Jetpack 3.9.2: Maintenance and Security Release

Jetpack 3.9.2 is now available for download. We’ve added two security updates as well as several bug fixes and enhancements. We recommend that you update your sites to the latest version as soon as possible.

Jetpack – Supercharge your WordPress

Security updates

  • Beautiful Math: there was a potential XSS vulnerability when parsing LaTeX markup within HTML elements. The issue was discovered and fixed by our security team.
  • Contact Form: private site credentials could be saved in plain text in WordPress’ postmeta table when said credentials were set to be stored in Environment variables. The issue was discovered by Oliver Liu.

Other minor fixes

This release also includes other bug fixes:

  • Nova Menus: fixed notices as well as issues when adding menu items in bulk.
  • Publicize: Authors can now access their Publicize settings again.
  • Publicize: fixed problems for Australian and Canadian English sites using Publicize to send their posts to Facebook.
  • Embeds: it is now possible to embed Instagram posts using a www in the URL.
  • Widget Visibility: fixed an issue appearing when a page title matched an existing page ID.
  • And many more updates, listed in the changelog.

Enhancements

We added 2 new oEmbed providers, Codepen and Sketchfab. Just paste a URL in your post editor, and enjoy! Here’s a Codepen example:

We also added new filters to allow you to customize the Contact Info widget, define custom patterns to be ignored by Jetpack Markdown, or change the heading of the Related Posts.

Finally, we created a [jetpack_top_posts_widget] shortcode to allow you to display the Top Posts & Pages Widget anywhere on your site.

Staging Mode

Do you use a backup / cloning plugin to clone your production site to a staging environment? Starting with Jetpack 3.9.2, you can use a constant or a filter to flag a site as “Staging site”, thus avoid conflicts and synchronization issues with Jetpack.

Thanks to everyone who contributed to 3.9.2:

Alex Kirk, Allen Snook, Andrew Duthie, Barry Abrahamson, Ben Lowery, Bob Ralian, Brandon Kraft, Chris Rosser, Christopher Finke, Claus Colloseus, Crystal Barton, Dan Walmsley, Daryl L. L. Houston, Derek Smart, Elio Rivero, Enej Bajgoric, Eric Binnion, Gregory Cornelius, Igor Zinovyev, James Nylen, Jenia Laszlo, Jeremy Herve, Joey Kudish, Jorge Bernal, Justin Shreve, Kat Hagan, Konstantin Kovshenin, Lance Willett, Mahangu Weerasinghe, Marcus Kazmierczak, Matt Wiebe, Miguel Lezama, Mike Adams, Mo Jangda, Payton Swick, Rocco Tripaldi, Sam Hotchkiss, Sendhil Panchadsaram, Stephen Edgar, Timmy Crawford, and Veselin Nikolov.

This entry was posted in Releases and tagged , . Bookmark the permalink.

13 Responses to Jetpack 3.9.2: Maintenance and Security Release

  1. sushubh says:

    Any plans to make AMP part of Jetpack? Or it is intentional to keep it separate so that it appeals to a wider community (folks who dislike Jetpack for being too ‘bloaty’)!

  2. becstable says:

    Or not I think you might have to check it out when you have the time. I’ve either already updated or it wants me to do something that’s not usual.

  3. @Jeremy – How can i display Top post for a specific category or tag or custom taxonomy ??

    • Jeremy says:

      The widget doesn’t include such an option, but you can use the jetpack_widget_get_top_posts filter to exclude some posts from the widget. You could use the filter to exclude all posts belonging to specific categories, for example.

      You can find out how to use the filter here.

  4. Mundo Doido says:

    Thanks for adding sketchfab.

  5. This 3.9.2 Jetpack update produces Error 500 on my website : http://petitesbullesdailleurs.fr

    So I switched back to 3.9.1 and everything is fine again. No idea where it comes from, never had this kind of trouble with previous updates. Need to investigate this… Any hint ?

    • Jeremy says:

      Could you try to deactivate and delete the Jetpack plugin from your site, and then install Jetpack 3.9.2 from scratch?

      If you still get a 500 error when doing so, we’ll need to look at your error logs to find out more about the problem. Could you then ask your hosting provider to take a look at your logs, and send us an email with what they found?
      https://jetpack.me/contact-support/

      Thanks!

      • Thanks Jeremy ! I proceed the way you suggest (delete and reinstall from scratch), and it worked like a charm. No trouble at all now, no more scary Error 500.

        Simple and easy fix. I am glad to avoid a boring investigation…🙂 A big thank you.

      • Jeremy says:

        Excellent! I’m glad to hear it all worked out! 👍

        Your previous update most likely didn’t complete properly, and some of the files were probably missing from your Jetpack installation.

    • This is the exact steps I followed (if it can help others) :
      1 — I deactivated 3.9.1 (forgot to mention this in my former reply) in the Extensions panel in Dashboard
      2 — I deleted 3.9.1 folder (I did this through Extension panel in Dashboard too)
      3 — I reinstalled 3.9.2 from scratch (I uploaded a brand new folder by ftp)
      4 — Then I activated it from the Extensions panel in Dashboard

  • Recent Comments

    Jeremy on Jetpack 4.3 and 4.3.1: A faste…
    iamjohnwhite on Jetpack 4.3 and 4.3.1: A faste…
    Guilherme Cardoso on Jetpack 4.3 and 4.3.1: A faste…
    Jeremy on Jetpack 4.3 and 4.3.1: A faste…
    Jeremy on Jetpack 4.3 and 4.3.1: A faste…
  • Archives

  • Enter your email address to follow this blog and receive notifications of new posts by email.

  • Install Jetpack to see our lineup of features.

    Install Jetpack Now

    Don’t need all Jetpack’s features? No problem. Only activate what you need!

    %d bloggers like this: