12.29.07

WordPress 2.3.2

Posted in Releases at 2:44 pm by Ryan

WordPress 2.3.2 is an urgent security release that fixes a bug that can be used to expose your draft posts. 2.3.2 also suppresses some error messages that can give away information about your database table structure and limits and stops some information leaks in the XML-RPC and APP implementations. Get 2.3.2 now to protect your blog from these disclosures.

As a little bonus, 2.3.2 allows you to define a custom DB error page. Place your custom template at wp-content/db-error.php. If WP has a problem connecting to your database, this page will displayed rather than the default error message.

For more detail on what’s new in 2.3.2, view the list of fixed bugs and see the changes between 2.3.1 and 2.3.2.

Special thanks to Alex Concha for his help on this release.

10.26.07

WordPress 2.3.1

Posted in Releases at 12:55 pm by Ryan

WordPress 2.3.1 is now available. 2.3.1 is a bug-fix and security release for the 2.3 series.

2.3.1 fixes over twenty bugs. Some of the notable fixes are:

  • Tagging support for Windows Live Writer
  • Fixes for a login bug that affected those with a Blog Address different than
    their WordPress Address
  • Faster taxonomy database queries, especially tag intersection queries
  • Link importer fixes

Unfortunately, some security issues were found in 2.3. Janek Vind found an XSS problem that can be exploited if your php setup has register_globals enabled. For this reason, upgrading to 2.3.1 is advised.

The full set of changes between 2.3 and 2.3.1 is available for viewing on trac.

Get 2.3.1 from the download page and enjoy.

10.24.07

WordPress 2.3.1 Release Candidate 1

Posted in Releases at 2:53 pm by Ryan

WordPress 2.3.1 is almost ready to go. Before we send it out the door, we’re making a release candidate available so everyone can give it a last look.

2.3.1 fixes over twenty bugs. Some of the notable fixes are:

  • Tagging support for Windows Live Writer
  • A login bug that affected those with a Blog Address different than
    their WordPress Address is fixed
  • Faster taxonomy database queries, especially tag intersection queries
  • Link importer fixes

More details will be provided in the final release announcement. Until then, download RC1 and let us know if it fixes a particular bug in 2.3 that was annoying you. If you find that something has broken since 2.3, please open a ticket so we can address the problem before the final 2.3.1 release.

09.24.07

WordPress 2.3

Posted in Development, Releases, tagging, taxonomy, update notification, wordpress 2.3 at 5:22 pm by Matt

I’m thrilled to announce that Version 2.3 “Dexter” of WordPress is now ready for the world. This release includes native tagging support, plugin update notification, URL handling improvements, and much more. This release is named for the great tenor saxophonist Dexter Gordon.

The entire team is really proud of this release, and I’m happy that this is our second on-time release under our new development schedule. The grand experiment of a more agile WordPress with significant features in the hands of users more often is working. I could write a blog post about each new feature, but I’ll try to be brief:

  1. Native tagging support allows you to use tags in addition to categories on your posts, if you so choose. We’ve included importers for the Ultimate Tag Warrior, Jerome’s Keywords, Simple Tags, and Bunny’s Technorati Tag plugins so if you’ve already been using a tagging plugin you can bring your data into the new system. The tagging system is also wicked-fast, so your host won’t mind.
  2. Our new update notification lets you know when there is a new release of WordPress or when any of the plugins you use has an update available. It works by sending your blog URL, plugins, and version information to our new api.wordpress.org service which then compares it to the plugin database and tells you whats the latest and greatest you can use.
  3. We’ve cleaned up URLs a bunch in a feature we call canonical URLs which does things like enforce your no-www preference, redirect posts with changed slugs so a link never goes bad, redirect URLs that get cut off in emails on similar to the correct post, and much more. This helps your users, and it also helps your search engine optimization, as search engines like for each page to be available in one canonical location. More info here.
  4. Our new pending review feature will be great for multi-author blogs. It allows authors to submit a post for review by an editor or administrator, where before they would just have to save a draft and hope someone noticed it.
  5. There is new advanced WYSIWYG functionality (we call it the kitchen sink button) that allows you to access some features of TinyMCE that were previously hidden.

You’ll notice that two of those features are straight out of the most-voted for ideas list. That’s just the user facing stuff, if you’re a developer you’ll be interested in:

  1. Full and complete Atom 1.0 support, including the publishing protocol.
  2. We’re using the new jQuery which is “800% faster.”
  3. Behind the user-facing tags system is a really kickass taxonomy system, which adds a ton of flexibility. It’s probably the biggest schema upgrade since version 1.5.
  4. The importers have been revamped to be more memory efficient, and you can now add an importer through a plugin.
  5. Through hooks and filters you can now override the update system, the dashboard RSS feeds, the feed parser, and tons more than you could in 2.2.
  6. The new $wpdb->prepare() way of doing SQL queries.
  7. Finally there were over 351 tickets in Trac closed for this release, with over a hundred people contributing. This is the polish, the hundreds of tiny bug fixes and features that make WordPress what it is.

You can view the Codex for more information about the release and some screenshots. And of course the place to download is always the same. Before you upgrade you may want to check out our Preparing for 2.3 post and the list of compatible plugins on the Codex.

A number of people are hosting upgrade parties around the world, including myself in San Francisco. If you are let me know and I’ll promote it on my blog.

09.18.07

WordPress 2.3 Release Candidate 1

Posted in Releases at 8:50 pm by Ryan

The first release candidate for WordPress 2.3 is now available. We’ve spent the week since beta 3 fixing bugs and shaping RC1 into release candidate material. If you would like try RC1 and help us get 2.3 ready for its final release on Monday the 24th, download RC1 here and report any bugs you find. Although we consider this release candidate to be stable, keep in mind that this is still pre-release software. You may find some lingering bugs. Please back up your database before upgrading. If you have problems with RC1, you will not be able to revert back to your previous release without a database backup.

And a big thanks to those of you who have been testing the betas and now the RC. Your efforts make 2.3 better for everyone.

09.10.07

WordPress 2.3 Beta 3

Posted in Releases at 7:24 pm by Ryan

Beta 3, the third and final beta for WordPress 2.3, is now available. Many bugs have been fixed since the second beta, and we could use your help finding and fixing more bugs in preparation for the first Release Candidate due next Monday. The standard disclaimer for betas applies. Beta 3 is pre-release software that is still being tested. If you would like try out Beta 3 and help report bugs, join the wp-testers mailing list and download beta 3 here.

09.07.07

WordPress 2.2.3

Posted in Releases at 7:00 pm by Ryan

2.2.3 is a security and bug-fix release for the 2.2 series. Since this is a security release, we suggest you upgrade immediately. Two of the fixes are high priority.

On our Trac you can see the bugs closed and the files changed for 2.2.3.

To get 2.2.3, please see our download page.

As always, upgrade instructions including an extended upgrade guide are available.

Thanks to Alexendar Concha, Aaron Newman, and xknown for identifying and helping us fix the security vulnerabilities.