Zum Inhalt springen

Archiv für die Kategorie "Blogzeugs"

WordPress 4.9.1 Security Update

WordPress versions 4.9 and earlier are affected by four security issues which could potentially be exploited as part of a multi-vector attack. As part of the core team's ongoing commitment to security hardening, the following fixes have been implemented in 4.9.1:

Use a properly generated hash for the newbloguser key instead of a determinate substring.

Add escaping to the language attributes used on html elements.

Ensure the attributes of enclosures are correctly escaped in RSS and Atom feeds.

Remove the ability to upload JavaScript files for users who do not have the unfiltered_html capability.

(…)
www.wordpress.org

Amateure

Drüben beim jawl steht ein Text, der eigentlich ein Kommentar auf einen anderen Text bei Fr. Brüllen ist.

Und ich schreibe nun einen kleinen Text dazu, weil mich diese beiden Texte, bzw das Thema darin auch schon seit Jahren immer mal wieder in Wallungen bringt. Denn so funktionieren Blogs.

Weil es zunächst wallte, habe ich auf Twitter rumgekrümelsucht, weil im begleitenden Tweet zum Text was von "warum jetzt alle Blogs gleich sind" stand, und da musste ich mich natürlich direkt in bester Manier der Menge der Leute, die bei Brian aus "Das Leben des Brian" morgens vor der Tür stehen, rufen, "ich nicht!". Und wie immer, wenn man so was ausruft, ist es dann hinterher etwas awkward, zumal, wenn man dann feststellt, dass im eigentlichen Text es ja genau darum geht: Der Unterschied zwischen den so genannten "kommerziellen" Blogs, die rein als (Selbst)vermarktungsmaschinen in die Welt gesetzt werden, und, nun, den anderen.

Den Amateuren.

WordPress 4.9 - Tipton

This release features Customizer improvements, including the ability to save customization changes as drafts, schedule them to go live at a certain time, and letting other people preview the changes easier. To improve code editing in the admin we've introduced syntax highlighting and error checking to make things more robust and harder to break.
wordpress.org

12 Years Blogrocking the Web

Happy Birthday, dear blog: your first post was published in August, 24th 2005.
That's like one hundred internet-years, and so you are about two years older than the twitter 'hashtag' (#) invention.
And you are still my favorite place to try out new technologies, to rant about the oddities of my daily adventures and recently to share some of the experiences and solutions from my daily work with this web thing, and writing more and more in english, because I'm one of those pseudo-international hipsters now, you know.

love,
Tom

WordPress 4.8 "Evans"

Eine neue Version des populären CMS ist erschienen, und kann über den Adminbereich oder manuell per Download installiert werden.

Version 4.8 of WordPress, named “Evans” in honor of jazz pianist and composer William John “Bill” Evans, is available for download or update in your WordPress dashboard. New features in 4.8 add more ways for you to express yourself and represent your brand.
wordpress.org

The new oil

Anselm just published a response* to NYT's "The Big Five tech companies increasingly dominate our lives. Could you ditch them?" quiz.

His personal results seem to be quite similar to what I'd find out. Ditching Apple for example would be way harder for me as, say, ditching Facebook - which I already try to avoid as much as possible, but as Anselm wrote, with friends using Instagram and Whatsapp constantly, there's no way around touching FB from time to time.

A thought I had while reading this — if data indeed is the new oil, shouldn't we all ...

WordPress 4.7.5 Security and Maintenance Release

WordPress Logo an die VW-Fabrik gephotoshopped

Ladies and Gentlemen, start your update engines:

WordPress versions 4.7.4 and earlier are affected by six security issues:
Insufficient redirect validation in the HTTP class. Reported by Ronni Skansing.
Improper handling of post meta data values in the XML-RPC API. Reported by Sam Thomas.
Lack of capability checks for post meta data in the XML-RPC API. Reported by Ben Bidner of the WordPress Security Team.
A Cross Site Request Forgery (CRSF) vulnerability was discovered in the filesystem credentials dialog. Reported by Yorick Koster.
A cross-site scripting (XSS) vulnerability was discovered when attempting to upload very large files. Reported by Ronni Skansing.
A cross-site scripting

...

Billy Bragg - Waiting For The Great Leap Forward

Slightly upgraded lyrics. Love it.
<3

WordPress 4.7.4 Maintenance Update

Gestern ist ein Wartungs- und Bugfixupdate von WordPress erschienen.

This release contains 47 maintenance fixes and enhancements, chief among them an incompatibility between the upcoming Chrome version and the visual editor, inconsistencies in media handling, and further improvements to the REST API. For a full list of changes, consult the release notes and the list of changes.wordpress.org

Die Auto-Updates prasseln hier schon bei diversen Installationen rein; wie gewohnt gibt es die neue Version aber auch zum Download auf wordpress.org.