Well, it’s pretty painless to me, because I install and update mine via Subversion, but still. I can barely get a post out before another important exploit fix comes around.
In addition to the security fix, 2.5.1 contains many bug fixes. If you are interested only in the security fixes, you can download these corrected copies of wp-includes/pluggable.php, wp-admin/includes/media.php, and wp-admin/media.php. Replace your existing copies of these files with these new copies.
I hope your host has one-click install/update at the very least. If you don’t want to do the whole installation again, it seems you can rename your old files with a .bak extension, and copy over the three new files as a quick fix.
Subversion Mischief:
$ svn sw http://svn.automattic.com/wordpress/tags/2.5.1/
Update: there’s a recommended but optional updated wp-config.php in the new package, but it’s called wp-config-sample.php to keep it from overwriting your current file. To use it:
- Rename your old wp-config.php to something like wp-config.OLD.php .
- Open that same file in notepad or another simple editor. Word wrap should be off.
- In another window, open wp-config-sample.php for editing.
- Copy over the proper DB_NAME, DB-USER, DB_PASSWORD, and if needed, DB_HOST.
- Scroll down to where it says ‘put your unique phrase here’, and between the quotes, insert a long string of random upper and lower case letters and numbers, or use this page to randomly generate yourself a string
- Save this file as wp-config.php . You’re done. If you used notepad, please check to see that the damn thing didn’t add a .TXT extension to the end. Go and load your blog and make sure everything is working.