September 2015 – Jetpack

Jetpack 3.7.1 and 3.7.2: Security and Maintenance Releases

Posted on September 30, 2015 by Carolyn S.

With the release of Jetpack 3.7.1 and 3.7.2 this week, we’ve added some important security updates and bug fixes. We strongly encourage that you update your sites to the latest version as soon as possible.

In Jetpack 3.7.1 we made a lot of improvements to the plugin, including some important security fixes:

Jetpack versions 3.7.0 and earlier are vulnerable to a cross-site scripting vulnerability in the contact form due to improper input sanitization. Reported by Marc-Alexandre Montpas from Sucuri.
Jetpack version 3.7.0 is vulnerable to an information disclosure vulnerability in certain hosting configurations. Reported by Jaime Delgado Horna of Listae.

Other notable updates in this release include:

Updating the Google+ logo in our sharing buttons.
Adding custom capabilities for module management for multisite installs.
Fixing a bug that was sending the contact form response fields in the wrong order.

In Jetpack 3.7.2, we fixed an error with the REST API that created multiple drafts and multiple published posts when posting using the REST API.

Full changelog can be found on our plugin page.

Thanks to everyone who contributed to these two releases: Alexander Kirk, Andrew Duthie, Brandon Kraft, Dennis Snell, Derek Smart, Dion Hulse, Eduardo Reveles, Enej Bajgoric, Eric Binnion, George Stephanis, Gregory Cornelius, Igor Zinovyev, James Nylen, Jeremy Herve, Jesse Friedman, Joen Asmussen, Joey Kudish, Kat Hagan, Marcus Kazmierczak, Miguel Lezama, Sam Hotchkiss, and Timmy Crawford.

Posted in Releases | Tagged release | Comments Off

Testers Needed: Jetpack Plugin Browser

Posted on September 21, 2015 by Carolyn S.

While our Jetpack development team has been hard at work keeping your Jetpacks fueled up and ready for action – our developers over on WordPress.com have been busy too!

You may already be familiar with the great Jetpack features that utilize the WordPress.com interface: the ability to update your plugins across multiple sites with a single click, being able to view enhanced stats about your site, write new and update existing posts and pages with a beautiful editor, and more.

Now, there’s even more new things to try!

Over on the WordPress.com Horizon, where the makers of WordPress.com test upcoming changes and new features with the WordPress.com community, there’s a call for testers for a new addition to the Jetpack management features on WordPress.com.

They’re currently looking for testers with Jetpack sites to test the new Plugin Browser feature.

The Plugin Browser lets you find and install plugins from the WordPress.org plugin directory. You can search for keywords or browse within Featured, New and Popular categories. If you’ve got plugins on your site that you no longer need, then this update also lets you remove (delete) those plugins from your sites. You can still activate/deactivate plugins, and turn on (or off) auto-updates as well.

As part of the plugin browser project they have added more details to the single plugin view, which now serves reviews and ratings from the WordPress community, as well as the full description, changelog and other information specified by the plugin author.

“That’s great – how can I help?” you might ask.

Simple! There’s a post on the Horizon Feedback blog with all the details you may need including what to test, how to test, and how to submit feedback to the WordPress.com development team.

The Plugin Browser will be open for feedback through September 28th – so head on over to the Horizon post and get a sneak peek at this great new feature.

Thank you so much if you take the time to test. We appreciate it!

Posted in Contribute, Jetpack News | Tagged plugins, testing, wordpress plugin | 6 Comments

Jetpack 3.7 — Simpler UI, Support for Development Sites, and More!

Posted on September 9, 2015 by Kraft

Hang on to your hats! Jetpack 3.7 is now available for your self-hosted WordPress sites with some great updates to the user interface, support for development sites, and more!

Simpler User Interface

We heard you! Jetpack now provides a much simpler user interface that gives you quick and easy access for turning various features on and off with a single click. However, if you want to tinker with individual module settings or configurations like you’re used to, the old Jetpack → Settings page is still there!

New Jetpack UI

Support for Development Sites

If you use a development or staging environment for your Jetpack site or happen to be moving your site to a new URL, you may have previously run into trouble. You probably had to reach out to our wonderful team of Happiness Engineers for help with sorting out the Jetpack issue.

No more!

Now when you move your site (e.g. by cloning a staging site off of your production site or moving from staging to production), Jetpack detects the change and asks you what you’d like to do: Would you like to move to a new address? Is this a totally different site that needs a fresh connection? Or is this a staging site? Whatever your answer Jetpack will now automatically sort itself out under-the-hood for you.

Alongside this, if your site still has trouble and can’t verify the connection with WordPress.com, we attempt to detect that too and alert you so you can take action before, for example, publishing a new post. Now, there will be no more wondering why a new post wasn’t automatically published on Facebook or Twitter!

And More…

Jetpack 3.7 also introduces the new VideoPress player that works on all devices and allows you to paste a VideoPress link to automatically embed videos. Other key changes include:

Ability to enable per-post opt-out for Subscriptions by adding one of our new filters to a functionality plugin.
A new Widget Visibility rule that allows you to show or hide widgets based on a page’s parent. Need all of your pages in your “About” section to show a certain widget? Now you can!
Sharing buttons now display on bbPress forum posts and more.
Full changelog can be seen at WordPress.org.

We worked hard to make Jetpack 3.7 a great release for you and your sites and we hope you enjoy it!

A special thank you to all who contributed to Jetpack during the 3.7 development cycle:
Adam Heckler, Alex Kirk, Allen Snook, Andrew Duthie, Ben Lowery, Bernhard Reiter, Bob Ralian, Brandon Hubbard, Brandon Kraft, Brandon Lavigne, Chris Mospaw, Chrissie Pollock, Daniel Homer, Daryl L. L. Houston, David (Lenny) Lenehan, Dennis Snell, Derek Smart, Derek Springer, Donncha Caoimh, Enej Bajgoric, Eoin Gallagher, Eric Binnion, George Stephanis, Gregory Cornelius, Ian Dunn, Igor Zinovyev (Release Lead), jeiseman, Jeff Bowen, Jeff Golenski, Jeremy Herve, Jesse Friedman, Joey Kudish, John Godley, Justin Kropp, Justin Shreve, Kat Hagan, Maciej Gryniuk, Marcus Kazmierczak, Matas Ventura, Micah Ernst, Michael Adams, Michael Cain, Miguel Fonseca, Miguel Lezama, Mohammad (Mo) Jangda, Nancy Thanki, Nathaniel Taintor, Nick Momrik, Paul Schreiber, Richard Muscat, Rocco Tripaldi, Sam Hotchkiss, Tim Moore, Tony Kovanen, Utkarsh, William Turrell, Yoav Farhi.