This blog was updated yesterday to latest wordpress 2.6.5 .
The old code was vulnerable to an XSS vulnerability (unsanitized $_SERVER[] variable) and three bugs.
diff from 2.6.3 to 2.6.5 for more info 
.
Patch file:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | diff U3Bi /wordpress-2-6-3/wp-includes/feed.php /wordpress-2-6-5/wp-includes/feed.php --- /wordpress-2-6-3/wp-includes/feed.php Thu Jul 03 16:23:22 2008 +++ /wordpress-2-6-5/wp-includes/feed.php Wed Nov 19 00:07:05 2008 @@ -495,10 +495,14 @@ * @since 2.5 */ function self_link() { - echo 'http' - . ( $_SERVER['https'] == 'on' ? 's' : '' ) . '://' - . $_SERVER['HTTP_HOST'] - . wp_specialchars(stripslashes($_SERVER['REQUEST_URI']), 1); + $host = @parse_url(get_option('home')); + $host = $host['host']; + echo clean_url( + 'http' + . ( (isset($_SERVER['https']) && $_SERVER['https'] == 'on') ? 's' : '' ) . '://' + . $host + . stripslashes($_SERVER['REQUEST_URI']) + ); } ?> |
This entry was posted on Friday, November 28th, 2008 at 17h29'16" and is filed under Wordpress, shared. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.