WordPress (Developer) - Package Updates
-
You can use this thread to track updates to the WordPress (Developer) package.
Please open issues in a separate topic instead of replying here.
-
[2.3.0]
- Update redis cache plugin 1.6.2
- Update WP Mail SMTP to 2.0.1
-
[2.3.1]
- Change default WP installation to 5.4.2
-
[2.4.0]
- Change default WP installation to 5.5
-
[2.4.1]
- Change default WP installation to 5.5.1
- WP SMTP Mail and Redis Object Cache are upgraded to latest versions
- Fix screenshot links
-
[2.5.0]
- Update PHP to 7.4
-
[2.6.0]
- Enable LDAP support
- Make the prefork file customizable
- Disable debug logging and file edits by default
- Set
COOKIEHASH
for better security - Log the original IP in the logs
-
[2.6.1]
- Change default WP installation to 5.5.3
- Keep the URL settings in WP dashboard readonly
- Disallow unfiltered html by default.
-
[2.7.0]
- Remove the defaults for
DISALLOW_FILE_EDIT
andDISALLOW_UNFILTERED_HTML
in new installations
- Remove the defaults for
-
-
[2.8.1]
- Update wp-redis and wp-smtp plugins to latest in the default installation
- Rename authLdap plugin to authldap, so that upgrade works via WP dashboard
-
[2.8.2]
- Change default WP installation to 5.6.1
- Release announcement
- #51056: Fetch_feed parsing of permalinks triggers simplepie preg_match warnings
- #52327: Requested updates to the PHP Update Alert
- #51940: The schema for the taxonomy property of a term in the REST API should not include all taxonomies
- #51980: App Passwords: ‘Add New Application Password’ submit button is hidden on mobile devices in ‘User Profile’ page
- #51995: WordPress 5.6: Classic editor menu is not sticky
- Update wp-redis and wp-smtp plugins to latest in the default installation
-
[2.9.0]
- Use base image v3
- use smtp-mailer instead of wp-mail-smtp
-
[2.10.0]
- Update WP to 5.6.2
- Release announcement
- #52440: Prevent the “Leave site” browser alert in Classic Editor when post title, excerpt, or post content fields are missing.
- #52396: Image options are not visible in pop up when the clicking replace button from Image block.
- #52449: Can’t change font size the 5.6.1 paragraph block.
- Enable WP multisite
-
[2.11.0]
- Update default WordPress to 5.7
- Release announcement
- WP Admin: A new color palette
- New Robots API
- Ongoing cleanup after update to jQuery 3.5.1
- Lazy-load your iframes
-
[2.11.1]
- Update default WordPress to 5.7.1
- Network activate redis in multi-site mode
-
[2.11.3]
- Update default WordPress to 5.7.2
- Update redis plugin
- Release announcement
-
[2.12.0]
- Update default WordPress to 5.8
- Release announcement
- Manage Widgets with Blocks
- Display Posts with New Blocks and Patterns
- Edit the Templates Around Posts
- Overview of the Page Structure
- Suggested Patterns for Blocks
- Style and Colorize Images
-
[2.13.0]
- Update default WordPress to 5.8.1
- Make sendmail optional
- Release announcement
- Props @mdawaffe, member of the WordPress Security Team for their work fixing a data exposure vulnerability within the REST API.
- Props to Bentkowski of Securitum for reporting a XSS vulnerability in the block editor.
- The Lodash library has been updated to version 4.17.21 in each branch to incorporate upstream security fixes.
-
[2.13.1]
- Update default WordPress to 5.8.2
-
[2.13.2]
- Update default WordPress to 5.8.3
- Release announcement
-
[2.14.0]
- Update default WordPress to 5.9
- Release announcement
-
d19dotca
-
[2.14.1]
- Update LDAP plugin to 2.5.1
- Update redis and smtp-mailer plugins
-
[2.14.2]
- Update default WordPress to 5.9.1
- Release announcement
-
[2.14.3]
- Update default WordPress to 5.9.2
- Release announcement
-
d19dotca
-
[2.14.4]
- Update authLdap to 2.5.2. This fixes the login integration with WooCommerce
-
[2.14.5]
- Update default WordPress to 5.9.3
-
[2.15.0]
- Update default WordPress to 6.0
- WordPress 6.0 "Arturo"
- Enhanced Writing Experience
- Style Switching
- More Template Choices
- Integrated Patterns
- Additional Design Tools
- Better List View
-
[2.16.0]
- Update WordPress to 6.0.1
- Release announcement
- Email Display Name support . Please note that you have to set any custom mail from display name in the Email section.
-
[2.16.1]
- Update WordPress to 6.0.2
- Release announcement
-
[2.16.2]
- Update redis-cache to 2.2.0
- Enable
mod_ext_filter
-
[2.16.3]
- Update WordPress to 6.0.3
- Release announcement
- Stored XSS via wp-mail.php (post by email) – Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. via JPCERT
- Open redirect in
wp_nonce_ays
– devrayn - Sender’s email address is exposed in wp-mail.php – Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. via JPCERT
- Media Library – Reflected XSS via SQLi – Ben Bidner from the WordPress security team and Marc Montpas from Automattic independently discovered this issue
-
[2.17.0]
- Update WordPress to 6.1
- Release announcement
- Twenty Twenty-Three: A fresh default theme with 10 distinct style variations
- New templates for an improved creator experience
- Design tools for more consistency and control
- Manage menus with ease
- Cleaner layouts and document settings visualization
- One-click lock setting for all inner blocks
- Improved block placeholders
- Compose richer lists and quotes with inner blocks
- More Responsive text with fluid typography
- Add starter patterns to any post type
- A streamlined style system
-
[3.0.0]
- Update PHP to 8.1 - Please check compatibility of plugins after the upgrade.
-
[3.0.1]
- Update WordPress to 6.1.1
- Release announcement
-
[3.0.2]
- Fix path to ioncube loader
-
[3.0.3]
- Update base image to 4.0.0