WordPress 2.3.2

WordPress 2.3.2 è stato rilasciato, sono stati risolti dei problemi (di cui uno sulla sicurezza) ecco una lista di cambiamenti rispetto alla versione precedente:

• Performance improvements for post sanitization when raw content is required (#5325).
• Changes to is_admin() to ensure that it is only true for admin pages thereby protecting against exposing draft posts. (#5487).
• Suppression of database errors unless WP_DEBUG is true (#5473).
• Check for valid database connection information during install and display and error if the install fails due to database rights (#5495).
• Support for a custom database down page to be displayed on database connection errors (#5500).
• Changes to make sure we are more selective in what we make clickable, this introduces different rules for different uri types ([6450]).
• Changes to wp-mail.php to escape the error messages when displaying them to avoid a possible XSS attack (#5484).
• Changes to ensure that the post password is only exposed by the xmlrpc method metaWeblog.getRecentPosts to users with rights to edit a post (#5535).
• Changes to the information exposed the wp.getAuthors xmlrpc method to reduce the information exposed and add a capabilites check (#5534).

• Addition of extra capabilites checks to xmlrpc methods ([6504]).
• Addition of extra capabilites checks to APP server ([6508]).
• Changes to validate_file() to improve its traversal attempt detection when running on windows ([6521]).

Per altre informazioni e per consultare il log completo: branches/2.3 log.