Earlier this week, WordPress developer Andrew Nacin announced a new maintenance and security release for WordPress, which he recommends be downloaded immediately. WordPress 3.6.1 addresses a total of 13 bugs that have been identified in Version 3.6. Overall, the developer stated recently that the WordPress 3.6 release – despite its delay – has been one of the smoothest releases ever of the WordPress platform.
According to Nacin, (pictured) “WordPress 3.6.1 is also a security release for all previous WordPress versions and we strongly encourage you to update your sites immediately. It addresses three issues fixed by the WordPress security team.”
It blocks unsafe PHP unserialization that could occur in limited situations and setups, which can lead to remote code execution. This was reported by Tom Van Goethem. The new release also prevents a user with an Author role, using a specially crafted request, from being able to create a post ‘written by’ another user. This issues was reported by Anakorn Kyavatanakij. Finally, insufficient input validation that could result in redirecting or leading a user to another website has been resolved. The bug was initially reported by Dave Cummo, a Northrup Grumman subcontractor for the U.S. Centers for Disease Control and Prevention.
Make WordPress Core
For WordPress users who would like to be involved with or keep up with the latest news surrounding the platform’s development, the Make WordPress Core is a great place to start. News regarding the latest development states is included on the page linked above, plus there are also other sources that readers can use to submit bug reports, provide feedback, and view which features may be included in the upcoming WordPress 3.7 (release date to be determined).
In other news, WordCamps (informal meetings and gathering that take place worldwide) are on pace to set record attendance levels this year, with more than a dozen events still remaining for the calendar year. Nacin, who has been involved with WordPress for years, stated on his personal blog site that he was honored to speak at the marquee WordCamp San Francisco earlier this year. WordPress 3.6 Lead Developer Mark Jaquith also spoke in San Francisco. Many in the industry point to Jaquith for his leadership through a highly delayed WordPress 3.6 release that ultimately turned out to be one of the smoothest version releases in WordPress history.
For the rest of September, there are a total of four WordCamps on tap: Baltimore (September 21st), Salt Lake City (September 21st), Los Angeles (September 21st-22nd), and Wroclaw (September 28th-29th). WordCamp Central coordinator Andrea Middleton has been instrumental in the program’s success and more than 250 events have been held since the very first WordCamp in 2006.
According to the official WordCamp website, “Getting to meet and learn from other WordPress users face-to-face is one of the main reasons people attend WordCamps. Many WordCamps set up an informal “genius bar” staffed with experienced WordPress volunteers who try to help fellow attendees with their WordPress questions. In addition to learning from each other, attendees often find new collaborators, employees/employers and potential co-conspirators in the WordCamp crowd. These new relationships can lead to exciting WordPress projects throughout the year. Many WordCamps also set up a ‘job board’ for attendees to post job openings, business cards, etc. Ideally, every WordCamp is the annual ‘big event’ of a local WordPress meetup group. If no such group exists, a WordCamp can be a great way to kick it off.”
To find out more about possible WordCamps in your area, consult the complete 2013 WordCamp schedule and be sure to read other resources which are available on the WordCamp Central website to see if you might be interested in participating in spreading WordPress knowledge and collaborating with similarly-minded professionals.