Home WordPress Install WordPress 2.6.3

Install WordPress 2.6.3

by - 32 Comments

Apparently, a security flaw has been found in the Snoopy library that WordPress uses. This has made the WordPress team put out a new release, WordPress 2.6.3. According to their blog post, you only have to change that class and the file holding the version number, but an astute developer on the WordPress developer mailing list noticed that they’d slipped one other minor fix in to. So to upgrade to 2.6.3, all you have to do is download these 3 files from wordpress.org:

  1. wp-includes/class-snoopy.php
  2. wp-includes/version.php
  3. wp-admin/includes/media.php

And overwrite them in their appropriate directories. Make very sure that you’re not overwriting the wp-includes/media.php but the one in wp-admin/includes/media.php.

Probably one of the easiest WordPress upgrades you’ve ever had in your life. It should be noted that I use the Snoopy library in several of my plugins, so you’d better upgrade!

Yoast.com runs on the Genesis Framework

Genesis theme frameworkThe Genesis Framework empowers you to quickly and easily build incredible websites with WordPress. Whether you're a novice or advanced developer, Genesis provides you with the secure and search-engine-optimized foundation that takes WordPress to places you never thought it could go.

Read our Genesis review or get Genesis now!

32 Responses

  1. Daniel ScoccoBy Daniel Scocco on 24 October, 2008

    Joost, what if I am running 2.6.1, can i still replace those files?

  2. Joost de ValkBy Joost de Valk on 24 October, 2008

    Yes you could but you’d miss some of the 2.6.2 upgrades, probably safer to do a full upgrade then.

  3. fatihturanBy fatihturan on 24 October, 2008

    Two files serving on official WordPress blog post. But you are offering three file for upgrade to 2.6.3.

    What’s different from old media.php to new one?

    Thanks.

  4. Remi TurcotteBy Remi Turcotte on 24 October, 2008

    What kind of security flaw ?

  5. Joost de ValkBy Joost de Valk on 24 October, 2008

    Dunnow, check the WP post.

  6. Adrianus VBy Adrianus V on 25 October, 2008

    Just like Fatihturan said: there are officially only two upgraded files, not media.php. There’se nothing mentioned about it on the WP-site.

  7. Joost de ValkBy Joost de Valk on 25 October, 2008

    be stubborn if you wish, I bet you know better than the developers on wp-hackers :-)

  8. Adrianus VBy Adrianus V on 25 October, 2008

    Hé Joost, I’m just a blogger, not a developper or IT’er. ;-)

  9. Joost de ValkBy Joost de Valk on 25 October, 2008

    Well then stop thinking for yourself and start trusting that I won’t shit you :)

    Here’s the changeset, to prove that I’m right: http://trac.wordpress.org/changeset?new=branches%409310&old=branches%408849

  10. Adrianus VBy Adrianus V on 25 October, 2008

    Hé, I updated media.php and now my blog is broken! No, just kidding. :-) Everything is just fine. Thanx for your info!

  11. Joost de ValkBy Joost de Valk on 25 October, 2008

    @Adrianus: Mypleasure!

  12. smoothBy smooth on 26 October, 2008

    After all the hassles I had with WPAU, I’ve now just realised that there was only 3 files to replace…

    Live and learn I guess.

  13. JanBy Jan on 26 October, 2008

    Bedankt, dat was super simpel!

  14. Dmitry ChestnykhBy Dmitry Chestnykh on 26 October, 2008

    If anyone uses localized versions of WordPress (for example, I use ru.wordpress.org distribution), make sure you download those files for your localized version. I’m not sure why, but when I upgraded my (localized) WordPress by replacing two files from the main distribution, my Dashboard was empty.

  15. TertiusBy Tertius on 29 October, 2008

    Glad I found this before doing a larger upgrade.

    Easily done!

Trackbacks

  1. Upgrading Wordpress to 2.6.3 using the WPAU plugin | The Babbling Blog says:
    24 October, 2008 at 12:37

    [...] Install WordPress 2.6.3 [...]

  2. WordPress: Security Update 2.6.3 Released | (Anti) Social Development says:
    24 October, 2008 at 15:01

    [...] is, however, good news for people who are already running 2.6.2. According to Joost de Valk, at yoast.com, only three files need to be updated if you are already running the most recent version. Replacing [...]

  3. Wordpress 2.6.3 atualizado em todos os sistemas | Polkadots Inteligência Digital says:
    24 October, 2008 at 19:28

    [...] Install WordPress 2.6.3 [...]

  4. Idiot Technician Falls Hard on TV Set | What Is Wrong With The World Today says:
    24 October, 2008 at 19:41

    [...] Install WordPress 2.6.3 [...]

  5. The Daily Show: Who the FUCK Are these No-Name Cable News Pundits | What Is Wrong With The World Today says:
    24 October, 2008 at 20:06

    [...] Install WordPress 2.6.3 [...]

  6. We have updated our blog to Wordpress 2.6.3 | Diaper Cakes Mall says:
    24 October, 2008 at 23:38

    [...] Install WordPress 2.6.3 Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages. [...]

  7. Latest Wordpress Update 2.6.3 | johnvickers.ca says:
    25 October, 2008 at 00:09

    [...] Install WordPress 2.6.3 [...]

  8. marshalsandler.com » Daniel Dura » Moderator says:
    25 October, 2008 at 16:50

    [...] Install WordPress 2.6.3 [...]

  9. Using the Technorati API on your blog | The Affiliate Desk says:
    11 November, 2008 at 10:03

    [...] Install WordPress 2.6.3 Apparently, a security flaw has been found in the Snoopy… [...]

  10. Install WordPress 2.6.3 | The Affiliate Desk says:
    15 November, 2008 at 16:21

    [...] Install WordPress 2.6.3 [...]

  11. MAKE MONEY ONLINE : 6 Killer Ways To Your Online Home Business Opportunities To Rank Better With Internal Linking « Affiliate Marketing Pros says:
    21 November, 2008 at 20:02

    [...] Install WordPress 2.6.3 [...]