May 22nd, 2007
Wordpress 2.2 is Mandatory Security Upgrade
I have read lots of bloggers waiting for some weeks before they upgrade to the new version of Wordpress 2.2. Everyone knows your wordpress version and once the wordpress security issues become public (with fixes announced), and you decide not to upgrade, hackers can break into your blog.
Mark, a key wordpress developer says that WordPress 2.2 is a mandatory security upgrade for WordPress 2.1.3 users. There will be no further releases in the 2.1.x branch. 2.2 includes security fixes that 2.1.3 lacks, so your only upgrade path is to 2.2. Wordpress files have changed so much that he has not released his usual changed file lists.
Each wordpress release would have some bugs persisting, that is the whole idea behind release candidates for wordpress testers. However, when the final version is released to the community, the widest possible test occurs as wordpress gets tried with different web hosts, platforms, and plugins. And then more bugs are reported which can be fixed. You can see how wordpress defects are being reported and fixed in Wordpress 2.2.1 at Wordpress Trac.
Often things do go wrong and you need to re-upgrade quickly. In a rare event, a cracker modified WP 2.1.1 download files on wordpress servers, and a new version was released promptly. Often patches are released, as occurred to fix feedburner issues in Wordpress 2.0.6, or when Server 500 Errors were reported with Wordpress 2.0.5 Upgrades.
If problems do occur, see if you followed the upgrade instructions correctly. Deactivate plugins and see if a particular one is causing errors. Wordpress upgrades is an ongoing process and your blog security is your own responsibility. I recently upgraded to Wordpress 2.2. and its working fine (with these plugins).
Continue getting our new articles by RSS or email
Related articles
Cracker Modifies 2.1.1 Download Files on Wordpress Servers
How to Get Post Preview Frame Back in Wordpress 2.2
Wordpress 2.2.1 Release Candidate Available
Download Wordpress Security Releases 2.2.2 and 2.0.11
Security Update : Everyone Knows Your Wordpress Version!
Comments
RSS feed for comments on this post.1. CypherHackz | 22/05/07 #
maybe because they have many wordpress blogs, so they don’t want to upgrade their wordpress unless it is really stable and no minor updates needed. it is difficult and takes so much time to upgrade if we have 15 wordpress blogs right?
2. Rhys | 22/05/07 #
I’ve put off upgrading, largely because of the widgets (don’t want to mess up my blog), but when you put it like that, I may as well.
3. QuickOnlineTips | 22/05/07 #
I think this upgrade is having more issues with the blog template because of inbuilt widget support. WP 2.2.1 will be fixing the issues.
I do not have widgets enabled in this theme, so have not noticed any issues.
4. GoingLikeSixty | 22/05/07 #
I went to Bluehost.com to see if they had their “easy upgrade” for 2.2.
Nope. I’ll wait until that’s available.
5. Kevin | 22/05/07 #
If there are real security issues then there should be a minor security release for WP 2.1. There are just to many changes between 2.1 and 2.2 to force every person to upgrade.
Kevin
6. Pufone | 28/05/07 #
The official upgrade guide is such a pain! After screwing my blog i tried something more friendly like this upgrade 2.2 tutorial
7. Upgraded Wordpress 2.2 at Ah Knight’s Blog | 22/05/07
8. Wordpress 2.2 is Mandatory Upgrade! [Update Now] | 22/05/07
9. Wordpress 2.2.1 Release Candidate Available | 16/06/07
10. educe me · Which one of you didn't like the in-line post preview in WordPress? | 19/06/07
Comment on “Wordpress 2.2 is Mandatory Security Upgrade”