Wasn't 3.0.4 released to only address one security vulnerability? I think that's all it was. It was literally like... less than a week between the releases. That could very well be accurate.
That weren't included in the link I gave up above.
edit: What's annoying about all this is Google'ing for this doesn;t work. When it sees "Wordpress" it thinks I;m talking about wp.com and diff thinks I;m thinking difference. Forcing it with quotes and pluses doesn;t seem to help either.
Responses (5)
Sales & Support Lead — 9th January 2011 #
Wasn't 3.0.4 released to only address one security vulnerability? I think that's all it was. It was literally like... less than a week between the releases. That could very well be accurate.
Keeper of the Dark Chocolate — 10th January 2011 #
Only a week and 400 changes? Ouch.
I;m also noticing fixes like this:
http://core.trac.wordpress.org/changeset/16809
That weren't included in the link I gave up above.
edit: What's annoying about all this is Google'ing for this doesn;t work. When it sees "Wordpress" it thinks I;m talking about wp.com and diff thinks I;m thinking difference. Forcing it with quotes and pluses doesn;t seem to help either.
Lead Developer — 10th January 2011 #
Ya, that's all just the kses.php bug.
Keeper of the Dark Chocolate — 10th January 2011 #
So I am looking at the right thing?
Lead Developer — 10th January 2011 #
Yup, those were the changes. We had to merge that kses security fix back into edublogs. It's particularly nasty!
Become a member