Wordpress 2.1.1 Are Dangreous wordpress 2.1.1 are dangreous

[dedyradix 0]

wordpress 2.1.1 are dangreous you must upgrade to wp 2.1.2 because 2.1.1 are critical error.

[Saint_Michael 3]

could you tell as what kind of critical errors that WP 2.1.1 has so we could have a better idea, because sometimes upgrading to a new sofware is not always the most feasible, unless it's a major security update that is needed.edit: Well I guess it would be feasible to upgrade wordpress then thanks mike

Edited April 6, 2007 by Saint_Michael (see edit history)

[michaelper22 0]

From the WordPress development blog:

Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately.
Longer explanation: This morning we received a note to our security mailing address about unusual and highly exploitable code in WordPress. The issue was investigated, and it appeared that the 2.1.1 download had been modified from its original code. We took the website down immediately to investigate what happened.

It was determined that a cracker had gained user-level access to one of the servers that powers wordpress.org, and had used that access to modify the download file. We have locked down that server for further forensics, but at this time it appears that the 2.1.1 download was the only thing touched by the attack. They modified two files in WP to include code that would allow for remote PHP execution.

From https://wordpress.org/news/2007/03/upgrade-212/

[SamiFX 0]

I have a wordpress already installed ... but how can I upgrade it without losing the data .. It's realy a scare movie

[Saint_Michael 3]

wordpress comes with instructions on how to update the software through updates, I would recommend that you go to wordpress website and find information on how to install the updates without losing your info.

[darran 0]

It is really a simple process. There isn't any complexity in it. But to be safe ... you can do this:

 

Backup your files

There are 2 ways of doing this. You can either backup using the backup plugin provided by wordpress, generate a sql file and then you can use this file to execute the query in your phpadmin. Depending on the number of posts you have, the size of this file may vary. If I am not wrong, phpadmin only allows you to execute a 10mb sql query.

 

Another way which I would prefer is to use the export function. Go to Manage > Export. It would save your posts, comments, custom fields, and categories. That is basically what you want in your blog.

 

Download all your themes and plugins to your desktop. There is no need to download the entire directory because the wp-content/themes and wp-content/plugins are the only places where you would add your stuff in unless of course you created some stuff out of these 2 folders. Back it up too.

 

Download the new version of WordPress

Go to their site, grab it and unzip, unrar it whatever it is. Then simply upload it to the directory where you have wordpress installed. Overwrite everything and in less than 5 minutes everything would be upgraded.

 

This is the way I have been upgrading. All the way from the 1.5 version till the latest 2.1.3 version. And there have been no problems at all. You can trust me on this, I have been using WordPress for almost 2 years now.

[shigajet 0]

Version 2.1.3 is out already. I'm still on 2.1.2 and that seems secure as it is. What bugs were fixed in the latest version? (Sorry...can't access the official WordPress site from where I am now).

[jlhaslip 4]

As noted and reported, this topic is stale with the new release of WordPress.Closing this Topic.