[wp-testers] 2.8.6 Beta1

Dion Hulse (dd32) wordpress at dd32.id.au
Fri Nov 20 08:57:54 UTC 2009


What are the symptoms of the hack?

Install something to log all post requests ASAP, to gather data if its a  
new vulnerability: http://www.village-idiot.org/post-logger

You'd not by any chance be on MediaTemple servers would you? *(Who's your  
webhost)

On Fri, 20 Nov 2009 19:52:46 +1100, Naudirz <naudirz at gmail.com> wrote:

> OK, cause my 2.9 nightly gets hacked every day..
> in that case its a new security bug..
> Ive wasted every file/folde an done a fresh installation, everything  
> except
> the db is new, also passwd is changed on everything except db.
> No extra user is in db.
>
>
>
> On Fri, Nov 20, 2009 at 9:39 AM, Dion Hulse (dd32)  
> <wordpress at dd32.id.au>wrote:
>
>> Yes. Everything in the 2.8 branch are backports from the 2.9 branch.
>>
>>
>>
>> On Fri, 20 Nov 2009 19:35:20 +1100, Naudirz <naudirz at gmail.com> wrote:
>>
>>  Hi!
>>> Is this fix also in 2.9 nightlybuild?
>>>
>>> /Phibrz
>>>
>>> On Thu, Nov 12, 2009 at 5:43 PM, Ryan Boren <ryan at boren.nu> wrote:
>>>
>>>  http://wordpress.org/wordpress-2.8.6-beta1.zip
>>>>
>>>> Fixes these two security issues:
>>>>
>>>>
>>>>
>>>> https://core.trac.wordpress.org/query?status=closed&group=resolution&milestone=2.8.6
>>>>
>>>> A logged in user with author privileges is required to exploit.  Press
>>>> This and uploads need testing.
>>>> _______________________________________________
>>>> wp-testers mailing list
>>>> wp-testers at lists.automattic.com
>>>> http://lists.automattic.com/mailman/listinfo/wp-testers
>>>>
>>>>  _______________________________________________
>>> wp-testers mailing list
>>> wp-testers at lists.automattic.com
>>> http://lists.automattic.com/mailman/listinfo/wp-testers
>>>
>>>
>>
>> --
>> Using Opera's revolutionary e-mail client: http://www.opera.com/mail/
>>
>> _______________________________________________
>> wp-testers mailing list
>> wp-testers at lists.automattic.com
>> http://lists.automattic.com/mailman/listinfo/wp-testers
>>
> _______________________________________________
> wp-testers mailing list
> wp-testers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-testers
>


-- 
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/


More information about the wp-testers mailing list