WordPress 3.1 beta 1版在上周刚发布,在美国时间2010年11月30日,WordPress官方突然发布了WordPress 3.0.2版本。官方发布不久的WordPress 3.0.2版本是强制性的安全更新,该更新主要是修复了一个安全漏洞,该漏洞会使“作者”的用户获取更高权限,同时对WordPress 3.0.1的其它bug进行了修补。
官方博客原文内容:
WordPress 3.0.2 is available and is a mandatory security update for all previous WordPress versions. Haiku has become traditional:
Fixed on day zero
One-click update makes you safe
This used to be hardThis maintenance release fixes a moderate security issue that could allow a malicious Author-level user to gain further access to the site, addresses a handful of bugs, and provides some additional security enhancements. Big thanks to Vladimir Kolesnikov for detailed and responsible disclosure of the security issue!
Download 3.0.2 or update automatically from the Dashboard > Updates menu in your site’s admin area. You should update immediately even if you do not have untrusted users.
提醒:官方建议WP用户立即更新到3.0.2版本,就算博客中没有不信任的用户。博客吧也建议,为了以防万一,还是升级的好。