News

WordPress 4.9.7 Security and Maintenance Release

WordPress 4.9.7 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately.

WordPress versions 4.9.6 and earlier are affected by a media issue that could potentially allow a user with certain capabilities to attempt to delete files outside the uploads directory.

Seventeen other bugs were fixed in WordPress 4.9.7. Particularly of note were:

Changes to our terms and policies to comply with EU General Data Protection Regulation (GDPR)

We at Drupion have always been committed to protecting the privacy, personal and organizational data of our customers. The European Union's General Data Protection Regulation has prompted us to review our policies and make sure that we are doing the right thing for all of our customers worldwide.

Drupal and WordPress websites hosted on Drupion are protected from Meltdown and Spectre Attacks

Recent press reports talk about the latest security issues with CPUs that affect Intel, AMD, and ARM processors. The attacks, named Meltdown and Spectre, take advantage of the same basic security vulnerability in those chips, could hypothetically be used by malicious actors to read sensitive information in the system's memory such as passwords, encryption keys, or sensitive information open in applications.

How does acquisition of Symantec's Certificate Authority business by DigiCert, Inc. affect Drupion customers?

As of October 31, 2017, DigiCert, Inc. completed the acquisition of Symantec Corporation's Certificate Authority business which includes all website security assets related to SSL & PKI. The transition is already completed and there is some end-user actions required if you own and use one of GeoTrust, Thawte & RapidSSL SSL certificates. But don't worry if you are a Drupion customer as you are in good hands.

WordPress 4.9.1 Security and Maintenance Release

WordPress 4.9.1 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately.

WordPress versions 4.9 and earlier are affected by four security issues which could potentially be exploited as part of a multi-vector attack. As part of the core team's ongoing commitment to security hardening, the following fixes have been implemented in 4.9.1:

WordPress 4.9 “Tipton”. Major Customizer Improvements, Code Error Checking, and More!

Version 4.9 of WordPress, named “Tipton” in honor of jazz musician and band leader Billy Tipton, is available for download or update in your WordPress dashboard. New features in 4.9 will smooth your design workflow and keep you safe from coding errors.

WordPress 4.8.3 is released

WordPress 4.8.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.

WordPress versions 4.8.2 and earlier are affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from accidentally causing a vulnerability.

WordPress 4.9 Beta 3 has been released

WordPress 4.9 Beta 3 is now available!

This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site just to play with the new version. To test WordPress 4.9, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the beta here (zip).

Pages

Subscribe to News