The MU forums have moved to WordPress.org

security issues (8 posts)

  1. mozey
    Member
    Posted 17 years ago #

    have any of these
    http://wordpress.org/development/2007/01/wordpress-207/
    been addressed for MU?

  2. andrea_r
    Moderator
    Posted 17 years ago #

    They'll get rolled in with MU if they haven't been already. Last I checked, the latest nightly of MU was synched all the way up with the latest nightly version of WP.

  3. mozey
    Member
    Posted 17 years ago #

    I thought MU was built on top of WP 2.0.1?

  4. andrea_r
    Moderator
    Posted 17 years ago #

    It periodically gets synced up with newer versions as they come out.
    http://blogs.linux.ie/download/wpmu/Changelog.txt lists merges to revision versions of WP, among other things.

  5. ladeem
    Member
    Posted 17 years ago #

    So, I have 1.0 installed. Is it wise to upgrade to a nightly? I really don't want to do that if I don't have to.

  6. dizzy99
    Member
    Posted 17 years ago #

    I tried that Ladeem and it worked well for the most part. However some small things were broken so i reverted back to v1.0 stable for production.

  7. lunabyte
    Member
    Posted 17 years ago #

    And MU is built on 2.1, not 2.0.1.

    So some vulnerabilities in the 2.0.x branch may not apply.

    For example, the theme editor problem recently found. By default, MU does not allow the editing of themes.

  8. andrea_r
    Moderator
    Posted 17 years ago #

    And also the other problem that was temporarily solved by regular WP blogs diabled user signups. Process is different in MU, so that one didn't (or shouldn't) apply either.

About this Topic