The Latest in IT Security

WordPress 3.1.3 available (security fixes)

26
May
2011

If you are using WordPress, make sure to upgrade it now. The version 3.1.3 was just released with a few security fixes:

* Various security hardening by Alexander Concha.
* Taxonomy query hardening by John Lamansky.
* Prevent sniffing out user names of non-authors by using canonical redirects. Props Veronica Valeros.
* Media security fixes by Richard Lundeen of Microsoft, Jesse Ou of Microsoft, and Microsoft Vulnerability Research.
* Improves file upload security on hosts with dangerous security settings.
* Cleans up old WordPress import files if the import does not finish.
* Introduce “clickjacking” protection in modern browsers on admin and login pages.

You can download the new version here or just follow their automated (very simple) update process.. Those were all the files changed from 3.1.2 to 3.1.3:

Files wordpress-3.1.2/readme.html and wordpress-3.1.3/readme.html differ
Files wordpress-3.1.2/wp-admin/admin-ajax.php and wordpress-3.1.3/wp-admin/admin-ajax.php differ
Files wordpress-3.1.2/wp-admin/custom-background.php and wordpress-3.1.3/wp-admin/custom-background.php differ
Files wordpress-3.1.2/wp-admin/custom-header.php and wordpress-3.1.3/wp-admin/custom-header.php differ
Files wordpress-3.1.2/wp-admin/includes/class-wp-plugins-list-table.php and wordpress-3.1.3/wp-admin/includes/class-wp-plugins-list-table.php differ
Files wordpress-3.1.2/wp-admin/includes/import.php and wordpress-3.1.3/wp-admin/includes/import.php differ
Files wordpress-3.1.2/wp-admin/includes/media.php and wordpress-3.1.3/wp-admin/includes/media.php differ
Files wordpress-3.1.2/wp-admin/includes/post.php and wordpress-3.1.3/wp-admin/includes/post.php differ
Files wordpress-3.1.2/wp-admin/includes/template.php and wordpress-3.1.3/wp-admin/includes/template.php differ
Files wordpress-3.1.2/wp-admin/includes/update-core.php and wordpress-3.1.3/wp-admin/includes/update-core.php differ
Files wordpress-3.1.2/wp-admin/ms-delete-site.php and wordpress-3.1.3/wp-admin/ms-delete-site.php differ
Files wordpress-3.1.2/wp-admin/plugins.php and wordpress-3.1.3/wp-admin/plugins.php differ
Files wordpress-3.1.2/wp-admin/press-this.php and wordpress-3.1.3/wp-admin/press-this.php differ
Files wordpress-3.1.2/wp-app.php and wordpress-3.1.3/wp-app.php differ
Files wordpress-3.1.2/wp-includes/canonical.php and wordpress-3.1.3/wp-includes/canonical.php differ
Files wordpress-3.1.2/wp-includes/class-oembed.php and wordpress-3.1.3/wp-includes/class-oembed.php differ
Files wordpress-3.1.2/wp-includes/default-filters.php and wordpress-3.1.3/wp-includes/default-filters.php differ
Files wordpress-3.1.2/wp-includes/formatting.php and wordpress-3.1.3/wp-includes/formatting.php differ
Files wordpress-3.1.2/wp-includes/functions.php and wordpress-3.1.3/wp-includes/functions.php differ
Files wordpress-3.1.2/wp-includes/meta.php and wordpress-3.1.3/wp-includes/meta.php differ
Files wordpress-3.1.2/wp-includes/post.php and wordpress-3.1.3/wp-includes/post.php differ
Files wordpress-3.1.2/wp-includes/query.php and wordpress-3.1.3/wp-includes/query.php differ
Files wordpress-3.1.2/wp-includes/taxonomy.php and wordpress-3.1.3/wp-includes/taxonomy.php differ
Files wordpress-3.1.2/wp-includes/theme.php and wordpress-3.1.3/wp-includes/theme.php differ
Files wordpress-3.1.2/wp-includes/version.php and wordpress-3.1.3/wp-includes/version.php differ
Files wordpress-3.1.2/wp-login.php and wordpress-3.1.3/wp-login.php differ

Remember, the first step for a secure site, is an updated site! We also recommend the following WordPress security plugin if you want to harden your WordPress install: http://sucuri.net/wordpress-security-monitoring.

Leave a reply


Categories

WEDNESDAY, NOVEMBER 20, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments