WordPress 3.1.3 Security Update (and WordPress 3.2 beta 2) Released
WordPress developers has just released WordPress 3.1.3. It is a security update and is very much a recommended update. In the blog post announcing the update, it was also revealed that WordPress 3.2 beta 2 is now available too.
WordPress 3.1.3 contains the following security fixes and enhancements:
- Various security hardening by Alexander Concha.
- Taxonomy query hardening by John Lamansky.
- Prevent sniffing out user names of non-authors by using canonical redirects. Props VerÃ³nica Valeros.
- Media security fixes by Richard Lundeen of Microsoft, Jesse Ou of Microsoft, and Microsoft Vulnerability Research.
- Improves file upload security on hosts with dangerous security settings.
- Cleans up old WordPress import files if the import does not finish.
- Introduce “clickjacking” protection in modern browsers on admin and login pages.
If you are using WordPress, you can easily understand that 3.1.3 is a very important security update. You can go through the change log here. You can automatically update from your administrator dashboard or you can download the update and manually install it.
Regarding beta 2, the developers revealed that the development is going as per schedule. Beta 2 release came after 13 days of the release of beta 1. Release Candidates will be available in early June and by the end of June WordPress 3.2 will be released to everyone.
This is still beta software, so we don’t recommend that you use it on production sites. But if you’re a plugin developer, a theme developer, or a site administrator, you should be running this on your test environmentsand reporting any bugs you find. If you’re a WordPress user who wants to open your presents early, take advantage of WordPress’ famous 5-minute install and spin up a secondary test site. Let us know what you think!
WordPress developers have encouraged everyone to test the beta and send them feedback. This will speed up the development process of WordPress 3.2.
The following things were changed in beta 2:
- Google Chrome Frame is now supported in the admin, if you have it installed. This is especially useful for IE 6 users (remember, IE 6 is otherwise deprecated for the admin).
- The admin is less ugly in IE 7.
- The blue admin color scheme has caught up to the grey one, and is ready for testing.
You can download and test WordPress 3.2 beta 2 from here.