[wp-hackers] vuln

Mark Jaquith mark.wordpress at txfx.net
Sun Aug 14 12:40:30 GMT 2005

Scott Merrill wrote:

> I want to construct a sticky forum post _officially_ responding to the 
> issue, describing the problem, and providing as complete a solution as 
> possible for users _right now_.

Support form post here:

Latest /branches/1.5/wp-settings.php file with vulnerability fixed here 
(works on top of a install):

There are two last things I would definitely like to see make it into WP 
http://trac.wordpress.org/ticket/972 (adds "Save and Continue Editing" 
to Page Edit screen)
http://trac.wordpress.org/ticket/1578 (adds hooks for comment 
notification and moderation e-mails.  Hooks++)

They both have patches.

Other than that, I think we're more than ready for a release.  If 
something else comes up, we can do another point release.  Not the end 
of the world.  The feedback I've been getting from users has been along 
the lines of "why isn't this fixed yet?"  #wordpress has been helping 
people secure their blogs, but we can't reach as many people as a dev 
blog post could.

If there's more work to be done, let's identify the issues and get 
people to pitch in and get it done.

Mark Jaquith
MCincubus @ #wordpress

More information about the wp-hackers mailing list