• 赤色のリンクは、まだ日本語Codexに存在しないページ・画像です。英語版と併せてご覧ください。(詳細

このWikiはいつでも誰でも編集できます

「Version 4.5.3」の版間の差分

提供: WordPress Codex 日本語版
移動先: 案内検索
(ページ作ったのみ)
(Miccweb (トーク) による版 12591 を取り消し)
 
5行目: 5行目:
 
}}
 
}}
 
== まとめ<span id="Summary"></span> ==
 
== まとめ<span id="Summary"></span> ==
From the [https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/ WordPress 4.6.1 release post]: WordPress versions 4.6 and earlier are affected by two security issues: a cross-site scripting vulnerability via image filename, reported by SumOfPwn researcher Cengiz Han Sahin; and a path traversal vulnerability in the upgrade package uploader, reported by Dominik Schilling from the WordPress security team.
+
[https://wordpress.org/news/2016/06/wordpress-4-5-3/ WordPress 4.5.3 リリース告知]によると、WordPress 4.5.2以前のバージョンにある脆弱性を修正したものとなります。
 +
テーマカスタマイザーのバイパスがリダイレクトされてしまう問題(報告者: Yassine Aboukir)、添付ファイル名によってXSSが引き起こされてしまう2つの問題(報告者: Jouko Pynnönen and Divyesh Prajapati)、記事のリビジョン情報が公開されてしまう問題(報告者: John Blackbourn from the WordPress security team and by Dan Moen)、oEmbedを使ったDoS攻撃の問題(報告者: Jennifer Dodd from Automattic)、認証されていないカテゴリが記事から削除されてしまう問題(報告者: David Herrera from Alley Interactive)、クッキー情報を抜き出されることでパスワードが変更されてしまう問題(報告者: Michael Adams from the WordPress security team)、深刻な脆弱ではありませんがsanitize_file_nameで発生したいくつかの問題(報告者: Peter Westwood of the WordPress security team)
 +
です。
  
WordPress 4.6.1 は 4.6 からの15件のバグを修正しました:
+
WordPress 4.5.3 は 4.5, 4.5.1 と 4.5.2 からの17件のバグを修正しました:
 
+
Bootstrap/Load
+
* [https://core.trac.wordpress.org/ticket/37680 #37680] – PHP Warning: ini_get_all() has been disabled for security reasons
+
Database
+
* [https://core.trac.wordpress.org/ticket/37683 #37683] – $collate and $charset can be undefined in wpdb::init_charset()
+
* [https://core.trac.wordpress.org/ticket/37689 #37689] – Issues with utf8mb4 collation and the 4.6 update
+
Editor
+
* [https://core.trac.wordpress.org/ticket/37690 #37690] – Backspace causes jumping
+
Email
+
* [https://core.trac.wordpress.org/ticket/37736 #37736] – Emails fail on certain server setups
+
External Libraries
+
* [https://core.trac.wordpress.org/ticket/37700 #37700] – Warning: curl_exec() has been disabled for security reasons (Requests library)
+
* [https://core.trac.wordpress.org/ticket/37720 #37720] – The minified version of the Masonry shim was not updated in #37666 (Masonry library)
+
HTTP API
+
* [https://core.trac.wordpress.org/ticket/37733 #37733] – cURL error 3: malformed for remote requests
+
* [https://core.trac.wordpress.org/ticket/37768 #37768] – HTTP API no longer accepts integer and float values for the cookies argument
+
Post Thumbnails
+
* [https://core.trac.wordpress.org/ticket/37697 #37697] – Strange behavior with thumbnails on preview in 4.6
+
Script Loader
+
* [https://core.trac.wordpress.org/ticket/37800 #37800] – Close “link rel” dns-prefetch tag
+
Taxonomy
+
* [https://core.trac.wordpress.org/ticket/37721 #37721] – Improve error handling of is_object_in_term in taxonomy.php
+
Themes
+
* [https://core.trac.wordpress.org/ticket/37755 #37755] – Visual Editor: Weird unicode (Vietnamese) characters display on WordPress 4.6
+
TinyMCE
+
* [https://core.trac.wordpress.org/ticket/37760 #37760] – Problem with RTL
+
Upgrade/Install
+
* [https://core.trac.wordpress.org/ticket/37731 #37731] – Infinite loop in _wp_json_sanity_check() during plugin install
+
  
 +
* #35657 Image height calculation not always available on body.load
 +
* #36379 Saving post can remove its hierarchical terms if user cannot assign terms
 +
* #36531 Default image size medium_large is not generated
 +
* #36533 Browse Media doesn't work on front-end
 +
* #36590 POST['nav-menu-data'] breaks other POST
 +
* #36637 Inline linking inserts `_wp_link_placeholder`
 +
* #36660 WP_Customize_Widgets::preview_sidebars_widgets() can return false
 +
* #36708 Silence ini_set() in wp_debug_mode() if WP_DEBUG is off
 +
* #36748 Updating tables to utf8mb4 causes some columns to change type
 +
* #36749 Customizer wont load: issue with site-icon control
 +
* #36767 oEmbed performance optimisation
 +
* #36793 Customizer doesn't load in IE8
 +
* #36838 Invalid argument supplied for foreach() in /wp-includes/theme-compat/embed-content.php
 +
* #36861 The Insert into post button in the Edit Image window doesn't work.
 +
* #36876 TinyMCE: inline toolbars don't adjust position
 +
* #36892 Update jQuery migrate to 1.4.1
 +
* #36900 Media grid AttachmentsBrowser arrows navigation and restoreFocus()
  
 
== 改訂されたファイル一覧<span id="List_of_Files_Revised"></span> ==
 
== 改訂されたファイル一覧<span id="List_of_Files_Revised"></span> ==
 
 
   
 
   
 
<pre>
 
<pre>
 +
readme.html
 
wp-admin/about.php
 
wp-admin/about.php
wp-admin/js/editor-expand.js
+
wp-admin/nav-menus.php
wp-admin/js/editor-expand.min.js
+
wp-admin/includes/ajax-actions.php
wp-admin/includes/media.php
+
wp-admin/includes/upgrade.php
wp-admin/includes/class-file-upload-upgrader.php
+
wp-admin/includes/post.php
wp-admin/includes/class-language-pack-upgrader.php
+
wp-admin/includes/class-wp-media-list-table.php
wp-includes/wp-db.php
+
wp-admin/options.php
 +
wp-admin/revision.php
 +
wp-includes/load.php
 +
wp-includes/default-filters.php
 +
wp-includes/theme-compat/embed-content.php
 +
wp-includes/embed.php
 +
wp-includes/class-wp-customize-manager.php
 +
wp-includes/js/media-views.js
 +
wp-includes/js/tinymce/wp-tinymce.js.gz
 +
wp-includes/js/tinymce/plugins/wordpress/plugin.js
 +
wp-includes/js/tinymce/plugins/wordpress/plugin.min.js
 +
wp-includes/js/tinymce/plugins/wplink/plugin.js
 +
wp-includes/js/tinymce/plugins/wplink/plugin.min.js
 +
wp-includes/js/media-views.min.js
 +
wp-includes/js/jquery/jquery-migrate.js
 +
wp-includes/js/jquery/jquery.js
 +
wp-includes/js/jquery/jquery-migrate.min.js
 +
wp-includes/class-oembed.php
 +
wp-includes/version.php
 +
wp-includes/customize/class-wp-customize-media-control.php
 +
wp-includes/customize/class-wp-customize-site-icon-control.php
 
wp-includes/pluggable.php
 
wp-includes/pluggable.php
 
wp-includes/script-loader.php
 
wp-includes/script-loader.php
wp-includes/general-template.php
+
wp-includes/formatting.php
wp-includes/css/editor.css
+
wp-includes/class-wp-customize-widgets.php
wp-includes/css/editor.min.css
+
wp-includes/post-template.php</pre>
wp-includes/css/editor-rtl.css
+
wp-includes/css/editor-rtl.min.css
+
wp-includes/functions.php
+
wp-includes/class-wp-editor.php
+
wp-includes/taxonomy.php
+
wp-includes/load.php
+
wp-includes/version.php
+
wp-includes/class-http.php
+
wp-includes/js/tinymce/skins/wordpress/wp-content.css
+
wp-includes/js/jquery/jquery.masonry.min.js
+
wp-includes/Requests/Transport/cURL.php
+
wp-includes/revision.php
+
wp-content/plugins
+
readme.html
+
</pre>
+
 
+
  
 
{{Versions}}
 
{{Versions}}
  
{{原文|Version_4.6.1|}}<!-- 8:30, 8 Sep 2016‎ miccweb版 -->
+
{{原文|Version_4.5.3|157312}}<!-- 9:50, 22 June 2016‎ miccweb版 -->
  
 
[[Category:バージョン]]
 
[[Category:バージョン]]
[[Category:wp4.6]]
+
[[Category:wp4.5]]
  
[[en:Version 4.6.1]]
+
[[en:Version 4.5.3]]
[[ja:Version 4.6.1]]
+
[[ja:Version 4.5.3]]

2016年9月8日 (木) 08:33時点における最新版

2016年6月21日、WordPress 4.5.3 が公開されました。

インストール / アップグレードについて

WordPress 4.5.3 を入手するには、管理画面の「ダッシュボード」>「更新」から実行するか、下記ページからダウンロードしてください。

WordPress インストールおよびアップグレードのステップバイステップの手順は、こちらを参照してください。

WordPress が初めての場合、下記から始めると良いでしょう:


まとめ

WordPress 4.5.3 リリース告知によると、WordPress 4.5.2以前のバージョンにある脆弱性を修正したものとなります。 テーマカスタマイザーのバイパスがリダイレクトされてしまう問題(報告者: Yassine Aboukir)、添付ファイル名によってXSSが引き起こされてしまう2つの問題(報告者: Jouko Pynnönen and Divyesh Prajapati)、記事のリビジョン情報が公開されてしまう問題(報告者: John Blackbourn from the WordPress security team and by Dan Moen)、oEmbedを使ったDoS攻撃の問題(報告者: Jennifer Dodd from Automattic)、認証されていないカテゴリが記事から削除されてしまう問題(報告者: David Herrera from Alley Interactive)、クッキー情報を抜き出されることでパスワードが変更されてしまう問題(報告者: Michael Adams from the WordPress security team)、深刻な脆弱ではありませんがsanitize_file_nameで発生したいくつかの問題(報告者: Peter Westwood of the WordPress security team) です。

WordPress 4.5.3 は 4.5, 4.5.1 と 4.5.2 からの17件のバグを修正しました:

  • #35657 Image height calculation not always available on body.load
  • #36379 Saving post can remove its hierarchical terms if user cannot assign terms
  • #36531 Default image size medium_large is not generated
  • #36533 Browse Media doesn't work on front-end
  • #36590 POST['nav-menu-data'] breaks other POST
  • #36637 Inline linking inserts `_wp_link_placeholder`
  • #36660 WP_Customize_Widgets::preview_sidebars_widgets() can return false
  • #36708 Silence ini_set() in wp_debug_mode() if WP_DEBUG is off
  • #36748 Updating tables to utf8mb4 causes some columns to change type
  • #36749 Customizer wont load: issue with site-icon control
  • #36767 oEmbed performance optimisation
  • #36793 Customizer doesn't load in IE8
  • #36838 Invalid argument supplied for foreach() in /wp-includes/theme-compat/embed-content.php
  • #36861 The Insert into post button in the Edit Image window doesn't work.
  • #36876 TinyMCE: inline toolbars don't adjust position
  • #36892 Update jQuery migrate to 1.4.1
  • #36900 Media grid AttachmentsBrowser arrows navigation and restoreFocus()

改訂されたファイル一覧

readme.html
wp-admin/about.php
wp-admin/nav-menus.php
wp-admin/includes/ajax-actions.php
wp-admin/includes/upgrade.php
wp-admin/includes/post.php
wp-admin/includes/class-wp-media-list-table.php
wp-admin/options.php
wp-admin/revision.php
wp-includes/load.php
wp-includes/default-filters.php
wp-includes/theme-compat/embed-content.php
wp-includes/embed.php
wp-includes/class-wp-customize-manager.php
wp-includes/js/media-views.js
wp-includes/js/tinymce/wp-tinymce.js.gz
wp-includes/js/tinymce/plugins/wordpress/plugin.js
wp-includes/js/tinymce/plugins/wordpress/plugin.min.js
wp-includes/js/tinymce/plugins/wplink/plugin.js
wp-includes/js/tinymce/plugins/wplink/plugin.min.js
wp-includes/js/media-views.min.js
wp-includes/js/jquery/jquery-migrate.js
wp-includes/js/jquery/jquery.js
wp-includes/js/jquery/jquery-migrate.min.js
wp-includes/class-oembed.php
wp-includes/version.php
wp-includes/customize/class-wp-customize-media-control.php
wp-includes/customize/class-wp-customize-site-icon-control.php
wp-includes/pluggable.php
wp-includes/script-loader.php
wp-includes/formatting.php
wp-includes/class-wp-customize-widgets.php
wp-includes/post-template.php


WordPress バージョンの一覧もあわせてご覧ください。


最新英語版: WordPress Codex » Version_4.5.3最新版との差分