Ticket #811 (closed maintenance: fixed)

Opened 2 years ago

Last modified 2 years ago

WordPress critical security release

Reported by: chris Owned by: chris
Priority: critical Milestone: Maintenance
Component: Parrot server Keywords:
Cc: ed Estimated Number of Hours: 0.0
Add Hours to Ticket: 0 Billable?: yes
Total Hours: 0.25

Description

From the blog:

WordPress 4.0.1 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.

Sites that support automatic background updates will be updated to WordPress 4.0.1 within the next few hours. If you are still on WordPress 3.9.2, 3.8.4, or 3.7.4, you will be updated to 3.9.3, 3.8.5, or 3.7.5 to keep everything secure. (We don’t support older versions, so please update to 4.0.1 for the latest and greatest.)

WordPress versions 3.9.2 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site.

Change History

comment:1 Changed 2 years ago by chris

  • Add Hours to Ticket changed from 0.0 to 0.25
  • Status changed from new to closed
  • Resolution set to fixed
  • Total Hours changed from 0.0 to 0.25

Installing the latest wp-cli (the old version wasn't working), following https://github.com/wp-cli/wp-cli/wiki/Alternative-Install-Methods#installing-via-composer:

sudo -i
cd /usr/local/bin
curl -sS https://getcomposer.org/installer | php
  #!/usr/bin/env php
  All settings correct for using Composer
  Downloading...
  
  Composer successfully installed to: /usr/local/src/composer.phar
  Use it: php composer.phar  
cd /usr/local/src
composer.phar create-project wp-cli/wp-cli --no-dev
  Installing wp-cli/wp-cli (v0.17.1)
    - Installing wp-cli/wp-cli (v0.17.1)
      Downloading: 100%         
  
  Created project in /usr/local/src/wp-cli
  Loading composer repositories with package information
  Installing dependencies
    - Installing wp-cli/php-cli-tools (v0.10.2)
      Downloading: 100%         
  
    - Installing nb/oxymel (v0.1.0)
      Downloading: 100%         
  
    - Installing mustache/mustache (v2.7.0)
      Downloading: 100%         
  
    - Installing rhumsaa/array_column (1.1.2)
      Downloading: 100%         
  
    - Installing rmccue/requests (v1.6.1)
      Downloading: 100%         
  
    - Installing symfony/finder (v2.5.7)
      Downloading: 100%         
  
  Writing lock file
  Generating autoload files
cd /usr/local/bin/
rm wp
rm -rf /usr/local/wp-cli/bin/wp
ln -s ../src/wp-cli/bin/wp
cd /etc/bash_completion.d/
wget "https://raw.githubusercontent.com/wp-cli/wp-cli/master/utils/wp-completion.bash" -O wp

Checking wp versions:

su - annesley -s /bin/bash
source /etc/bash_completion.d/wp 
cd ~/sites/default/
wp core version
  4.0.1
exit
su - reconomy -s /bin/bash
source /etc/bash_completion.d/wp 
cd ~/sites/default/
wp core version
  3.9.3
exit
su - tc -s /bin/bash
source /etc/bash_completion.d/wp 
cd ~/sites/default/
wp core version
  3.9.3
su - ts -s /bin/bash
source /etc/bash_completion.d/wp 
cd ~/sites/default/
wp core version
  3.8.5
exit
su - ttt -s /bin/bash
source /etc/bash_completion.d/wp 
cd ~/sites/default/
wp core version
  4.0.1

So the automatic updated have all run and we have a working command line tool again, closing this ticket.

Last edited 2 years ago by chris (previous) (diff)
Note: See TracTickets for help on using tickets.