For those of you using WordPress, there is an important update you should consider.
WordPress 2.3.2 is an urgent security release that fixes a bug that can be used to expose your draft posts. 2.3.2 also suppresses some error messages that can give away information about your database table structure and limits and stops some information leaks in the XML-RPC and APP implementations. Get 2.3.2 now to protect your blog from these disclosures.
As a little bonus, 2.3.2 allows you to define a custom DB error page. Place your custom template at wp-content/db-error.php. If WP has a problem connecting to your database, this page will displayed rather than the default error message.
4 thoughts on “WordPress 2.3.2”
What do you do once you’ve downloaded it?
Wendy: You don’t have to worry about it since you’re on WordPress.com. But for people like me who host our own websites, simply replace the existing files with the new ones. If you’re upgrading from an older version then you may have to run the upgrade.php file.
Oh okay, cool. Thanks Luke
Fortunately I am on wordpress.com so hopefully they have fixed this bug for us.