科技爱好者博客wordpress

WordPress开发团队发布新版WordPress 4.3.1 正式版,修复26个安全问题

科技爱好者博客已经升级到 WordPress 4.3.1 正式版了,4.3.1 版本修补了安全漏洞、修正了 26 个问题。以下是发行注记:

Summary

From the announcement post, WordPress 4.3.1 fixes two cross-site scripting vulnerabilities (CVE-2015-5714, CVE-2015-5715) and a potential privilege escalation.

In addition to the security fixes, WordPress 4.3.1 contains fixes for 26 bugs from 4.3, including:

  • Taxonomy: Arguments switched in wp_batch_split_terms Cron Job in Version 4.3 #33423
  • TinyMCE: Plugin wplink throw js TypeError: editor.wp undefined #33393
  • Customizer: Focusing a control outside of a panel when a panel is open results in a blank screen with no navigation back #33396
  • Users: Feature detect best event to use on password fields #33398
  • Users: Creating a new user without a password causes error message issues #33406
  • Customizer: remove_panel('nav_menus') action generates errors #33411
  • Customize: JS error when uploading small image as Site Icon and electing to Skip Cropping #33417
  • Users: Cancelling password update on user-profile fails #33419
  • Customizer: Toggling customizer controls based on another control does not work anymore in Version 4.3 #33428
  • Text Changes: Fix Period Position in wp-admin/about.php #33429
  • Widgets: Not displayed if no $instance data is set #33442
  • Taxonomy: wp_dropdown_categories doesn’t respect show_option_all #33452
  • Database: wpdb class method get_table_from_query() malfunctions if table name contains a dash (-) #33470
  • Upgrade/Install: After upgrade to Version 4.3 unable to update plugins. #33480
  • Users: Documented $public_only parameter not passed to the get_usernumposts filter #33481
  • Upgrade/Install: Comments for Version 4.3 to be default “off” for pages but 1 remains #33490
  • Comments: Bug in Comment Quick Edit in smaller screen #33596
  • TinyMCE: Visual Editor freezing when multiple HTML tables are added to the post #33617
  • Formatting: wpautop breaks HTML comments #33645
  • Users: wp_new_user_notification breaking change. #33654
  • Customizer: Shift-clicking a widget in the preview doesn’t move focus #33695
  • Administration: Password label not focussing password field when clicked #33778
  • TinyMCE: Update to 4.2.5 #33782
  • Networks and Sites: “Attribute content to” dropdown missing when deleting a user in network admin #33811
  • Users: Import global $wp_hasher in wp_new_user_notification #33826

List of Files Revised

readme.html
wp-admin/about.php
wp-admin/css/forms-rtl.css
wp-admin/css/forms.css
wp-admin/css/list-tables-rtl.css
wp-admin/css/list-tables.css
wp-admin/css/login-rtl.min.css
wp-admin/css/login.min.css
wp-admin/css/wp-admin-rtl.min.css
wp-admin/css/wp-admin.min.css
wp-admin/includes/class-wp-filesystem-ssh2.php
wp-admin/includes/class-wp-ms-users-list-table.php
wp-admin/includes/class-wp-users-list-table.php
wp-admin/includes/template.php
wp-admin/includes/upgrade.php
wp-admin/includes/user.php
wp-admin/includes/version.php
wp-admin/js/customize-controls.js
wp-admin/js/customize-controls.min.js
wp-admin/js/customize-nav-menus.js
wp-admin/js/customize-nav-menus.min.js
wp-admin/js/edit-comments.js
wp-admin/js/edit-comments.min.js
wp-admin/js/user-profile.js
wp-admin/js/user-profile.min.js
wp-admin/network/site-new.php
wp-admin/network/site-users.php
wp-admin/network/user-new.php
wp-admin/network/users.php
wp-includes/category-template.php
wp-includes/class-wp-xmlrpc-server.php
wp-includes/default-widgets.php
wp-includes/formatting.php
wp-includes/js/tinymce/plugins/charmap/plugin.js
wp-includes/js/tinymce/plugins/charmap/plugin.min.js
wp-includes/js/tinymce/plugins/lists/plugin.js
wp-includes/js/tinymce/plugins/media/plugin.js
wp-includes/js/tinymce/plugins/media/plugin.min.js
wp-includes/js/tinymce/plugins/paste/plugin.js
wp-includes/js/tinymce/plugins/paste/plugin.min.js
wp-includes/js/tinymce/plugins/wpeditimage/plugin.js
wp-includes/js/tinymce/plugins/wpeditimage/plugin.min.js
wp-includes/js/tinymce/plugins/wplink/plugin.js
wp-includes/js/tinymce/plugins/wplink/plugin.min.js
wp-includes/js/tinymce/plugins/wpview/plugin.js
wp-includes/js/tinymce/plugins/wpview/plugin.min.js
wp-includes/js/tinymce/skins/lightgray/content.inline.min.css
wp-includes/js/tinymce/skins/lightgray/content.min.css
wp-includes/js/tinymce/skins/lightgray/skin.ie7.min.css
wp-includes/js/tinymce/skins/lightgray/skin.min.css 
wp-includes/js/tinymce/themes/modern/theme.js
wp-includes/js/tinymce/themes/modern/theme.min.js
wp-includes/js/tinymce/tinymce.min.js 
wp-includes/js/tinymce/wp-tinymce.js.gz
wp-includes/js/wp-ajax-response.js
wp-includes/js/wp-ajax-response.min.js
wp-includes/media.php
wp-includes/pluggable.php
wp-includes/shortcodes.php
wp-includes/taxonomy.php
wp-includes/user.php
wp-includes/version.php
wp-includes/widgets.php
wp-includes/wp-db.php

原创文章,转载请注明: 转载自科技爱好者博客

本文链接地址: WordPress开发团队发布新版WordPress 4.3.1 正式版,修复26个安全问题 (http://blog.lxx1.com/893)

如果博客对您有帮助,请给我 打赏


科技爱好者

工科学生大四在读,专业嵌入式开发,喜欢计算机,喜欢单片机,喜欢各种各样美好的东西,相信科技正在改变世界!

这是我的 个人博客

发表评论

电子邮件地址不会被公开。 必填项已用*标注