http://www.websitemagazine.com/content/blogs/posts/archive/tags/wordpress+2.6.2/default.aspxTags: wordpress 2.6.2enCommunityServer 2008 SP2 (Build: 31104.93)http://www.websitemagazine.com/content/blogs/posts/archive/2008/09/08/wordpress-2-6-2-upgrade-soon.aspxTue, 09 Sep 2008 02:23:00 GMT1e469e21-c924-44fa-a132-47b5d0a8ad47:6136Pete Prestipino0http://www.websitemagazine.com/content/blogs/posts/rsscomments.aspx?PostID=6136http://www.websitemagazine.com/content/blogs/posts/archive/2008/09/08/wordpress-2-6-2-upgrade-soon.aspx#comments<p><b>Dues to the dangers of SQL Column Truncation and some development flaws, WordPress has released WordPress 2.6.2 to work around the issues. </b><br /><br />Upgrading to the latest release is important for those WordPress sites which allow open registration. It was possible apparently in <a target="_blank" href="http://www.websitemagazine.com/content/blogs/posts/archive/2008/08/18/wordpress-2-6-1-released.aspx">version 2.6.1</a> and earlier versions to, according to the <a href="http://wordpress.org/development/2008/09/wordpress-262/">official statement</a>, &quot;craft a username such that it will allow resetting another user&#39;s password to a randomly generate password.&quot; While the password would not be disclosed to the attacker, it&#39;s not neccessarily a security issue, but better to be safe than sorry - so upgrade soon to 2.6.2.</p> <p></p><div style="clear:both;"></div><img src="http://www.websitemagazine.com/content/aggbug.aspx?PostID=6136" width="1" height="1">wordpresswordpress 2.6.1wordpress 2.6.2