Update time again – this time for another security issue.
Here’s the mail from wp-testers:
http://wordpress.org/beta/wordpress-2.0.6-RC2.zip
http://wordpress.org/beta/wordpress-2.0.6-RC2.tar.gzRC2 addresses the following vulnerability.
http://seclists.org/fulldisclosure/2006/Dec/0463.htmlWe also changed how we escape HTML attributes. Escaping is done with a new
attribute_escape() function.http://trac.wordpress.org/changeset/4656
This touched a lot of files so we need to do some broad testing to make sure we didn’t fat finger anything.
Should be GA soon; advisable to upgrade.
Recent Comments