WordPress 3.4.1 Maintenance & Security Update


WordPress

Just two weeks after WordPress 3.4 was released, the dev team has released the first update – WordPress 3.4.1 which is a maintenance and security update so all users are strongly recommended to upgrade ASAP.

WordPress 3.4.1 addresses 18 bugs in version 3.4 like:

  • Fixes an issue where a theme’s page templates were sometimes not detected.
  • Addresses problems with some category permalink structures.
  • Better handling for plugins or themes loading JavaScript incorrectly.
  • Adds early support for uploading images on iOS 6 devices.
  • Allows for a technique commonly used by plugins to detect a network-wide activation.
  • Better compatibility with servers running certain versions of PHP (5.2.4, 5.4) or with uncommon setups (safe mode, open_basedir), which had caused warnings or in some cases prevented emails from being sent.

Aside from the bugs mentioned above, this version also fixes some security issues and contains some security hardening like:

  • Privilege Escalation/XSS. Critical. Administrators and editors in multisite were accidentally allowed to use unfiltered_html for 3.4.0.
  • CSRF. Additional CSRF protection in the customizer.
  • Information Disclosure: Disclosure of post contents to authors and contributors (such as private or draft posts).
  • Hardening: Deprecate wp_explain_nonce(), which could reveal unnecessary information.
  • Hardening: Require a child theme to be activated with its intended parent only.

Download WordPress 3.4.1 from WordPress.org and update manually or you can do it automatically via the WordPress admin panel – Dashboard > Updates. Be sure to backup your WordPress database and deactivate all active plugins before performing the upgrade to avoid any issues or conflicts.

I’ve just upgraded this blog to WordPress 3.4.1 and the upgrade process went smoothly. I also didn’t experience any problems or conflicts with any of my existing plugins.

Anyone else upgraded their installation to WordPress 3.4.1?

Owner and editor of JaypeeOnline. Self-proclaimed geek. New media writer and consultant. WordPress advocate. Loves blogging, gadgets, video games and sports. You can follow him on Google+, Facebook or Twitter.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">