All releases tagged Stable
Release Notes: A few of this release are global undo and "trash", image editing (crop, rotate, scale, flip), post thumbnail support for themes, batch plugin update and compatibility checking, easy video embedding via the oEmbed standard, the use of rel=canonical for SEO, commentmeta for extending comments, improved API support for custom post types, extensible registration and user profiles, and many other new features, enhancements, and performance improvements.
Release Notes: This release fixes two security problems that could be exploited by registered, logged in users who have posting privileges. If you have untrusted authors on your blog, upgrading is recommended. The first problem was an XSS vulnerability in Press The second problem was an issue with sanitizing uploaded file names that could be exploited in certain Apache configurations.
Release Notes: A vulnerability was discovered in which a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset, and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying. This release, which fixes all known problems, is now available for download and is highly recommended.
Release Notes: This release fixes an XSS vulnerability. Comment author URLs were not fully sanitized when displayed in the admin. This could be exploited to redirect you away from the admin to another site. Download 2.8.2 or automatically upgrade from the Tools->Upgrade page of your blog’s admin.
Release Notes: These changes were made since the 2.8 release. A bug was fixed in which the wrong files were deleted when the core update failed. Memory requirements in the Dashboard were improved. A problem was worked around in some third-party themes that tried to call get_categories() before the function was loaded. Extra security was put in place for some third-party plugins that don't do their own explicit permission checks. Various other minor bugfixes, tweaks, and improvements were made.
