Sep10th2008

Successful upgrade to Wordpress 2.6.2

Posted
by
Robert
on September 10, 2008
in Articles
. Tags: , , , , , , , , .

The latest version of Wordpress was released within the past 24 hours and I have already completed a successful upgrade. No major enhancements - just a bunch of fixes and security patches to the Wordpress core files. So far the upgrade appears to have gone well on this blog and without any impact to the modified K2 theme or any of the gazillion Wordpress plugins that I run.

A big congratulations to the Wordpress crew for making available, free of charge I might add, a reliable, stable and well supported blogging platform - thus providing us folks without anything better to do with our time the means to share our inner creative genius with the online world.

Here’s a technical spiel from the Wordpress Development Labs on what 2.6.2 brings:


WordPress 2.6.2

By Ryan. Filed under Releases, Security.

Stefan Esser recently warned developers of the dangers of SQL Column Truncation and the weakness of mt_rand(). With his help we worked around these problems and are now releasing WordPress 2.6.2. If you allow open registration on your blog, you should definitely upgrade. With open registration enabled, it is possible in WordPress versions 2.6.1 and earlier to craft a username such that it will allow resetting another user’s password to a randomly generated password. The randomly generated password is not disclosed to the attacker, so this problem by itself is annoying but not a security exploit. However, this attack coupled with a weakness in the random number seeding in mt_rand() could be used to predict the randomly generated password. Stefan Esser will release details of the complete attack shortly. The attack is difficult to accomplish, but its mere possibility means we recommend upgrading to 2.6.2.

Other PHP apps are susceptible to this class of attack. To protect all of your apps, grab the latest version of Suhosin. If you’ve already updated Suhosin, your existing WordPress install is already protected from the full exploit. You should still upgrade to 2.6.2 if you allow open user registration so as to prevent the possibility of passwords being randomized.

2.6.2 also contains a handful of bug fixes. Check out the full changeset and list of changed files.


For those “Wordpress-ies” out there curious what I have under the hood and what steps I took before they venture out and do their own upgrade:

  • My Wordpress installation is hosted by Bluehost and I took advantage of their Simplescripts scripting service to perform the actual upgrade.

(I would like to take this opportunity to acknowledge the valuable product and service that Bluehost provide to the online community. Despite the negative raves that one finds in forums and comments - I have found their sales and support staff to be professional, helpful and courteous during all my encounters with them. Recently I was having CPU utilisation issues and the Bluehost staff provided me with useful guidelines to resolve this issue. Shared hosting is a difficult and challenging business to be in and I feel that Bluehost are still the best option available.

  • This Blog is based on the K2 RC7 theme with a modified custom style sheet.
  • Goes without saying that I did the standard WP database backups and disabled all plugins before lifting a finger and also put the Blog into Maintenance Mode (see plugin below).
  • Just to be on the safe side recreated Permalinks (after upgrade)
  • And the following plugins have been activated - which basically means that would all be compatible with 2.6.2 (touch wood)…


And what would we do without the valuable contribution by Wordpress Plugin developers? A sub-genre in their own right - giving their time, energy and sweat to extend the functionality, usefulness and richness of Wordpress. A special big thank you to the developers of the plugins listed below…

AddQuicktag   AddQuicktag
» Roel Meurders and Frank Bueltge (url)
Allows you to easily add custom Quicktags to the editor. You can also export and import your Quicktags.

Admin Management Xtended   Admin Management Xtended
» Oliver Schlöbe (url)
WordPress 2.5+ only. Extends admin functionalities by introducing: toggling post/page visibility inline, changing page order with drag’n'drop, inline category management, inline tag management, changing publication date inline, changing post slug inline, toggling comment status open/closed, hide draft posts, change media order, change media description inline, toggling link visibility, changing link categories

Akismet   Akismet
» Matt Mullenweg (url)
Akismet checks your comments against the Akismet web service to see if they look like spam or not. You need a WordPress.com API key to use it. You can review the spam it catches under “Comments.” To show off your Akismet stats just put <?php akismet_counter(); ?> in your template. See also: WP Stats plugin.

AsideShop   AsideShop
» Raimonds Kalnins (url)
A WordPress plugin which allows you to create templates for your asides posts. Instantly.

Bad Behavior   Bad Behavior
» Michael Hampton (url)
Deny automated spambots access to your PHP-based Web site.

Better Blogroll   Better Blogroll
» Jon Dyer (url)
Pulls a configurable number of links and their categories from the WordPress 2.3 Link Manager and gives you more control of your blogroll.

Better Howdy   Better Howdy
» Matt Martz (url)
Remove ‘Howdy’ and restructure the ‘Howdy’ line. Props to Ozh for No Howdy.

Bluetrait Event Viewer   Bluetrait Event Viewer
» Michael Dale (url)
BTEV monitors events that occur in your WordPress install.

Broken Link Checker   Broken Link Checker
» Janis Elsts (url)
Checks your posts for broken links and missing images and notifies you on the dashboard if any are found.

Category Icons   Category Icons
» Brahim Machkouri (url)
Assign icons to your categories easily.

Comment Analysis   Comment Analysis
» Mark Styles (url)
Various functions for analyzing comments

Contact Form 7   Contact Form 7
» Takayuki Miyoshi (url)
Just another contact form plugin. Simple but flexible.

CoppermineSC   CoppermineSC
» Brad Guilford (url)
Include images from Coppermine Galleries in WordPress entries. Based on original script by Lennart Groetzbach that was enhanced and adapted as a plugin by Matthias Jell.

Dashboard Widget Manager   Dashboard Widget Manager
» Viper007Bond (url)
Greatly enhances your WordPress 2.5+ dashboard by allowing widget re-ordering and storage of preferences on a per-user basis.

Different Posts Per Page   Different Posts Per Page
» MaxBlogPress (url)
Show different number of posts in home, category, search or archive page. Adjust your settings here.

Drain Hole   Drain Hole
» John Godley (url)
A download management and monitoring plugin with statistics and file protection

Drop Caps   Drop Caps
» Thomas Milburn (url)
My first plugin used to generate the code for drop caps.

Excerpt Editor   Excerpt Editor
» Andrew Ozz (url)
Add or edit excerpts for Posts and Pages.

Exclude Pages from Navigation   Exclude Pages from Navigation
» Simon Wheatley (url)
Provides a checkbox on the editing page which you can check to exclude pages from the primary navigation. IMPORTANT NOTE: This will remove the pages from any “consumer” side page listings, which may not be limited to your page navigation listings.

FD Feedburner Plugin   FD Feedburner Plugin
» John Watson (url)
Redirects all feeds to a Feedburner feed

GeneralStats   GeneralStats
» Bernhard Riedl (url)
Counts the number of users, categories, posts, comments, pages, links, tags, link-categories, words in posts, words in comments and words in pages.

Google XML Sitemaps   Google XML Sitemaps
» Arne Brachhold (url)
This plugin will generate a sitemaps.org compatible sitemap of your WordPress blog which is supported by Ask.com, Google, MSN Search and YAHOO. Configuration Page

Improved Include Page   Improved Include Page
» Vito Tardia (url)
This plugin is an improved version on the Include Page plugin by Brent Loertscher (http://beetle.cbtlsl.com/categories/include_page). It adds an iinclude_page() function that allows you to include the contents of a static page in a template with several options. It also adds a shortcode allowing you to include the same page into a post or static page.

Insights   Insights
» Vladimir Prelovac (url)
Insights allows you to quickly access and insert information (links, images, videos, maps..) into your blog posts.

K2 Date Stamp   K2 Date Stamp
» Steve Lam (url)
Displays the post/comment dates in stamp fashion.

KB Advanced RSS Widget   KB Advanced RSS Widget
» Adam R. Brown (url)
Gives user complete control over how feeds are displayed.

Maintenance Mode   Maintenance Mode
» Michael Woehrer (url)
Adds a splash page to your blog that lets visitors know your blog is down for maintenance. Logged in administrators get full access to the blog including the front-end. Navigate to Options → Maintenance Mode to get started.

NoFollow Free   NoFollow Free
» Michele Marcucci (url)
Remove the nofollow tag from your blog’s comments with a lot of options customizable, per user type removal, per comments count removal etc… Supports multilingual and a Top Commenters sidebar Widget.

Nofollow Reciprocity   Nofollow Reciprocity
» Lazar Kovacevic (url)
Searches for links to large sites using ‘nofollow’ tags for external links, and puts the same tag on links to those sites (Wikipedia.org, StumbleUpon.com, and similar) Added top 1000 sites from Quantcast.com. This plugin is based on Wikipedia nofollow and Identify External Links.

No Self Pings   No Self Pings
» Michael D. Adams (url)
Keeps WordPress from sending pings to your own site.

Ozh' Admin Drop Down Menu   Ozh' Admin Drop Down Menu
» Ozh (url)
Replaces admin menus with a CSS dropdown menu bar. Saves lots of clicks and page loads! For WordPress 2.5+

Page Links To   Page Links To
» Mark Jaquith (url)
Allows you to point WordPress pages or posts to a URL of your choosing. Good for setting up navigational links to non-WP sections of your site or to off-site resources.

Platinum SEO Pack   Platinum SEO Pack
» Rajesh - Techblissonline Dot Com (url)
Complete SEO solution for your Wordpress blog.

Plugin Central   Plugin Central
» Vladimir Prelovac (url)
Wordpress 2.5+ only. Automatically installs and updates WordPress plugins.

Popular Posts   Popular Posts
» Rob Marsh, SJ (url)
Displays a highly configurable list of the most popular posts. Instructions and help online. Requires the latest version of the Post-Plugin Library to be installed.

Post-Plugin Library   Post-Plugin Library
» Rob Marsh, SJ (url)
Does nothing by itself but supplies common code for the Similar Posts, Recent Posts, Random Posts, and Recent Comments plugins. Make sure you have the latest version of this plugin.

Random Posts   Random Posts
» Rob Marsh, SJ (url)
Displays a highly configurable list of randomly selected posts. Instructions and help online. Requires the latest version of the Post-Plugin Library to be installed.

Recent Comments   Recent Comments
» Rob Marsh, SJ (url)
Displays a highly configurable list of the most recent comments. Instructions and help online. Requires the latest version of the Post-Plugin Library to be installed.

Redirection   Redirection
» John Godley (url)
A redirection manager

RSS Footer   RSS Footer
» Joost de Valk (url)
Allows you to add a line of content to the end of your RSS feed articles.

Running Time   Running Time
» Andrew Hamilton (url)
Outputs the date of the oldest post and/or the newest post. Also will output how long the your site has been running for based on the first post date or a specified start date.

Samsarin PHP Widget   Samsarin PHP Widget
» Chris Pettitt (url)
A text widget with support for including PHP.

Search Unleashed   Search Unleashed
» John Godley (url)
Advanced search engine that provides full text searching across posts, pages, comments, titles, and URLs. Searches take into account any data added by other plugins, and all search results are contextually highlighted. You can also highlight incoming searches from popular search engines.

SEO Friendly Images   SEO Friendly Images
» Vladimir Prelovac (url)
Automatically adds alt and title attributes to all your images. Improves traffic from search results and makes them W3C/xHTML valid as well.

Similar Posts   Similar Posts
» Rob Marsh, SJ (url)
Displays a highly configurable list of related posts. Similarity can be based on any combination of word usage in the content, title, or tags. Don’t be disturbed if it takes a few moments to complete the installation — the plugin is indexing your posts. Instructions and help online. Requires the latest version of the Post-Plugin Library to be installed.

Simple Image Link   Simple Image Link
» BlogWell (url)
A simple way to add an image with a link to your sidebar

Simple Tags   Simple Tags
» Amaury BALMER (url)
Simple Tags : Extended Tagging for WordPress 2.3 and 2.5 ! Autocompletion, Suggested Tags, Tag Cloud Widgets, Related Posts, Mass edit tags !

Simply Exclude   Simply Exclude
» Paul Menard (url)
Provides an interface to selectively exclude/include categories, tags and page from the 4 actions used by WordPress. is_front, is_archive, is_search, is_feed.

Sociable   Sociable
» Joost de Valk (url)
Automatically add links on your posts, pages and RSS feed to your favorite social bookmarking sites. Go to Settings -> Sociable for setup.

Subscribe2   Subscribe2
» Matthew Robinson (url)
Notifies an email list when new entries are posted.

Subscribe To Comments   Subscribe To Comments
» Mark Jaquith (url)
Allows readers to receive notifications of new comments that are posted to an entry. Based on version 1 from Scriptygoddess

Thank Me Later   Thank Me Later
» Brendon Boshell (url)
Sends a customizable “thank you” message after (a few hours, few days, weeks) a comment has been posted. This acts a reminder of your blog and can bring “one-time” readers back

TinyMCE Advanced   TinyMCE Advanced
» Andrew Ozz (url)
Enables advanced features and plugins in TinyMCE.

Tippy   Tippy
» Chris Roberts (url)
Simple plugin to display tooltips within your WordPress blog.

What Others Are Saying   What Others Are Saying
» SarahG (url)
Use the RSS field in your Blogroll and display the most recent post from sites that you link to.

WordPress.com Popular Posts   WordPress.com Popular Posts
» Frasten (url)
Shows the most popular posts, using data collected by WordPress.com stats plugin.

WordPress.com Stats   WordPress.com Stats
» Andy Skelton (url)
Tracks views, post/page views, referrers, and clicks. Requires a WordPress.com API key.

Wordpress.com Stats Helper   Wordpress.com Stats Helper
» Vlad Bailescu (url)
This plugin helps you extract data from wordpress.com stats and use it across your blog.

Wordpress Gravatars   Wordpress Gravatars
» Rune Gulbrandsøy (url)
Makes use of Gravatars and MyBlogLog Avatars, places Gravatars, OpenAvatar, Wavatar, Identicon, monsterID or MyBlogLog Avatars in the comments section. Uses the comment authors email to display their Gravatar. It also gives the user an Author Profile picture, based on his or hers Gravatar. Developer blog at this site.

WP-Cumulus   WP-Cumulus
» Roy Tanck (url)
Flash based Tag Cloud for WordPress

WP-DBManager   WP-DBManager
» Lester 'GaMerZ' Chan (url)
Manages your Wordpress database. Allows you to optimize database, repair database, backup database, restore database, delete backup database , drop/empty tables and run selected queries. Supports automatic scheduling of backing up and optimizing of database.

WP-dTree   WP-dTree
» Ulf Benjaminsson (url)
A fork of Christopher Hwang’s WP-dTree, improving performance and adding useful features.

WP-PageNavi   WP-PageNavi
» Lester 'GaMerZ' Chan (url)
Adds a more advanced paging navigation to your WordPress blog.

WP-PluginsUsed   WP-PluginsUsed
» Lester 'GaMerZ' Chan (url)
Display WordPress plugins that you currently have (both active and inactive) onto a post/page.

WP Greet Box   WP Greet Box
» Thaya Kareeson (url)
Show a different message to your visitor depending on which site they are coming from. For example, you can ask Digg visitors to Digg your post, Google visitors to subscribe to your RSS feed, and more! Best of all, this plugin is compatible with various WordPress cache plugins.

WP Security Scan   WP Security Scan
» Michael Torbert (url)
Perform security scan of WordPress installation.

WP Super Cache   WP Super Cache
» Donncha O Caoimh (url)
Very fast caching module for WordPress. Once activated, you must enable the cache. Based on WP-Cache by Ricardo Galli Granada.


NB: Proud to say that I’m probably the first to be running 2.6.2 in this part of the world. Yeehaaah!!



Robert@PNG Signature


  • Digg
  • del.icio.us
  • StumbleUpon
  • Reddit
  • TwitThis
  • E-mail this story to a friend!
  • Print this article!



Other posts you might find of interest...


  • Successful upgrade to Wordpress 2.6.2 photo Running a self hosted Wordpress Blog… I reckon is a bit like owning a British motorcycle (well, one of the older models anyway)! Going under the hood to tinker is driven firstly by the inherent need...
  • Successful upgrade to Wordpress 2.6.2 photo Why use Wordpress Plugins? Using plugins in a Wordpress installation enables the author to not only create a blog that is functionally richer and aesthetically more pleasing to the eye but more importantly it...
  • Successful upgrade to Wordpress 2.6.2 photo The trupela concept… Starts to take shape but without much substance yet. As mentioned in a previous post I have been busy with the setting up of a new website - Robert@PNG V4 -...
  • Successful upgrade to Wordpress 2.6.2 photo Open Source Software white papers Due to a number of requests by readers to make several white papers on the topic of Open Source Software (OSS) available, I have created a File Download Section...
  • Successful upgrade to Wordpress 2.6.2 photo Wordpress Plugins Rock! I’ve been meaning to share with you for a while now exactly what I run under the hood (so to speak) as far as Wordpress plugins - which ones and...




0 Response to “Successful upgrade to Wordpress 2.6.2”

Feed for this Entry Trackback Address
  • No Comments

Leave a Reply

Robert@PNG uses Thank Me Later



websites...


What Others Are Saying

Malum Nalu on... PNG's potato industry faces more threats
Sjroeplog on... Big sister
Madang - Ples Bilong Mi on... Being Thankful
Tiri Kuimbakul on... Graduation Speech - Kitip Lutheran Secondary School, WHP
Lock Family Ramblings on... Birthday (old) boy
Avaiki on... about avaiki
Andrew's Ukarumpa on... Blog Policy Change, Thanksgiving Down Unda
-->