Author: Erik Runyon

Erik is the Technical Director for University Communications.

WordPress updated to 4.9.8

This morning we updated WordPress to 4.9.8 which is a maintenance and security release.

The primary focuses of 4.9.8 are:

  • Introduce “Try Gutenberg” callout
  • Privacy fixes/enhancements

This version includes 18 Privacy fixes focused on ensuring consistency and flexibility in the new personal data tools added in 4.9.6, including:

  • The type of request being confirmed is now included in the subject line for all privacy confirmation emails.
  • Improved consistency with site name being used for privacy emails in multisite.
  • Increased the test coverage for several core privacy functions.
  • Pagination for Privacy request admin screens can now be adjusted.

WordPress updated to 4.9.7

This morning we updated WordPress to 4.9.7 which is a maintenance and security release.

From the WordPress 4.9.7 release post, WordPress versions 4.9.6 and earlier are affected by one security issue. As part of the core team’s ongoing commitment to security hardening, the following security and maintenance fixes have been implemented:

  1. WordPress versions 4.9.6 and earlier are affected by a file deletion issue where a user with the capability to edit and delete media files could potentially manipulate media metadata to attempt to delete files outside the uploads directory.
  2. Taxonomy: Improve cache handling for term queries.
  3. Posts, Post Types: Clear post password cookie when logging out.
  4. Widgets: Allow basic HTML tags in sidebar descriptions on Widgets admin screen.
  5. Community Events Dashboard: Always show the nearest WordCamp if one is coming up, even if there are multiple Meetups happening first.
  6. Privacy: Make sure default privacy policy content does not cause a fatal error when flushing rewrite rules outside of the admin context.

WordPress updated to 4.9.5

This morning we updated WordPress to 4.9.5 which is a maintenance release.

This maintenance release fixes 28 bugs in 4.9, including fixes for Customizer, media library, error notices, and some security fixes. Twenty Seventeen bundled theme and Hello Dolly bundled plugin have also been updated.

WordPress updated to 4.9.4

This morning we updated WordPress to 4.9.4 which is a maintenance release.

This maintenance release fixes a severe bug in 4.9.3, which will cause sites that support automatic background updates to fail to update automatically, and will require action from you (or your host) for it to be updated to 4.9.4.

WordPress updated to 4.9.2

This morning we updated WordPress to 4.9.2 which is a security and maintenance release. Bug fixes of note:

  • Fixed a XSS vulnerability that was discovered in the Flash fallback files in MediaElement
  • JavaScript errors that prevented saving posts in Firefox have been fixed.
  • The previous taxonomy-agnostic behavior of get_category_link() and category_description() was restored.
  • Switching themes will now attempt to restore previous widget assignments, even when there are no sidebars to map.

WordPress updated to 4.9

This morning we updated WordPress to 4.9. Highlights include “…an improved Customizer workflow with design drafts, locking, scheduling, and preview links. What’s more, code syntax highlighting and error checking will make for a clean and smooth site building experience. Finally, if all that wasn’t pretty great, we’ve got a great new Gallery widget and improvements to theme browsing and switching.”