SecondVersion

WordPress has released 2.2.3, I’ll be upgrading this blog soon. I’d advise anyone using the 2.2 series to upgrade.

Official Announcement:

2.2.3 is a security and bug-fix release for the 2.2 series. Since this is a security release, we suggest you upgrade immediately. Two of the fixes are high priority.

On our Trac you can see the bugs closed and the files changed for 2.2.3.

To get 2.2.3, please see our download page.

As always, upgrade instructions including an extended upgrade guide are available.

Thanks to Alexendar Concha, Aaron Newman, and xknown for identifying and helping us fix the security vulnerabilities.

WordPress 2.3 Beta 2 is now available.

Official announcement:

WordPress 2.3 will be here before you know it! We’re putting out a beta release every Monday until WordPress 2.3 ships on September 24th. Today the second beta drops for your testing pleasure. We’ve fixed a bunch of bugs in the last week — thanks to everyone who participated! That said, this is still rough code, so you should only test the beta if you are comfortable troubleshooting PHP issues, filing tickets, and backing up your blog’s data.

Still want to play? Go ahead and join the wp-testers mailing list and download beta 2 here.

As posted on Wordpress’ Development blog, Wordpress 2.3 Beta 1 is now available.

As announced:

The past 3 months we’ve been working feverishly on the next version of WordPress, 2.3. Today we’re releasing the first beta of 2.3 and we’re hoping the more adventurous and savvy among you will help us test it.

Some of the features of 2.3 include plugin and core update notification, built-in tags support, faster javascript, and SEO-friendly URL redirection.

However all of the new functionality is still very rough, so only test the beta if you are comfortable troubleshooting PHP issues, filing tickets, and backing up your data religiously. If you’re interested you can join the wp-testers mailing list and download the beta here.

I may end up installing it here, not sure yet

Wordpress 2.2.2 and 2.0.11 were released a couple hours ago. These releases are security fixes. I’ve already upgraded this blog to 2.2.2.

Wordpress announcement:

Today we have two security-related releases available for both users of our main 2.2 branch and the legacy 2.0 branch. As these releases include only security and minor bugfixes they should not cause any plugin or theme compatibility issues, so you have no good excuse not to upgrade.

On our Trac you can see the bugs closed for 2.2.2 and 2.0.11 to get more details about the problems fixed. With a little more Trac magic you can see all the changed files for 2.2.2 or 2.0.11.

Our download page is always the best place to get the latest release, and our legacy page now has the latest in the 2.0 branch.

As always, we have upgrade instructions available and an extended upgrade guide.

Upgrade NOW!

WordPress 2.2.1 is now available. I’ll be upgrading soon, and I suggest others to do the same. Aside from the usual bug fixes, some rather important security fixes were made in this release.

WordPress 2.2.1 is now available. 2.2.1 is a bug fix release for the 2.2 series. Since 2.2 was released a month ago, the WordPress community has been improving fit-and-finish by identifying and fixing those little bugs that can be so annoying and by fine-tuning some small details. The result is a nicely polished 2.2.1 release. The full list of bugs fixed in 2.2.1 is available here. Here are some highlights.

• Atom feed validation fixes (#4274, #4307, #4381, #4382)
• XML-RPC fixes (#4314, #4329, #4315, #4469)
• Widget backward compatibility fixes (#4275)
• Widget layout fixes for IE7 (#4264, #4268)
• Page and Text Widget improvements (#4302, #4259)

Unfortunately, 2.2.1 is not just a bug fix release. Some security issues came to light during 2.2.1 development, making 2.2.1 a required upgrade. 2.2.1 addresses the following vulnerabilities:

• Remote shell injection in PHPMailer
• Remote SQL injection in XML-RPC Discovered by Alexander Concha.
• Unescaped attribute in default theme

Special thanks to Alexander Concha for his continued assistance in making WordPress more secure. Special thanks also to Daniel Jalkut of Red Sweater Software for his improvements to our XML-RPC implementation.

Wordpress.org has announced that there are now two wordpress contests running. Quoted from their blog post:

There are two contests going on in the WordPress community right now. If you’d like a chance to flex your WordPress skillz and perhaps win a prize and lifelong fame, you should consider dropping your code in the hat.

The first is the Sandbox Designs competition, which is like a theme competition, but working only with CSS and the highly semantic Sandbox theme. They already have a thousand dollars in prizes, so check it out.

Second our friends at Weblog Tools Collection are running a WordPress Plugin competition. They have a blog to track all the entries, but if you’re participating don’t forget to submit your code to the Plugin directory.

Both competitions require entries to be under the same GPL license that WordPress is, so regardless of who wins they’ll make the entire community much richer. (Remember, WordPress itself was written on the base of existing GPL code!)

Sounds cool, eh? I think I may enter into the plugin competition.

For more information:

Sandbox Designs competition

WordPress Plugin competition

Wordpress recently updated (and I will be updating soon…) to 2.2, I strongly encourage you to download the new version.

On behalf of the entire WordPress team, I’m proud and excited to announce the immediate availability of version 2.2 ‘Getz’ for download. This version includes a number of new features, most notably Widgets integration, and over two hundred bug fixes. It’s named in honor of tenor saxophonist Stan Getz.

Goodies:

• WordPress Widgets allow you to easily rearrange and customize areas of your weblog (usually sidebars) with drag-and-drop simplicity. This functionality was originally available as a plugin Widgets are now included by default in the core code, significantly cleaned up, and enabled for the default themes.
• Full Atom support, including updating our Atom feeds to use the 1.0 standard spec and including an implementation of the Atom Publishing API to complement our XML-RPC interface.
• A new Blogger importer that is able to handle the latest version of Google’s Blogger product and seamlessly import posts and comments without any user interaction beyond entering your login.
• Infinite comment stream, meaning that on your Edit Comments page when you delete or spam a comment using the AJAX links under each comment it will bring in another comment in the background so you always have 20 items on the page. (I know it sounds geeky, but try it!)
• We now protect you from activating a plugin or editing a file that will break your blog.
• Core plugin and filter speed optimizations should make everything feel a bit more snappy and lighter on your server.
• We’ve added a hook for WYSIWYG support in a future version of Safari.

In addition there were also dozens of UI and accessibility improvements, ranging from more concise wording around options and links to things like a view and preview link above the content box when you’re editing a post or page.

Developer Features:

We also improved a great deal under the hood that hopefully you’ll never notice, but if you’re a developer for the WP platform it provides a lot to sink your teeth into. Here is a sampling:

• A new set of WordPress-specific XML-RPC APIs that allow for editing pages, setting categories, and much more.
• We now use jQuery for a number of internal functions, and hope to transition all of our JS to use it. (We still need volunteers for this.)
• Comment feeds now support multiple formats, including Atom.
• Our internal mail functions now use phpMailer, which allows for things like SMTP support.
• You can now set database collation and character set in your config file.
• You can also hardcode your site and WP URL in the config file, overriding the values in the DB.
• Finally we’ve increased the inline documentation of a number of functions inside of WP, which should help you navigate those parts of the code.

If you’d like an in-depth look at everything that changed, here is a list of all 244 closed tickets in our bug tracker and you can use this link to see what files and lines of code changed. (It was a lot!)

Upgrade NOW!

Wordpress recently updated (and this blog updated to the latest version, 2.1.3)

We have a security update release now available for both the 2.1 and 2.0 branches of WordPress now available for immediate download. This update is highly recommend for all users of both branches.

These releases include fixes for several publicly known minor XSS issues, one major XML-RPC issue, and a proactive full sweep of the WordPress codebase to protect against future problems. Many thanks to Sumit Siddharth and Alex Concha for their help with reporting issues in this release.

As an update to the systems issue we had last month, we have taken dozens of additional precautions with the servers and systems that run WordPress.org and they appear to be working well, despite hundreds of hack attempts after we publicly disclosed there had been a problem. We are also now aggressively monitoring all downloads for any changes or modifications, and we are confident the same type of problem won’t happen again.

Upgrade now!
http://wordpress.org/download/ | http://wordpress.org/development/2007/04/wordpress-213-and-2010/