WordPress 2.5 Released: Will WordPress 2.5 Be The First Problem Free Major Version? WordPress �� 2�5 : 2�5 WordPress �� … Maybe Not �� …

Angsuman Chakraborty ��

March 29th, 2008 �� 29th � 2008

Every major & minor version of WordPress (1.5, 2.0, 2.1…) comes with teething problems which are then fixed in patch releases. & �� WordPress (1�5 � 2�0 � 2�1…) �� . Will WordPress 2.5 release finally break the curse? �� WordPress �� 2�5 �� ɿ Maybe not… �� …

WordPress 2.5 ships with WordPress 2�5 �� 238 open defects 238 �� , of which 5 are blockers (no software should ship with blockers) and 15 major defects in terms of severity. � �� 5) �� ) 15 �� . WordPress 2.5 ships with 11 high priority defects. WordPress 2�5 �� 11 �� .

The high priority defects are: �� :
4379 Bad character in alt attribute of an img tag 4379 �� img
4463 Strange paging links �� 4463 ��
5792 delete_post doesn't appear to be called when deleting via AJAX 5792 delete_post ��
5823 Unused text and RSS widgets lose data after 2.5 upgrade assigned 5823 �� 2�5
6110 Custom permalinks created from plugin hooking in to WP redirects don't work. 6110 �� permalinks �� .
6262 Automatic Plugin Upgrade could break new plugins that require special instructions for upgrading 6262 ��
6315 ID's missing from all admin screens 6315 ��
6352 Tabindex bugs in trunk new westi 6352 tabindex �� westi
6406 Flash uploader won't work on Ubuntu/Linux �� 6406 �� /
6443 flash uploader didn't show in IE7, showed script errors 6443 �� ie7 � ��
6444 Changeset 7561 (post rc3) leaves an open 6444 changeset 7561 (�� rc3) ��

at the end of the inserted gallery html ��

The blockers are: �� :
5586 Auto installer for themes and plugins 5586 ��
6236 Platform independence issues with the pclzip class 6236 �� pclzip
6406 Flash uploader won't work on Ubuntu/Linux �� 6406 �� /
6443 flash uploader didn't show in IE7, showed script errors 6443 �� ie7 � ��
6444 Changeset 7561 (post rc3) leaves an open 6444 changeset 7561 (�� rc3) ��

at the end of the inserted gallery html ��

Here is a sample of things to come? �� ɿ

When I try to upgrade plugins automatically in the latest version of Wordpress (is this the first 2.5 problem on the forums?! Woo!) I get this error: �� WordPress (�� 2�5 �� ʿ! ��!) �� :
Fatal error: Cannot redeclare class pclzip in /usr/local/psa/home/vhosts/xxx.xxx/httpdocs/wordpress/wp-admin/includes/class-pclzip.php on line 162 �� : �� pclzip / usr / �� / �� / �� / vhosts / xxx.xxx / httpdocs / WordPress / �� - �� / �� / �� pclzip.php �� 162
Any ideas? �� ѿ

link ��

Chilled complained on 2.5 RC2 - The editor box is much too �� 2�5 rc2 -- �� big ��

Sparkyewu compains - 2.5 RC2/RC3 publish date can not be changed. Sparkyewu compains -- 2�5 rc2/rc3 �� .

Are they fixed in 2.5 stable release? �� 2�5 �� ѿ I doubt it considering the number of open defects with which it was shipped. �� .

It appears WordPress 2.5 ships with cookie authentication vulnerability (#5367). �� WordPress �� 2�5 �� (�� 5367). With read-only access to the Wordpress database, it is possible to generate a valid login cookie for any account, without resorting to a brute force attack. �� WordPress � �� . This allows a limited SQL injection vulnerability to be escalated into administrator access. �� . This vulnerability is known to be actively exploited. �� . It was found in WordPress 2.3.1 and was scheduled for 2.4 and then 2.5. �� WordPress 2.3.1 � �� 2�4 �� 2�5.

Note: The data above has been gleaned from WordPress trac. �� : �� WordPress. It is possible that some of the above defects have been fixed but wasn't marked as such in trac. �� .

Filed under �� Computer Security �� , � Headline News �� , � Open Source Software �� , � Pro Blogging �� , � Web �� , � Web 2.0 �� 2�0 , � WordPress | | Comment on this Article | | RSS 2.0 �� 2�0 | | Trackback this Article Trackback this Article | �� | Email this Article ��