Wordpress: Version 2.8.6 is out. WordPress的：版本2.8.6出局。 Make sure to update your blog! 请务必更新您的博客！

Posted on 13.发布13。 Nov, 2009 by Dragos in Internet Life 11月，2009年在互联网生活 德拉戈什

Hey, Wordpress 2.8.6 is out!嘿，WordPress的 2.8.6的了！ Make sure to update your blog from the administrative panel. Wordpress urge you to make sure your website is up to date with the latest version, as it has some improvements and critical fixes:请务必更新管理面板您的博客。WordPress的敦促你以确保您的网站是最新的，最新的版本，因为它有一些重要的改进和修正：

2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges.  If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended. 2.8.6修复两个安全漏洞，可以通过登记的问题，登录用户谁也张贴权限。如果你不信任你的博客作者，升级到2.8.6建议。

The first problem is an XSS vulnerability in Press This discovered by Benjamin Flesch.  The second problem, discovered by Dawid Golunski, is an issue with sanitizing uploaded file names that can be exploited in certain Apache configurations.第一个问题是，在记者的这一发现本杰明弗莱士XSS漏洞。第二个问题，由大卫Golunski发现，是一个消毒上传的文件，可以在某些Apache的配置利用名称的问题。 Thanks to Benjamin and Dawid for finding and reporting these.寻找和报告这些感谢本杰明和大卫。

Related posts:相关岗位：

1. Wordpress 2.8.4: Not ready to be installed with PHP 5.3 ? WordPress的2.8.4：不准备好安装使用PHP 5.3？
2. Wordpress: Best SEO iTranslator for Wordpress, get free traffic from fully automated plugin script WordPress的：最佳WordPress的搜索引擎iTranslator，从全自动插件脚本免费交通
3. Web news: Mashable hacked? 网络新闻：Mashable入侵？ or Wordpress vulnerability 或WordPress的漏洞