WordPress 3.5.2 – Actualizare importanta de securitate

wordpress 3.0.3WordPress 3.5 a fost o actualizare importanta a celebrei platforme de blogging. Dupa orice versiune majora a unui produs, vin si micile retusari. Astfel a fost lansata astazi versiunea 3.5.2, care remediaza cateva probleme importante de securitate:

  • Blocking server-side request forgery attacks, which could potentially enable an attacker to gain access to a site.
  • Disallow contributors from improperly publishing posts, reported by Konstantin Kovshenin, or reassigning the post’s authorship, reported by Luke Bryan.
  • An update to the SWFUpload external library to fix cross-site scripting vulnerabilities. Reported by mala and Szymon Gruszecki. (Developers: More on SWFUpload here.)
  • Prevention of a denial of service attack, affecting sites using password-protected posts.
  • An update to an external TinyMCE library to fix a cross-site scripting vulnerability. Reported by Wan Ikram.
  • Multiple fixes for cross-site scripting. Reported by Andrea Santese and Rodrigo.
  • Avoid disclosing a full file path when a upload fails. Reported by Jakub Galczyk.

Pentru alte detalii privind si restul modificarilor din aceasta versiune accesati site-ul oficial:
http://wordpress.org/news/2013/06/wordpress-3-5-2/

Puteti descarca WordPress 3.5.2 de mai jos sau direct din Panoul de control al blogului vostru:
http://wordpress.org/download/

Cu siguranta veti fi interesati si de sporirea securitatii in WordPress in afara de actualizarile oferite de prodcator. Pentru aceasta am facut un ghid pe care-l puteti consulta aici: http://www.faravirusi.com/2009/10/14/wordpress-cum-imi-sporesc-securitatea-blog-ului/

Administrator FaraVirusi.com
voluntar al Comodo Malware Research Team, expert Malwarebytes Anti-Malware

Leave a Reply