[wp-trac] [WordPress Trac] #23394: Remove version from readme.html / Upgrade core doesn't restore the file

WordPress Trac noreply at wordpress.org
Tue Feb 5 12:36:15 UTC 2013


#23394: Remove version from readme.html / Upgrade core doesn't restore the file
-----------------------------+-------------------------
 Reporter:  momo360modena    |       Type:  enhancement
   Status:  new              |   Priority:  normal
Milestone:  Awaiting Review  |  Component:  Security
  Version:  trunk            |   Severity:  normal
 Keywords:                   |
-----------------------------+-------------------------
 I think it is necessary to remove the version number of the WordPress
 readme.html and those for several reasons.

 1. The file shows the version number of WordPress easily ... Security
 (Version disclosure)
 1. Few people are aware of the file. The impact is limited.
 3. Wrong reason, but the other major CMS do not!

 Moreover, if we adopt the approach of deliberately delete from FTP, the
 next automatic update will restore it. This is a task binding.

 I think the automatic update of the WordPress core should detect the
 presence of the file and not restored if does not exist!
 I'd like to have your opinions before proposing any patch!

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/23394>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list