WordPress 2.0.6 has been released. This includes critical security bug fix 🙂
From the announcement page:
We have a pretty important release available for everyone, it includes an important security fix and it’s recommended that everyone upgrade. This is the latest release in our stable 2.0 line, which we’ve committed to maintaining for several more years.
Here’s what’s new:
- The aforementioned security fixes.
- HTML quicktags now work in Safari browsers.
- Comments are filtered to prevent them from messing up your blog layout.
- Compatibility with PHP/FastCGI setups.
For developers, there’s a new anti-XSS function called attribute_escape(), and a new filter called “query” which allows you filter any SQL at runtime. (Which is pretty powerful.) Thanks to Mark Jaquith for handling this release and Stefan Esser for responsibly reporting the security issue.