Install WordPress 2.6.3

24 October 2008 Joost de Valk 32 comments, leave your own!

Apparently, a security flaw has been found in the Snoopy library that WordPress uses. This has made the WordPress team put out a new release, WordPress 2.6.3. According to their blog post, you only have to change that class and the file holding the version number, but an astute developer on the WordPress developer mailing list noticed that they'd slipped one other minor fix in to. So to upgrade to 2.6.3, all you have to do is download these 3 files from wordpress.org:

And overwrite them in their appropriate directories. Make very sure that you're not overwriting the wp-includes/media.php but the one in wp-admin/includes/media.php.

Probably one of the easiest WordPress upgrades you've ever had in your life. It should be noted that I use the Snoopy library in several of my plugins, so you'd better upgrade!

Liked this post?
Subscribe to the RSS feed or to daily or weekly email updates, right now!

Tags:

Categories: WordPress

You can skip to the end and leave a response.

15 Responses to “Install WordPress 2.6.3”

By Daniel Scocco Fri, October 24th, 2008 at 09:27 Reply

Joost, what if I am running 2.6.1, can i still replace those files?
By Joost de Valk Fri, October 24th, 2008 at 09:28 Reply

Yes you could but you'd miss some of the 2.6.2 upgrades, probably safer to do a full upgrade then.
By fatihturan Fri, October 24th, 2008 at 15:33 Reply

Two files serving on official Wordpress blog post. But you are offering three file for upgrade to 2.6.3.

What's different from old media.php to new one?

Thanks.
By Remi Turcotte Fri, October 24th, 2008 at 15:53 Reply

What kind of security flaw ?
By Joost de Valk Fri, October 24th, 2008 at 16:07 Reply

Dunnow, check the WP post.
By Adrianus V Sat, October 25th, 2008 at 18:06 Reply

Just like Fatihturan said: there are officially only two upgraded files, not media.php. There'se nothing mentioned about it on the WP-site.
By Joost de Valk Sat, October 25th, 2008 at 18:38 Reply

be stubborn if you wish, I bet you know better than the developers on wp-hackers :-)
By Adrianus V Sat, October 25th, 2008 at 20:35 Reply

HÃ© Joost, I'm just a blogger, not a developper or IT'er. ;-)
By Joost de Valk Sat, October 25th, 2008 at 20:41 Reply

Well then stop thinking for yourself and start trusting that I won't shit you :)

Here's the changeset, to prove that I'm right: http://trac.wordpress.org/changeset?new=branches%409310&old=branches%408849
By Adrianus V Sat, October 25th, 2008 at 20:52 Reply

HÃ©, I updated media.php and now my blog is broken! No, just kidding. :-) Everything is just fine. Thanx for your info!
By Joost de Valk Sat, October 25th, 2008 at 20:56 Reply

@Adrianus: Mypleasure!
By smooth Sun, October 26th, 2008 at 05:57 Reply

After all the hassles I had with WPAU, I've now just realised that there was only 3 files to replace...

Live and learn I guess.
By Jan Sun, October 26th, 2008 at 20:40 Reply

Bedankt, dat was super simpel!
By Dmitry Chestnykh Sun, October 26th, 2008 at 22:42 Reply

If anyone uses localized versions of WordPress (for example, I use ru.wordpress.org distribution), make sure you download those files for your localized version. I'm not sure why, but when I upgraded my (localized) WordPress by replacing two files from the main distribution, my Dashboard was empty.
By Tertius Wed, October 29th, 2008 at 17:23 Reply

Glad I found this before doing a larger upgrade.

Easily done!