Skip to content
 

WordPress 2.6.2

Another quick heads up peeps.  WordPress 2.6.2 is out and you should update ASAP – especially if you

WordPress.org

WordPress.org

allow registrations on your blog.

See the WordPress Dev Blog for details, but in short the new update fixes the SQL Column Truncation vulnerability and the weakness of mt_rand().  Apparently other PHP apps are vulnerable too – read the WP Dev Blog entry.

This version also fixes a bunch of new bugs.  I’ll be updating in the next 24 hours and would advise you to do the same.  Don’t forget to deactivate and then reactivate your plugins – and if you haven’t upgraded for a few versions, check their compatibilities.

Similar Posts:

48 Comments

  1. MrCorey says:

    Snuck that in there, they did! Head’s up! goes to you. Upgrading we shall go…BACK UP!!!!

  2. [...] you want to upgrade your WordPress site to version 2.6.2 to avoid an embarassing hack.  Thanks to Ray for his notice of the WordPress team’s upgrade, as I like to keep this place secure for you [...]

  3. Thai SEO says:

    I am happy with current 2.6.1 version but WordPress 2.6.2 contains a handful of bug fixes. I’ve just upgraded my blog to this new.

  4. Ray says:

    No probs – thanks for the backlink :)

  5. Thank you for the heads up. I usually hold off on updating but it sounds like it should not procrastinate with this update. Appreciate the tip.

    John@Marland Real Estate’s last blog post..Baltimore Real Estate

  6. Ringtones says:

    Bad to hear that. ;( I upgraded my blogs and now gonna do it again. Anyway thanks for the info.

  7. If I’m not allowing registration, and am satisfied, I shouldn’t be worried, correct?

  8. MrCorey says:

    Upgrading can be fairly painless, if you do it right. The instructions on the WordPress site are quite good. There’s no worrys about upgrading if you remember to back up your site, which you should be doing regularly anyways, expecially if you’re on a shared host or one that’s new or a “no-name”, as they might not be there tomorrow (it happens) and your site will be gone.

    Why not back up your site right now!

    Remember, that it the upgrade request mentions the word “security” then its important and you should consider upgrading.

    Then, you can upgrade WordPress.

    Here’s what I do:

    1)I save my whole WordPress install to a folder on my hard drive by downloading all of the files and folders to my computer with Filezilla – its a quick drag and drop action.

    2)Once that’s done, I use cPanel’s backup utility to back up my database (this is the most important if you hose your WordPress upgrade, you can revert back to the way it was with a database back up). This would be a mouse click in the “Backups” section of cPanel.

    3)Then, I delete all of the WordPress files, except what’s in my wp-content folder (but I have also backed that one up, just in case – that’s the only one you really need to back up).

    4)I extract the new files that I got from WordPress on my desktop (of my computer). And, then, I upload the files and folders to my site in the place of the ones I deleted, with Filezilla.

    5)Then, I visit (sitename here)/wp-admin/upgrade.php to see if it needs upgrading. If it does, it will tell you and do it once you press the button. if it doesn’t, it’ll tell you and you’re done.

    This will always work, unless you’ve messed with some files in wp-admin or wp-includes. if you have, then you’ve got the smarts to be able to do what I’ve described and a lot more, so upgrade.

    MrCorey’s last blog post..Security is Most Important

  9. MacBros says:

    Meh. WordPresses Automatic upgrade is way easier than that. It’s backs everything up, downloads the files, puts you in maintenance mode, de-activates the plugins, installs new files, re-activates the plugins, and opens your site back up.

    Easy peasy.

    MacBros’s last blog post..All’s Clear! I Guess We’ll All Live For Now.

  10. MrCorey says:

    Good way, too, but many people never learn about that plugin (and I wanna do it myself)

    MrCorey’s last blog post..Security is Most Important

  11. drew says:

    Textpattern upgrades are way easier.. it’s so secure, they have a new release about once every 6 or so months with mostly enhancements than bugs and security fixes.. you spend more time blogging than upgrading or blogging about upgrading.. ;)

  12. hari says:

    Like Drew, I am a fan of alternate blogging platforms. Go B2evolution :)

    hari’s last blog post..Lunch breaks and effective working hours

  13. WordPress is getting a lot of flak lately for releasing these updates too soon. As far as I am concerned, I like being part of a community that keeps innovating, listening to the community and keeps giving back to them. WordPress rocks! :-)

    K@quickpwn gui’s last blog post..iPhone Firmware 2.1 & iTunes 8 Windows Vista Fix Available

  14. I have so much to learn about WordPress and your blog help. Thanks!

  15. The bugs of the previous versions have been fixed now. This upgrade is a must do.

  16. The new updates seem to work well. Thanks for the post.

  17. I gave up on WP a long time ago. If I want to put up a quick blog, I use ‘Simple PHP Blog’ (Go0gle it)

  18. Thanks for the heads up, only seams a week ago that I last upgraded buy better to be safe than sorry.

  19. Ray says:

    Speaking of upgrades, I notice a number of you are on out of date Firefox browsers. There have been a number of updates for security reason in the last 12 months, you should be on 3.0.1.

  20. drew says:

    Ray, if you’re gonna make the upgrade argument for Firefox, what about all the Windows users? They should upgrade to Linux to patch their huge security risks.. ;)

  21. Ray says:

    I would have thought that would be a given. Notice how generous and giving I am by letting Windows users post here. All Windows users should get their patches, firewalls, virus guards, spam killers, malware killers and other assorted security tools updated stat.

    Drew should run sudo slackpkg –update && sudo slackpkg –upgrade-all and I will run sudo apt-get update && sudo apt-get dist-upgrade and we’ll be fine :D

  22. MrCorey says:

    These scary insecure graphical browsers!

  23. MrCorey says:

    Wow! 4 cookies just to post a comment! Plus, two just to view the page. I guess it beats the non-interactive version of the web.

    MrCorey’s last blog post..Beergarita!

  24. Ringtones says:

    MrCorey, I experienced it too. Really great feature.

  25. Ray says:

    Only 4 cookies eh? I’ll have to fix that. And lol at using Lynx – I assume sftp wasn’t good enough for you then!

    Ray’s last blog post..WordPress 2.6.2

  26. hari says:

    I now expect Ray to send me a jar of chocolate chip cookies for every comment I post here :D

    hari’s last blog post..Lunch breaks and effective working hours

  27. Ray says:

    They are on the way Hari – the postal service between our countries is terrible though :)

    Ray’s last blog post..WordPress 2.6.2

  28. hari says:

    Oh yes, the postman might eat it instead. :P

  29. drew says:

    Umm.. you guys didn’t read the fine print for hosting services.. I get 35% of any cookie exchanges. You can do a whois lookup to find my home address to send them too. Failure to pay results in high chocolate chip rates and possibly chroot jail time on the server.. ;)

  30. Ray says:

    Drew, I hear you got caught shorting marshmallows so I can believe you need the chocolate chips :)

  31. drew says:

    Mmmmm… marshmellows.. :p

  32. I still haven’t upgraded to 2.6.2 I need a lot of time to upgrade all my sites, so I’m waiting for a 2.6.3 to take place. It’s probably just around the corner.

    Nina @ Pressure Cookers´s last blog post..Philippe Richard Pressure Cooker

  33. Ray says:

    The next one is 2.7 AFAIK. The upgrade from 2.6.x to 2.7 will be easier as most plugins should still work. You should at least install it locally so you can test your themes and plugins and get used to the differences in the dashboard and admin options.

  34. I was having so much trouble installing all of this. I just gave up and made my own website on Dreamweaver.

    • Ray says:

      @Kevin@Great Wall of China Facts, Really? I found the install pretty simple – though that may be because Drew did all the PHP and SQL stuff on the back end for me. If you can find a decent host that supports and upgrades WordPress for you, it takes a lot of hassle out of the initial install.

  35. I gave up on WP a long time ago.

  36. I would also suggest dreamweaver as an alternate to wordpress. Much more user-friendly.

  37. Ray says:

    Dreamweaver? Is that suitable as a CMS or blogging platform?

    Ray´s last blog post..WordPress 2.6.3

  38. I personally love WP, but it has definitely taken a lot of patience, tweaking, and trial and error. Ray – Dreamweaver is a text/code editor program. It is not a CMS or blogging platform.

    Tom@Birth Of Mothra´s last blog post..Birth of Mothra – truth or fiction?

    • Ray says:

      I know what DreamWeaver is, I was wondering if Taylor had found a way to make it do other things :) I think s/he means to write a whole site from scratch, but I could be wrong. It could just be an ad, of course……

      Oh, and by the way, love the site!

  39. Detektei says:

    Hey, very interesting post.

    My written English is not so good so I write in German:

    “Lieber den Spatz in der Hand, als die Taube auf dem Dach.”

    Yours sincerely
    Detektei

  40. And I just added the automatic update plugin to my blog and it works very well. So I am all updated and will stay updated. I used to update from my cPanel but there is quite a time lag before the new version migrates over there.