WordPress 2.6.3
October 23rd, 2008
A vulnerability in the Snoopy library was announced today. WordPress uses Snoopy to fetch the feeds shown in the Dashboard. Although this seems to be a low risk vulnerability for WordPress users, we wanted to get an update out immediately.
WordPress › Blog » WordPress 2.6.3.
Not sure what “low risk” really means, but I never recommend skipping security releases. The official post goes on to provide the affected file, so a full upgrade isn’t necessary, which is nice. Not sure I’ve seen that done in a long time. Guess it’s a case of 2.7 being close, and no desire to roll any other bug fixes in with this release. And because of that, it would seem that doing this upgrade is a no brainer.
Popularity: 7% [?]
Possibly Related:
- No related posts
If you don’t want to download the whole release to get the security fix, you can download the following two files and copy them over your 2.6.2 installation.
1. wp-includes/class-snoopy.php
2. wp-includes/version.php