WordPress 2.3.2 è stato rilasciato, sono stati risolti dei problemi (di cui uno sulla sicurezza) ecco una lista di cambiamenti rispetto alla versione precedente:
- Performance improvements for post sanitization when raw content is required (#5325).
- Changes to
is_admin()to ensure that it is only true for admin pages thereby protecting against exposing draft posts. (#5487). - Suppression of database errors unless WP_DEBUG is true (#5473).
- Check for valid database connection information during install and display and error if the install fails due to database rights (#5495).
- Support for a custom database down page to be displayed on database connection errors (#5500).
- Changes to make sure we are more selective in what we make clickable, this introduces different rules for different uri types ([6450]).
- Changes to
wp-mail.phpto escape the error messages when displaying them to avoid a possible XSS attack (#5484). - Changes to ensure that the post password is only exposed by the xmlrpc method
metaWeblog.getRecentPoststo users with rights to edit a post (#5535). - Changes to the information exposed the
wp.getAuthorsxmlrpc method to reduce the information exposed and add a capabilites check (#5534).
- Addition of extra capabilites checks to xmlrpc methods ([6504]).
- Addition of extra capabilites checks to APP server ([6508]).
- Changes to
validate_file()to improve its traversal attempt detection when running on windows ([6521]).
Per altre informazioni e per consultare il log completo: branches/2.3 log.