WordPress is a state-of-the-art semantic personal publishing platform with a focus on aesthetics, web standards, and usability. What a mouthful. WordPress is both free and priceless at the same time. More simply, WordPress is what you use when you want to work with your blogging software, not fight it. We have a security update release now available for both the 2.1 and 2.0 branches of WordPress now available for immediate download. This update is highly recommend for all users of both branches.
These releases include fixes for several publicly known minor XSS issues, one major XML-RPC issue, and a proactive full sweep of the WordPress codebase to protect against future problems. Many thanks to Sumit Siddharth and Alex Concha for their help with reporting issues in this release. As an update to the systems issue we had last month, we have taken dozens of additional precautions with the servers and systems that run WordPress.org and they appear to be working well, despite hundreds of hack attempts after we publicly disclosed there had been a problem. We are also now aggressively monitoring all downloads for any changes or modifications, and we are confident the same type of problem won't happen again.
- Ticket 3706 Admin Menu Hooks confusing
- Ticket 3979 Can't set a static page as the front page
- Ticket 3827 private posts are not appearing on main page for users with read_private_posts
- Ticket 3873 wp_import_upload_form() needs to escape ampersands
- Ticket 3891 Multiple errors when passing some query variables as an a array(Only with Register Globals ON)
- Ticket 3896 Wrong indices in match array in parse_w3cdtf
- Ticket 3959 PHP 5 only syntax in general-template.php (changeset 5009)
- Ticket 3981 Patch: Improve error propagation from newMediaObject failure in xmlrpc.php
- Ticket 3988 Sanitize pagenow in admin-header.php
Link: Home Page | Forum Discussion (Thanks Primexx)