Weblog Tools Collection » sql column truncation http://weblogtoolscollection.com Weblog Tools Blogging Tools Blog Tue, 14 Feb 2012 14:00:48 +0000 en hourly 1 http://wordpress.org/?v=3.3.1 WordPress 2.6.2 Released http://weblogtoolscollection.com/archives/2008/09/09/wordpress-262-released/ http://weblogtoolscollection.com/archives/2008/09/09/wordpress-262-released/#comments Tue, 09 Sep 2008 04:03:00 +0000 Mark Ghosh http://weblogtoolscollection.com/?p=4115 WordPress 2.6.2.: This release is in response to a recent warning to developers from Stefan Esser about the dangers of SQL Column Truncation and weaknesses of mt_rand(). The issue at hand that forced the release is discussed in detail on the WordPress.org blog post linked above. Basically the attack is complex, is dependent on open registration being turned on in your blog, but can be executed in theory and turns out to be more of an annoyance than an actual exploit.

If you have open registration on your blog, the WordPress.org team recommends that you upgrade your install to WordPress 2.6.2 A handful of other fixes are also included in this upgrade. Here is a list of changed files.

]]> http://weblogtoolscollection.com/archives/2008/09/09/wordpress-262-released/feed/ 16