手动更新wp 3.04 to 3.0.5 » 荒野无灯weblog

Keep It Simple, Stupid.

荒野无灯weblog

手动更新wp 3.04 to 3.0.5

wp3.0.5
主要是几个BUG的修补,建议更新。
下面摘自WP官方消息,地球人基本上都认得,我就不翻译了:
Summary
Fix XSS bug: Properly encode title used in Quick/Bulk Edit, and offer additional sanitization to various fields. Affects users of the Author or Contributor role. (r17397, r17406, r17412)
Fix XSS bug: Preserve tag escaping in the tags meta box. Affects users of the Author or Contributor role. (r17401)
Fix potential information disclosure of posts through the media uploader. Affects users of the Author role. (r17393)
Enhancement: Force HTML filtering on comment text in the admin (r17400)
Enhancement: Harden check_admin_referer() when called without arguments, which plugins should avoid. (r17387)
Update the license to GPLv2 (or later) and update copyright information for the KSES library.

List of Files Revised

wp-includes/default-filters.php
wp-includes/version.php
wp-includes/pluggable.php
wp-includes/kses.php
wp-includes/script-loader.php
readme.html
wp-admin/includes/post.php
wp-admin/includes/update-core.php
wp-admin/includes/template.php
wp-admin/js/post.dev.js
wp-admin/js/post.js
wp-admin/async-upload.php

丢个手动更新包:

wordpress3.0.4-upgradeto-3.0.5.zip (102.2 KB)

Tagged in : wp升级

All Comments (0)
Gravatar image
No Comments