Backport of another 304 Not Modified fix from trunk (Etag mismatch on certain hosts would cause 200 OK and content to always be served, a waste of bandwidth) 4. Deleting WP Pages no longer gives an “Are You Sure?” prompt 5. After deleting a WP Page, you are properly redirected to the Edit Pages screen 6. Sending an image at original size in IE no longer adds an incorrect “height” attribute […]