WordPress 2.8.5 Out The Door

October 20th, 2009

WordPress 2.8.5 has officially been tagged and is now available for download. If you don’t see the upgrade nags in your administration panel already, give it a few hours and upgrade when it becomes available. This release has been dubbed a security hardening release meaning, more preventive measures have been taken to secure WordPress. Worthy of note though is an issue that was addressed dealing with a trackback spam denial of service attack which was discussed on the WP-Hackers mailing list the other day. This exploit takes advantage of the WP-Trackback.php file which would exhaust a servers resources when used. This has specifically been addressed in 2.8.5. Thanks goes out to Steve Fortuna for releasing a fix to this 0 day exploit. The release also contains a few bug fixes as well.




  1. Viper007Bond (91 comments.) says:

    You can trigger an update check by visiting Tools -> Upgrade.

    • Jeff Chandler (171 comments.) says:

      So by default, it’s run by a cron job but every time someone visits the upgrade page manually it triggers the cron job to run?

  2. Jason (1 comments.) says:

    Thanks for the note Jeff…looks like I better get with the program and update!

  3. Aries (1 comments.) says:

    Thanks, I just update my WP to 2.8.5

  4. PB says:

    Great news!

    Any move to prevent RFI and LFI attacks?

    It’s quite a pain to regularly find the header and footer files being crammed with spammy links.


  5. Kjetil (7 comments.) says:

    Many plugins are “compatible up to 2.8.4″ – should we expect they all work with WP 2.8.5 as well?

    • Tom (2 comments.) says:

      I was wondering the same thing as well. Nevertheless, glad to hear there’s an update focusing on security.

  6. V.C (44 comments.) says:

    Not quite sure what they changed in this new version.
    I think upgrading to 2.8.5 is not necessary.

    • Jessi says:

      You’re kidding right?

      • V.C (44 comments.) says:

        I don’t understand why they released the new version so quickly after the last update 2 months ago.
        I don’t see any changing in this new version. It’s not really necessary to upgrade.

        • Jessi says:

          You don’t think that the security hardening is worth the upgrade? That’s just crazy to me. I take my blogs seriously & would take no chance at getting hacked.

    • Joe (1 comments.) says:

      It might help if you read the article before commenting – it explains what the upgrade does and why it might be a good idea to use it. Still, your choice. I hope you avoid any nasty DoS attacks.

  7. Farnham says:

    Why am I getting this error?

    Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to allocate 2354671 bytes) in /home/grinbear/public_html/catahoula/wp01/wp-includes/http.php on line 1327

    • gestroud says:

      Add this line to your wp-config.php

      define(‘WP_MEMORY_LIMIT’, ’64M’);

      • Farnham says:

        Thanks, worked like a champ.

      • Denis (4 comments.) says:

        Hi there gestroud, i don’t know if you can help me but im gonna try and ask…

        i get this error, i tried adding the above line but didnt fix the issue.

        the error i get is this:

        Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to allocate 7680 bytes) in /home2/______/public_html/______/wp-includes/class-simplepie.php on line 13014

        can you give me any idea on how to fix this one?

        already searched google :S didn’t find nothing helpful!

      • Denis (4 comments.) says:

        hi there gestroud, i got an error too

        I tried what you suggested above but didn’t fixed it :S

        Any idea?

        this is the error i get:
        Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to allocate 7680 bytes) in /home2/eklipsi/public_html/test/wp-includes/class-simplepie.php on line 13014


        • gestroud says:


          Were you able to get the problem fixed?

          • Denis (4 comments.) says:

            nope i still get that error….

            maybe the problem is @ my host (maybe it does not allow me to increase the PHP memory limit)

            can that be the problem?

          • Benjamin Ballinger (2 comments.) says:

            The issue is that in his code the apostrophes got messed up. Please replace his ’ with ‘ and it will work perfectly!

          • Benjamin Ballinger (2 comments.) says:

            Hmm… the apostrophe got messed up again, just open the wp-config file in notepad, and paste what he had in there, and then replace the “Word-style” apostrophes with regular apostrophes using your keyboard. The regular apostrophe should be a straight up and down line, no curve to it like the ones in this example.

      • Jerry Kidd (1 comments.) says:

        Where do I find the wp-config.php file? I’ve looked in the theme editor and also used FireFtp to exam the files on the server but I am clueless.

        • Kjetil (7 comments.) says:

          On the root of your site (or in a sub folder if you have placed your WP installation there).
          Download it via ftp – and make a copy before you upload an edited version – just in case something goes wrong.
          (And: Don’t use Word to edit it, use some non-destructive text editor – like TextWrangler for Mac. Sorry I don’t know the name for a Windows program)

  8. Hicham Maged (36 comments.) says:

    Everything went smooth by upgrading via Dashboard.

    • Tom (2 comments.) says:

      Yep, same here… quick and easy update. The only thing I needed to “address or fix” was the ‘pluggable.php’ file in the ‘wp-includes’ folder so emails from my blog have my blog name not the default “WordPress.”

      Line 352 changed $from_name = ‘WordPress'; to $from_name = ‘My Blog Name';

  9. Ryan says:

    I just upgraded and I can’t post anything.. keeps timing me out.. I did a database repair and default config.. what’s the deal?

  10. Steve (1 comments.) says:

    Seems like a fairly minor release but worth updating anyway.

  11. Harsh Agrawal (8 comments.) says:

    Saw this update Yesterday and the first thing which I did
    was Backup my Db and updated the wordpress. Though wordpress are releasing very quick update.. :|

  12. Frank Lynch (3 comments.) says:

    is it really need to update new version every time, because what happens, after updating, we do loose some wizards or addons that are not supported by new version and so i ewww to change them every time and modify them

  13. hamroblog (1 comments.) says:

    Schedule post Problem is same In New verson ! it’s surprize . I am much upsate from that.


  1. […] (engl.) http://weblogtoolscollection.c.....-the-door/ Ähnliche Artikel:Wordpress, Du und der UpdatewahnWordpress: Nützliche PHP-FunktionenDo-Follow […]

  2. […] WordPress 2.8.5 Out The Door […]

Obviously Powered by WordPress. © 2003-2013

page counter