Although a new version of WordPress 3.0.1 is available we are delaying its introduction until the dust settles. We expect to remain with WordPress 2.9.2 for the near term.
A number of plugins have once again been updated:
- Akismet – Version 2.4.0
- Connections – Version 0.7.0.4
- Contact Form 7 – Version 2.3.1
- eShop for Wordpress – Version 5.6.3
- Exploit Scanner – Version 0.97.2
- Fast and Secure Contact Form – Version 2.9.1
- Google Doc Embedder – Version 1.9.6
- GRAND Flash Album Gallery – Version 0.51
- WP-EasyArchives – Version 2.0
- wp-forecast – Version 3.1
- WP-PageNavi – Version 2.73
- wp-weather – Version 0.3.9
- WP e-Commerce Plugin – Version 3.7.6.9
- WP Events Calendar – Version 6.7.5
- WP Google Weather – Version 0.5
Enjoy.
We processed another batch of plugin upgrades for WordPress. The following plugins were upgraded:
- All in One SEO Pack – Version 1.6.10.1
- Clean-Contact – Version 1.3.3
- eShop for Wordpress – Version 4.3.2
- Fast and Secure Contact Form – Version 2.0.1
- GRAND Flash Album Gallery – Version 0.39pl3
- Page Tree – Version 2.6
- Platinum SEO Pack – Version 1.3.2
- Wordpress Download Monitor – Version 3.3.3.5
- WordPress Exploit Scanner – Version 0.95
- WP-EMail – Version 2.51
- wp-forecast – Version 2.9
- WP-PageNavi – Version 2.61
- WP-SpamFree – Version 2.1.1.2
- wp-weather – Version 0.3.8
- WP Google Weather – Version 0.4
- YAK for WordPress – Version 2.0.7
Enjoy!
We have processed nother batch of WordPress plugin upgrades including:
- Clean-Contact – Version 1.3.2
- Collapsing Pages – Version 0.5.3
- Connections – Version 0.6.2.1
- Contact Form 7 – Version 2.1.1
- eShop for Wordpress – Version 4.3.1
- Fast and Secure Contact Form – Version 2.0
- GRAND Flash Album Gallery – Version 0.39pl2
- Page Tree – Version 2.5
- QuickShop – Version 2.2.1
- Wordpress Download Monitor – Version 3.3.3.3
- WordPress Exploit Scanner – Version 0.94
- wp-forecast – Version 2.7
- WP-SpamFree – Version 2.1.1.1
- wp-weather – Version 0.3.7
- YAK for WordPress – Version 2.0.6
Please enjoy.
WordPress was upgraded to the latest version this morning. We did skip the 2.9 upgrade due to some reported problems. The upgrade requires a database upgrade when logging in as admin. I have logged into all of our WordPress sites and run the database upgrade procedure.
I have detected no immediate problems with any of our WordPress installations. If you find a problem, please let me know.
A number of WordPress plugin authors have released new releases just in time for the New Year! The following plugins have been upgraded:
- Akismet – Version 2.2.7
- All in One SEO Pack – Version 1.6.10
- Google XML Sitemaps – Version 3.2.2
- GRAND Flash Album Gallery – Version 0.39
- Theme Switcher – Version 1.0
- WordPress Exploit Scanner – Version 0.93
- wp-forecast – Version 2.6
- WP Shopping Cart – Version 3.7.5.3
- Yet Another PhotoBlog – Version 1.9.24
We have delayed installing the latest WordPress 2.9 release until we have verified that WordPress 2.9.1 has fixed some of the problems found in WordPress 2.9.
A number of updates were completed today. The majority of the updates are to core packages and we expect no changes to our server’s functionality. As is normal, our web services were down for about 5 minutes during the Apache2 upgrade.
- apr-gdbm-db42-mysql-1.3.8.1.3.9_1
- apache-2.2.14_5
- cups-client-1.4.2_3
- cups-image-1.4.2_3
- curl-7.19.7_1
- expat-2.0.1_1
- ghostscript8-nox11-8.70
- gnome-keyring-2.28.2
- gobject-introspection-0.6.7
- gvfs-1.4.3
- libsoup-2.28.2
- xcb-proto-1.6
- libxcb-1.5
- mhash-0.9.9.9_1
- p5-Any-Moose-0.11
- p5-Catalyst-Action-RenderView-0.14
- p5-File-ShareDir-1.01
- p5-Proc-Background-1.10
- p5-Catalyst-Devel-1.24
- p5-Catalyst-Plugin-Session-0.29_1
- p5-Catalyst-Plugin-Session-Store-DBI-0.15
- p5-Catalyst-Plugin-Static-Simple-0.26
- p5-Catalyst-Runtime-5.80016
- p5-Class-MOP-0.97
- p5-Error-0.17016
- p5-File-ChangeNotify-0.11
- p5-Getopt-Long-Descriptive-0.083
- p5-OLE-Storage_Lite-0.19
- p5-Object-Signature-1.05_1
- p5-Params-Validate-0.93
- p5-Pod-Simple-3.13
- p5-Pod-Simple-3.13
- p5-String-Format-1.16
- p5-SQL-Abstract-Limit-0.141_1
- p5-Test-Pod-1.40_1
- p5-Test-WWW-Mechanize-1.24_1
- p5-TimeDate-1.20,1
- p5-UNIVERSAL-can-1.15_1
- p5-WWW-Mechanize-1.60_1
- p5-XML-RSS-1.47
- p5-common-sense-2.03
- pango-1.26.2
- tnef-1.4.6
- unixODBC-2.2.14_2
- wordpress-mu-2.8.6,2
There seems to be no end to the updates available for our WordPress Plugins. In fact, there have so many updates that I have actually failed to post a listing of plugin upgrades recently. So, without further ado, the following upgrades were implemented today:
- All in One SEO Pack – Version 1.6.8.2
- eShop for Wordpress – Version 4.1.1
- Fast and Secure Contact Form – Version 1.9.5
- Google Analyticator – Version 6.0.2
- Google Analytics Dashboard – Version 1.0.6
- Google XML Sitemaps – Version 3.2.1
- GRAND Flash Album Gallery – Version 0.38
- Page Tree – Version 2.3
- QuickShop – Version 2.0.1
- WordPress Exploit Scanner – Version 0.92
- WP Shopping Cart – Version 3.7.5.1
- YAK for WordPress – Version 1.8.6
Wordpress announced another security update. According to WordPress this security bug only can only be exploited by users with login and post privileges. In addition, the exploit is only applicable if the appropriate mime types have not been configured within the Apache server. While this exploit is not possible with Gossamer’s configuration, the update was applied to keep up to date.
Several plugins have also been updated. The updates include:
- wordpress-2.8.6,1
- All in One SEO Pack – Version 1.6.8.1
- Contact Form 7 – Version 2.0.7
- Google XML Sitemaps – Version 3.1.9
- GRAND Flash Album Gallery – Version 0.37
- Page Tree – Version 2.2
- WordPress Exploit Scanner – Version 0.7
WordPress released a security hardening release version 2.8.5. This update was applied on November 1. According to the WordPress Blog:
As you know over the past couple of months we have been working on the new features for WordPress 2.9. We have also been working on trying to make WordPress as secure as possible and during this process we have identified a number of security hardening changes that we thought were worth back-porting to the 2.8 branch so as to get these improvements out there and make all your sites as secure as possible.
The headline changes in this release are:
- A fix for the Trackback Denial-of-Service attack that is currently being seen.
- Removal of areas within the code where php code in variables was evaluated.
- Switched the file upload functionality to be whitelisted for all users including Admins.
- Retiring of the two importers of Tag data from old plugins.
We would recommend that all sites are upgraded to this new version of WordPress to ensure that you have the best available protection.
In addition, a security problem was discovered in the graphics library that WordPress uses for fast creation of images. Specifically, a remote buffer overflow vulnerability. The core module GD (gd-2.0.35_2,1) was updated on November 9. The PHP module that utilizes GD (php5-gd-5.2.11_2) was updated today.
If your hosting provider is not keeping up to date with their WordPress updates your website may be at risk. We invite you to take a look at our services and make the switch today.
Yet another WordPress plugin upgrade:
- All in One SEO Pack – Version 1.6.7