WordPress 2.0.5 Ronan is out

WordPress today released v2.0.5. This release has been named Ronan after Ryan Boren‘s son.

There are a huge number of fixes as well as some security related ones. Hence, it is highly recommended that you upgrade your installation. Mark’s got quick list of changes in 2.0.5 if you want to review in short what has changed.

I’ll try and see if I can churn up a list of modified files between 2.0.4 and 2.0.5.

Until then you may want to upgrade your installation.

Update: It has been reported that some users are facing a “Server 500 error” after upgrading. If you face this problem, you will need to install the WordPress 2.0.5 Tuneup plugin.
I believe this will be fixed in the next version.

(Visited 206 times, 1 visits today)

13 thoughts on “WordPress 2.0.5 Ronan is out”

  1. I’ve been looking at a bunch of different sites as people upgrade and, other than mine, yours is the first I’ve seen to mention that there are security reasons to upgrade. Good Show. I’ve been trying to spread the word, but security has always been downplayed in the WP arena. With the addition of the missing index, people who were complaining about the speed of 2.0.4 should get a nice bump too.

  2. Will agree about security being downplayed out here. Or atleast the attempt to mask that security should be the reason to upgrade.

    This time the note about the security bugs being fixed was put in the release post itself.

    I too am not aware of the detailed bug fixes wrt security.

  3. Yep, This particular issue was a directory traversal bug in a packaged plugin. It didn’t keep its download function isolated to the directory it was supposed to be downloading from. And if you were clever enough you could get it to download things from other directories.

  4. Hi Brian,

    I don’t clearly understand what you mean by this.

    When you say download file what kind of files are you talking about? Or are you talking about php files of WordPress core?

  5. It’s long before beta. It’s before alpha even. It’s available to those who are testers

    And those hackers who want to check out the nightly builds of the product:

    There’s no quiz you must take to join. As no support is offered for any of the pre-release products, the only test is how fast you can dig yourself out of a hole when a feature you rely on doesn’t work in the current build. It’s sort of a pass fail thing….

  6. @Brian, Now I know what you are talking about 😉

    @Thilak, I’m already running 2.1 in my demoblog. It’s got a lot of changes from 2.0

  7. @Thilak, Brian has given you the link above.

    The only support you get is via the Testers and Hackers list. The reason I run it is so that I can ensure my themes and plugins are compatible with the next version of WordPress.

  8. I got 2.1 synchronized using svn. It’s kinda cool though scary to run the latest code.

    There have been sometimes that the blog has just shutdown and I had to wait till the next update.

Comments are closed.