WordPress 2.3.3 Security Release

WordPress version 2.3.3 has been released. This release, like the previous one, addresses an urgent security vulnerability that was found in the WordPress XML-RPC implementation. The flaw could allow any valid user on your blog to edit posts made by other users on your blog.

WordPress 2.3.3 also fixes some other minor bugs. If you don’t care about those minor bug fixes and just want to patch your blog against the XML-RPC vulnerability, you can download a fixed copy of xmlrpc.php and copy it to your WordPress installation directory, replacing the existing xmlrpc.php file.

You’re probably better off just downloading WordPress 2.3.3 and doing the full upgrade.

WordPress 2.3.2 Urgent Security Release

The WordPress folks have released WordPress 2.3.2, describing it as an urgent security release. This latest version fixes a bug that can be exploited to display your draft posts. Some changes have also been made to prevent certain error messages from giving away more information about your database than they need to. I would strongly advise that WordPress users install 2.3.2 ASAP.

WordPress 2.3.2 includes a new feature to allow you to customize the error page that’s displayed when WordPress can’t connect to your database. You can see the full list of changes between 2.3.1 and 2.3.2, you can also see which bugs are fixed in WordPress 2.3.2.

Head over to the 2.3.2 announcement post on the Dev Blog for the full story on WordPress 2.3.2. If you don’t care about any of that, you can just head straight to the download.

WordPress 2.2 Adds Tags

The NeoSmart Files noticed the addition of native tagging support to WordPress 2.2 in the SVN repository. What’s this mean for WordPress bloggers? Not much really, other than the fact you’ll no longer have to use a third-party plugin for tagging your posts or pages.

This is great for WordPress, tagging is something I expected to see with the release of 2.0, but that didn’t happen. Tags are something bloggers really want, native tags will just make WordPress an even more attractive blogging platform.

I’m going to have trouble leaving the Ultimate Tag Warrior plugin behind in favor of the new tagging system in WordPress 2.2. Ultimate Tag Warrior has been so nice to work with and is pretty much the de facto WordPress plugin for tags. Ultimate Tag Warrior has some features not found in the tag system native to WordPress 2.2, such as tag suggestions. Also, Ultimate Tag Warrior allows you to apply tags you’ve used previously to a post via a select form, something not found in WordPress 2.2 tags. Hopefully the WordPress team has those features planned for inclusion at some point.

Anyway, head over to The NeoSmart Files for more, they have a screenshot comparing Ultimate Tag Warrior to native tags in WordPress 2.2.

Good Bye Spam Karma 2. Hello Akismet.

Done Using Spam Karma 2Spam Karma 2 has served my well over the last year or two. As you can see from the image, SK2 stopped 76,264 pieces of comment spam from being published. Before Akismet was around, Spam Karma 2 was the plugin most people went to for spam protection.

Since Spam Karma 2 hasn’t been showing any signs of life lately, I’ve decided to ditch it in favor of Akismet. I know for a fact Akismet is being actively developed. Also, I know for a fact that Akismet fully supports WordPress 2.1. I’m pretty sure SK2 isn’t fully WordPress 2.1 compatible. I’m not sure though, I say that because I thought I read of some WordPress 2.1 users having lots of problems with SK2. I could be way off though, I can’t find whatever it was I thought I was reading now.

Anyway, Akismet is now protecting this blog from comment spam. I’m not anticipating any problems, but who knows. If you have problems posting comments please get in touch with me via the contact form.

Unwakeable Status: Version Bump

Just a quick heads up on what’s been going on with Unwakeable lately. On the top of my priority list is livesearch. Livesearch doesn’t work in Internet Explorer when certain plugins are in use, such as Share This from Alex King. This is caused by multiple prototype.js files being loaded.

The next version of Unwakeable will be 2.0. I’ve been saying 1.3 would be the next version but have since decided to make the bump up to 2.x. I chose to do this because I’m dropping support for WordPress 2.0.x and focusing on supporting WordPress 2.1 fully.

Since Unwakeable 2.0 is a couple weeks out still, this will hopefully give everyone enough time to upgrade to WordPress 2.1. There shouldn’t be anything holding you back from upgrading at this point. As of right now, I’m taking out all the old WordPress 2.0.x functions and replacing them with the new functions found in WordPress 2.1. I really don’t want to try to support both versions of WordPress. Doing so could cause pages to load slowly due to all the checking I’d have to do for existing functions. So, as of right now, Unwakeable 2.0 will be WordPress 2.1 only!!

Also slated for Unwakeable 2.0 is additional support for more plugins. Unwakeable 2.0 will have support for the following plugins, in addition to those already supported:

  1. WPVideo
  2. Yet Another Photo Blog (YAPB)
  3. LMB^Box Comment Quicktags

I’ve retooled the various post styles that were introduced in Unwakeable 1.1. I’ve slimmed them down quite a bit and have included icons from Dropline Neu by Silvestre Herrera.

Also, I should have some additional options for Unwakeable. One additional option will be the number of related posts to show on the sidebar, as well as the number of recent posts to show on the sidebar. Also, I’d like to include an option to specify weather or not to use a fixed width , which is pixel based, or variable width, which is percentage based. This will give greater flexibility to bloggers who post large images frequently. I haven’t looked into how feasable this will be to do yet. Provided it’s not too difficult, this feature should be included in Unwakeable 2.0.

I’m still planning support for user defined color schemes in the options panel, although not in time for Unwakeable 2.0. I’m not quite sure how to go about displaying all these options in an efficient manner. It may be easier for me to just allow users to create custom style sheets that apply only to colors. Not really sure as of right now how I should exactly go about this. This how-to from Thomas looks pretty good, although little of it probably relates to WordPress 2.1.

So, there you have it. I’m really looking forward to releasing Unwakeable 2.0, it’s gonna be the best release yet. Again, I’d like to thank everyone who uses Unwakeable. Your kind words and feedback make every bit of time I put into Unwakeable very much worth it. Thank you all for your support. And as always, let me know if there’s any features you’d like to see or if you’d like support for a certain plugin.