{"id":36,"date":"2005-08-14T22:00:31","date_gmt":"2005-08-14T20:00:31","guid":{"rendered":"http:\/\/blog.blackdown.de\/2005\/08\/14\/another-wordpress-security-update\/"},"modified":"2016-10-29T03:51:02","modified_gmt":"2016-10-29T01:51:02","slug":"another-wordpress-security-update","status":"publish","type":"post","link":"https:\/\/blackdown.de\/articles\/another-wordpress-security-update\/","title":{"rendered":"Another WordPress Security Update"},"content":{"rendered":"

WordPress<\/a> 1.5.2<\/a> “Strayhorn” has been released today. The changelog mentions that several vulnerabilities have been fixed but — once again — the developers don’t provide any details! One has to look at the diffs to see what has been fixed.<\/p>\n

I hate that kind of silly security by obscurity<\/em>. Vague vulnerability descriptions are almost useless for administrators, just saying “we’ve fixed some security problems” is even worse!<\/p>\n

August 15th, 2005:<\/strong> See this article<\/a> for a reply to some comments I’ve received.<\/em><\/p>\n

August 18th, 2005:<\/strong> The WordPress developers seem to have problems with release management too: There are two different 1.5.2 versions, read more in WordPress Security Annoyances<\/a>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

WordPress 1.5.2 “Strayhorn” has been released today. The changelog mentions that several vulnerabilities have been fixed but — once again — the developers don’t provide any details! One has to look at the diffs to see what has been fixed. I hate that kind of silly security by obscurity. Vague vulnerability descriptions are almost useless
[→ Read the rest of this entry<\/a>]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true},"categories":[8,20],"tags":[],"yoast_head":"\n\n\n\n\n\n\n\n\n\n\n\n\n\t\n\t\n\t\n