WordPress 2.0.6 RC2

Update time again – this time for another security issue.

Here’s the mail from wp-testers:

http://wordpress.org/beta/wordpress-2.0.6-RC2.zip
http://wordpress.org/beta/wordpress-2.0.6-RC2.tar.gz

RC2 addresses the following vulnerability.

http://seclists.org/fulldisclosure/2006/Dec/0463.html

We also changed how we escape HTML attributes. Escaping is done with a new
attribute_escape() function.

http://trac.wordpress.org/changeset/4656

This touched a lot of files so we need to do some broad testing to make sure we didn’t fat finger anything.

Should be GA soon; advisable to upgrade.

Leave a Reply

Your email address will not be published. Required fields are marked *