AreWeConnected.com

Custom WordPress Websites that Rock!

WordPress 3.6.1 What it is and what it does

Wordpress ·

Just a quick note…

http://core.trac.wordpress.org/query?status=closed&group=resolution&milestone=3.6.1WordPress just released an update to the WordPress core called 3.6.1  You’ll see this soon in your dashboard.
It is labelled a security and maintenance release.  According to WP it fixes thirteen different bugs.

WordPress 3.6.1 is also a security release for all previous WordPress versions and we strongly encourage you to update your sites immediately. It addresses three issues fixed by the WordPress security team:

  • Block unsafe PHP unserialization that could occur in limited situations and setups, which can lead to remote code execution.

  • Prevent a user with an Author role, using a specially crafted request, from being able to create a post “written by” another user.

  • Fix insufficient input validation that could result in redirecting or leading a user to another website.

“What the Greek does that mean?”

It just means they patched some openings that the bad guys have found that could allow them to do some ugly things to your site.  The numbering system for updates also says a little about what they changed.  Big number changes like 3.5 to 3.6 are generally big changes to the code (and could break things) while smaller changes like 3.6.0 to this 3.6.1 normally are small changes and should be safe to upload to your main site right away.

Wondering what a bug looks like?  How they track it and how it gets fixed?

Check out this page on Make WordPress Core.  Click on an item and see the conversation that goes on behind the scenes.  Pretty cool, eh?

REMEMBER: Before you update any plugin, any theme, and any install of WordPress to always

BACK UP!

Mike Mueller
Connected?
Latest posts by Mike Mueller (see all)
New Comment Policy:
If you see something, say something!
(shamelessly borrowed from Homeland Security but really, let's bring commenting on posts back!)