Comments on: Another WordPress Security Update

By: » WordPress 1.5.2 Released TurboBlogger.com

» WordPress 1.5.2 Released TurboBlogger.com — Mon, 15 Aug 2005 20:35:05 +0000

[…] While Matt & Co are keeping mum on the exact vulnerabilities that are being fixed, they claim to be doing so because there is already at least one exploit out in the wild and they believe releasing that info will simply make it easier for more exploits to be designed. I’m going to have to agree with Duncan Riley and some others that this type of security by obscurity is not appropriate. […]

By: Christoph Hoerl

Christoph Hoerl — Mon, 15 Aug 2005 16:09:47 +0000

Have you seen this page in Wordpress Support? There a few more informations about the changes in 1.5.2.

By: christoph-hoerl.de

christoph-hoerl.de — Mon, 15 Aug 2005 16:07:39 +0000

WordPress 1.5.2

Gestern wurde die Version 1.5.2 von WordPress veröffentlicht. Wie im Weblog deutlich wird, wurden keine sichtbaren Updates vorgenommen. Hauptsächlich wurden Sicherheitslücken geschlossen. Eine detaillierte Liste der Änderungen gibt es im Support….

By: lobstertechnology.com

lobstertechnology.com — Mon, 15 Aug 2005 12:10:19 +0000

Changes in WordPress 1.5.2

my 2 cents…

…

By: cyDome

cyDome — Mon, 15 Aug 2005 09:41:51 +0000

WordPress-Team verheimlicht Details über Sicherheitslücken

Wordpress 1.5.2 ist jetzt verfügbar. Das Update enthält einige sicherheitsrelevante Bugfixes. Jürgen Kreileder beschwert sich, dass man keine Details über die Art der Sicherheitslücken erfährt:

I hate that kind of silly security by obscurity….

By: » WordPress 1.5.2 released The Blog Herald: more blog news more often

» WordPress 1.5.2 released The Blog Herald: more blog news more often — Mon, 15 Aug 2005 01:35:04 +0000

[…] I’ve got to agree with the comments over at No Wow though: “The changelog mentions that several vulnerabilities have been fixed but — once again — the developers don’t provide any details! One has to look at the diffs to see what has been fixed… I hate that kind of silly security by obscurity. Vague vulnerability are almost useless for administrators, just saying “we’ve fixed some security problems” is even worse!” […]