The WordPress developers have released version 2.8.5 of their popular blogging software. The version is considered a security upgrade. The developers are calling this released a hardening release as it tightens WordPress security to make WordPress blogs more secure than before. The release is also fixing a Trackback denial of service attack that is currently in the wild.
The most important changes in WordPress 2.8.5 are:
- A fix for the Trackback Denial-of-Service attack that is currently being seen
- Removal of areas within the code where php code in variables was evaluated.
- Switched the file upload functionality to be whitelisted for all users including Admins.
- Retiring of the two importers of Tag data from old plugins.