相信大家的 WordPress 站点已经在今天大多已经自动升级到 WordPress 4.9.2 版本了吧,反正子凡的各个站点也都收到升级成功的邮件提醒了,这次 WordPress 更新主要修复了 WordPress 4.9 以来一个 flash 安全漏洞以及其他 22 个 Bug,如果你的站点还未被自动升级,子凡建议大家尽快手动将自己的 WordPress 站点升级到最新版本。
MediaElement 的 Flash 回滚文件中发现了一个 XSS 安全漏洞,这个文件被包含在了 WordPress 之中。由于绝大多数情况下,用户们已经不再需要 Flash 支持,WordPress 的开发者决定在 WordPress 中删除这一文件。
如果你还想要在网站中继续使用 Flash ,需要支持 Flash 功能的话,MediaElement 发布了一个 WordPress 插件,其中包含了已经修复以上问题的文件,您可以下载安装此插件。
此外,WordPress 4.9.2 还修复了其他 22 个 bug,主要包括:
修了在 Firefox 中阻止保存文章的 JavaScript 错误。恢复了先前的 get_category_link() 和 category_description() 。切换主题时,尝试恢复之前主题中的小工具,即使没有进行侧边栏映射。
修改的文件列表
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 | wp-admin/includes/update-core.php wp-admin/includes/media.php wp-admin/includes/image.php wp-admin/css/customize-nav-menus.min.css wp-admin/css/common-rtl.css wp-admin/css/common-rtl.min.css wp-admin/css/common.css wp-admin/css/customize-nav-menus-rtl.css wp-admin/css/customize-nav-menus-rtl.min.css wp-admin/css/common.min.css wp-admin/css/customize-nav-menus.css wp-admin/js/plugin-install.min.js wp-admin/js/editor.js wp-admin/js/plugin-install.js wp-admin/js/editor.min.js wp-admin/js/widgets/custom-html-widgets.min.js wp-admin/js/widgets/custom-html-widgets.js wp-admin/theme-install.php wp-admin/about.php wp-includes/default-filters.php wp-includes/rest-api/class-wp-rest-server.php wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php wp-includes/wp-db.php wp-includes/customize/class-wp-customize-themes-section.php wp-includes/js/mce-view.js wp-includes/js/mce-view.min.js wp-includes/js/mediaelement/mediaelement-flash-video-hls.swf wp-includes/js/mediaelement/mediaelement-flash-video-mdash.swf wp-includes/js/mediaelement/lang/cs.js wp-includes/js/mediaelement/lang/es.js wp-includes/js/mediaelement/lang/fr.js wp-includes/js/mediaelement/lang/hr.js wp-includes/js/mediaelement/lang/ko.js wp-includes/js/mediaelement/lang/nl.js wp-includes/js/mediaelement/lang/pl.js wp-includes/js/mediaelement/lang/hu.js wp-includes/js/mediaelement/lang/it.js wp-includes/js/mediaelement/lang/sk.js wp-includes/js/mediaelement/lang/zh-cn.js wp-includes/js/mediaelement/lang/uk.js wp-includes/js/mediaelement/lang/ro.js wp-includes/js/mediaelement/lang/zh.js wp-includes/js/mediaelement/lang/ca.js wp-includes/js/mediaelement/lang/pt.js wp-includes/js/mediaelement/lang/ru.js wp-includes/js/mediaelement/lang/fa.js wp-includes/js/mediaelement/lang/de.js wp-includes/js/mediaelement/lang/sv.js wp-includes/js/mediaelement/lang/ja.js wp-includes/js/mediaelement/lang wp-includes/js/mediaelement/mediaelement-flash-audio.swf wp-includes/js/mediaelement/mediaelement-flash-video.swf wp-includes/js/mediaelement/renderers/dailymotion.js wp-includes/js/mediaelement/renderers/facebook.js wp-includes/js/mediaelement/renderers/dailymotion.min.js wp-includes/js/mediaelement/renderers/facebook.min.js wp-includes/js/mediaelement/renderers/soundcloud.js wp-includes/js/mediaelement/renderers/soundcloud.min.js wp-includes/js/mediaelement/renderers/twitch.js wp-includes/js/mediaelement/renderers/twitch.min.js wp-includes/js/mediaelement/mediaelement-flash-audio-ogg.swf wp-includes/js/tinymce/plugins/wplink/plugin.js wp-includes/js/tinymce/plugins/wplink/plugin.min.js wp-includes/js/tinymce/wp-tinymce.js.gz wp-includes/category-template.php wp-includes/widgets.php wp-includes/functions.php wp-includes/media.php wp-includes/random_compat/random_bytes_mcrypt.php wp-includes/random_compat/random_bytes_dev_urandom.php wp-includes/random_compat/random_bytes_openssl.php wp-includes/random_compat/random_int.php wp-includes/random_compat/random_bytes_libsodium.php wp-includes/random_compat/random_bytes_com_dotnet.php wp-includes/random_compat/random_bytes_libsodium_legacy.php wp-includes/version.php wp-content/plugins wp-content/themes/twentyseventeen/front-page.php license.txt |