WordPress 2.2 was finally released

After being delayed for almost a month, WordPress 2.2 was finally released on 15 May 2007. Please refer to my previous WordPress 2.2 post for my personal thoughts about it.

The next WordPress release will be on September 2007, unless if they discovered a critical bug which needs to addressed immediately.

Please read the official release announcement from the official WordPress blog for further information.

[tags]open source, opensource,wordpress,blog,blogging[/tags]

WordPress 2.2 is going to be released, pretty soon!

The next major release of WordPress 2.2 is scheduled to be released around 26 April 2007. This is the next latest release since WordPress 2.1 was made in January 2007.

WordPress 2.2 spot major improvement over the previous WordPress architecture among it :

  • It includes the new ATOM API support for managing post (like blogger.com)
  • Uses phpmailer to handle mail related code
    (reduce burden to wordpress developer to spot bugs/vulnerability)
  • Support multiple comment feed format (RSS, ATOM)
  • Uses the lighter jQuery for JS core library which is lighter (thus faster)
  • Includes Widgetized default themes (Kubrick and Classics)
  • Plugin sandboxing for testing new plugins

The addition of ATOM API and ATOM 1.0 feeds is a much awaited feature for blogging geeks since both of it has been supported in blogger.com, and considered superior to XML-RPC interface and RSS syndication feeds.

p/s : I’ve been using the WordPress 2.0.x branch for compatibility reason with most of my plugins. Since, most of my plugins has been ported to 2.1, may be this is a good time for me to upgrade to the latest WordPress 2.2.x branch after this.

Alternative post : WordPress by Examples

[tags]wordpress,blog,blogger,blogger.com,xml-rpc,wordpress.com[/tags]

WordPress 2.0.9 (bugfix) release

WordPress 2.0.9 has been release for the 2.0 branch.

Among the bugfixes introduced in this release are :

  • Fixed RSS bug when %category% used in permalinks
  • Eliminate PHP 5.2 error in cache.php
  • fixed random bug in Comment code
  • Eliminate Vulnerability in nonce AYS

Should I upgrade to WordPress 2.0.9?

You should upgrade If you are using WordPress 2.0.7 and below. There are reasons why people wouldn’t upgrade to the latest stable branch WordPress 2.1. One thing is the plugins compatibility and the other thing is the technical restriction such as the the use of older mysql databases (3.23).

Users of WordPress 2.1 need not to worry about this as you use a different branch of stable release.

[tags]wordpress,blogging,opensource,open source[/tags]

WordPress 2.0.6 released!

I’d like to announced that WordPress 2.0.6 was finally released. I advised all of you to upgrade to this latest release to fix the HTML injection vulnerability that has been mentioned previously in this blog.

Upgrading WordPress is easy, all you need to do is to deactivate your plugins and overwrite all your previous wordpress files (except themes) with the files from latest WordPress release (currently 2.0.6).

Finally, go to http://your-wordpress/wp-admin/upgrade.php to finish off your upgrade process.

I guess that’s all you need to know about upgrading your wordpress installation :)

[tags]wordpress, upgrade,blog,blogging,blogs[/tags]

Update WordPress blog using Drivel in Ubuntu Linux

Today I want to introduce you to a wonderful desktop blog client in GNU Linux, Drivel.

Drivel is one of many desktop blogging clients available under GNU Linux. It started as a LiveJournal desktop blogging client and now has expanded to support other blogging platform as well such as Advogato, Blogger xmlrpc, Movabletype, Drupal,WordPress, and blog that uses ATOM (like the new Blogger).

Using Drivel to update your WordPress blog is easy, all you need to do is to start up your Drivel client, and choose MovableType as your blog platform.

drivel linux mypapit

From there, you put in your WordPress username and password. Put in your WordPress address in your “Server Address” field, and append it with /xmlrpc.php like this “http://your_wordpress.com/xmlrpc.php”.

After that, writing blog entry from Drivel is relatively easy. All you need to do is just type :)

Drivel is an easy blogging client to use and does not require you to know much about HTML to use it, it has a build in function to insert images, link and basic font formatting.

One interesting thing to note is, Drivel (through Movabletype protocol) supports category, this makes it different from other blogging client under Linux which is based on the older Blogger xml-rpc protocol which does not support category. However currently Drivel only support posting to one category per entry.

Why use a Desktop Blogging Client ?
Most people use desktop blogging client because it saves the time to actually log into your blogging client and selecting New Post before they can begin posting new entries.

Desktop blogging client saves you the time on the web interface, and let you concentrates on the writing the entry itself. Updating and Saving post is also faster when you use a desktop blogging client.

As a summary, Drivel is a nice Desktop blogging application to have around, it is small, easy to use and relatively fast. Simply put, Drivel does the job well for a simple blogging client.

[tags]livejournal, blogger, wordpress, drivel, linux, ubuntu, open source[/tags]

A WordPress HTML Exploit discovered, please patch it now!

Security focus has published information regarding WordPress HTML Injection Vulnerability which may allow attackers to inject PHP code straight into your WordPress blog.

This can lead the attackers do nasty things such as deleting your post, defacing your blog, dropping your entire post (read: delete all your post !) and other dangerous attack. This particular vulnerability affects all WordPress release from 1.2.1 to 2.0.5, WordPress 2.0.6 (currently in RC2) is not affected by this vulnerability.

WordPress bloggers are advised to apply patch released from WordPress team in order to secure their blog from malicious users.

Applying the patch is simple, all you need to do is download the zip archive from WordPress Trac, unzip it and upload wp-admin folder to your WordPress host, overwriting the old template.php file.

Thanks to Faizi for blogging about this.

[Source]

[tags]wordpress, open source, blogger, blogs, blogging, blog, security,exploits[/tags]