Wordpress 2.8.5 Security Update

Kelvin59: <a href="http://www.rknewyorkwebdesign.com/log/css-log/2009/02/12/advantages-of-using-css-in-web-design.html#comment-1214" title="View the entire comment by Kelvin59">When the message is sent
John45: <a href="http://www.rknewyorkwebdesign.com/log/css-log/2009/02/12/advantages-of-using-css-in-web-design.html#comment-1211" title="View the entire comment by John45">It is the more familiar
Mr.Carrot73: <a href="http://www.rknewyorkwebdesign.com/portfolio/2007/02/16/sullivan-rk-solutions-llc-corporate-web-site-design.html#comment-1210" title="View the entire comment by Mr.Carrot73">I'm a junior in high
Gary J: <a href="http://www.rknewyorkwebdesign.com/log/wordpress/2009/10/15/all-in-one-seo-pack-is-banned-by-dreamhost.html#comment-1205" title="View the entire comment by Gary J">Does anyone knows why it
Zamshed Farhan: <a href="http://www.rknewyorkwebdesign.com/log/2008/12/09/benefits-of-using-joomla-for-web-design.html#comment-1059" title="View the entire comment by Zamshed Farhan">Very nice article about Joomla.

Posted on: Tuesday, October 27th, 2009

The Wordpress developers have released version 2.8.5 of their popular blogging software. The version is considered a security upgrade. The developers are calling this released a hardening release as it tightens Wordpress security to make Wordpress blogs more secure than before. The release is also fixing a Trackback denial of service attack that is currently in the wild.

The most important changes in Wordpress 2.8.5 are:

A fix for the Trackback Denial-of-Service attack that is currently being seen
Removal of areas within the code where php code in variables was evaluated.
Switched the file upload functionality to be whitelisted for all users including Admins.
Retiring of the two importers of Tag data from old plugins.