The Wordpress developers have released version 2.8.5 of their popular blogging software. The version is considered a security upgrade. The developers are calling this released a hardening release as it tightens Wordpress security to make Wordpress blogs more secure than before. The release is also fixing a Trackback denial of service attack that is currently in the wild.

The most important changes in Wordpress 2.8.5 are:

  • A fix for the Trackback Denial-of-Service attack that is currently being seen
  • Removal of areas within the code where php code in variables was evaluated.
  • Switched the file upload functionality to be whitelisted for all users including Admins.
  • Retiring of the two importers of Tag data from old plugins.