Archiv für die Kategorie "Blogzeugs"

WordPress 4.8 "Evans"

Eine neue Version des populären CMS ist erschienen, und kann über den Adminbereich oder manuell per Download installiert werden.

Version 4.8 of WordPress, named “Evans” in honor of jazz pianist and composer William John “Bill” Evans, is available for download or update in your WordPress dashboard. New features in 4.8 add more ways for you to express yourself and represent your brand.
wordpress.org

The new oil

Anselm just published a response* to NYT's "The Big Five tech companies increasingly dominate our lives. Could you ditch them?" quiz.

His personal results seem to be quite similar to what I'd find out. Ditching Apple for example would be way harder for me as, say, ditching Facebook - which I already try to avoid as much as possible, but as Anselm wrote, with friends using Instagram and Whatsapp constantly, there's no way around touching FB from time to time.

A thought I had while reading this — if data indeed is the new oil, shouldn't we all ...

WordPress 4.7.5 Security and Maintenance Release

WordPress Logo an die VW-Fabrik gephotoshopped

Ladies and Gentlemen, start your update engines:

WordPress versions 4.7.4 and earlier are affected by six security issues:
Insufficient redirect validation in the HTTP class. Reported by Ronni Skansing.
Improper handling of post meta data values in the XML-RPC API. Reported by Sam Thomas.
Lack of capability checks for post meta data in the XML-RPC API. Reported by Ben Bidner of the WordPress Security Team.
A Cross Site Request Forgery (CRSF) vulnerability was discovered in the filesystem credentials dialog. Reported by Yorick Koster.
A cross-site scripting (XSS) vulnerability was discovered when attempting to upload very large files. Reported by Ronni Skansing.
A cross-site scripting

...

Billy Bragg - Waiting For The Great Leap Forward

Slightly upgraded lyrics. Love it.
<3

WordPress 4.7.4 Maintenance Update

Gestern ist ein Wartungs- und Bugfixupdate von WordPress erschienen.

This release contains 47 maintenance fixes and enhancements, chief among them an incompatibility between the upcoming Chrome version and the visual editor, inconsistencies in media handling, and further improvements to the REST API. For a full list of changes, consult the release notes and the list of changes.wordpress.org

Die Auto-Updates prasseln hier schon bei diversen Installationen rein; wie gewohnt gibt es die neue Version aber auch zum Download auf wordpress.org.

WordPress: nichts für "schnell mal eben" – Christian Fischer

WordPress Logo an die VW-Fabrik gephotoshopped

Nebenan im jawl.net Blog hat Christian einen sehr lesenswerten Artikel dazu geschrieben, warum die Vorstellung, dass man mit der berühmten "Fünf Minuten Installation" von WordPress, ein paar Plugins und einem Theme quasi im Handumdrehen eine Webseite am Start hat, mit Vorsicht zu geniessen ist.

Dieser Artikel ist nicht für Entwickler / Programmiererinnen geschrieben. Ich hoffe eher, dass er von Bloggern oder Bloggerinnen oder welchen, die es werden wollen, gelesen wird. Und von Menschen, denen jemand gesagt hat, man können mit WordPress „mal eben“ eine Website

...

WordPress 4.7.3 Security and Maintenance Release

Gerade eben scheint die neue Aktualisierung von WordPress auszurollen; mehrere meiner WP Installationen melden sich im Stromposteingang mit entsprechendem Hinweis auf das gerade erfolgte Update. Wieder wurden Sicherheitslücken gefunden und geschlossen und ein bisschen aufgeräumt.

This is a security release for all previous versions and we strongly encourage you to update your sites immediately.

WordPress versions 4.7.2 and earlier are affected by six security issues:
Cross-site scripting (XSS) via media file metadata. Reported by Chris Andrè Dale, Yorick Koster, and Simon P. Briggs.
Control characters can trick redirect URL validation. Reported by Daniel Chatfield.
Unintended files can be deleted

...

WordPress 4.7.2 Security Release

WordPress versions 4.7.1 and earlier are affected (…):
The user interface for assigning taxonomy terms in Press This is shown to users who do not have permissions to use it. (…)
WP_Query is vulnerable to a SQL injection (SQLi) when passing unsafe data. WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from accidentally causing a vulnerability. (…)
A cross-site scripting (XSS) vulnerability was discovered in the posts list table. (…)
An unauthenticated privilege escalation vulnerability was discovered in a REST API endpoint (…)
An additional serious vulnerability was fixed in this release and

...

WordPress 4.7.1 Security Update

Neues Jahr, neues Update – es sind Lücken gefunden und geschlossen worden, und ein bisschen aufgeräumt wurde auch unter dem Blogsofa, also ran an die Updateknöpf - egal, ob nun per Download und FTP, spooky WordPress Auto-Update oder per abgefahrenem Eigenbau.

WordPress versions 4.7 and earlier are affected by eight security issues:

Remote code execution (RCE) in PHPMailer – No specific issue appears to affect WordPress or any of the major plugins we investigated but, out of an abundance of caution, we updated PHPMailer in this release. This issue was reported to PHPMailer by Dawid Golunski and

...

The design, the code, 1959 texts, the illustrations, and some photos are made by me.

Motorisiert durch WordPress