We have a pretty important release available for everyone, it includes an important security fix and It’s recommended that everyone upgrade. This is the latest release in our stable 2.0 line, which we’ve committed to maintaining for several more years.
Here’s what’s new:
- The aforementioned security fixes.
- HTML quicktags now work in Safari browsers.
- Comments are filtered to prevent them from messing up your blog layout.
- Compatibility with PHP/FastCGI setups.
For developers, there’s a new anti-XSS function called attribute_escape(), and a new filter called query? which allows you filter any SQL at runtime. (Which is pretty powerful.) Thanks to Mark Jaquith for handling this release and Stefan Esser for responsibly reporting the security issue.
As always, you can download the latest version of WordPress here.
As a side note, this is probably our last release before 2.1 is out, which will be our first major feature release in quite a while. 2.1 just entered beta stage, so if you’re interested in helping out with that process consider joining our beta group. As a reminder, if you’re a plugin or theme author you should check your code to make sure It’s compatible with 2.1 before the release.
I didn’t quite appreciate the importance of the HTML quicktags improvement for Safari users (like me) until I saw this post on TUAW which had the following screenshot:
Firefox and IE users are probably accustomed to seeing the formatting options in their WordPress windows. This hasn’t been available to Safari users and we have had to create posts the old fashioned way, using HTML code (actually, I use Qumana for my blog posts so I haven’t quite had to go back to basics and where Qumana doesn’t cut it, I just switch to Firefox). While the HTML quicktags aren’t the same as the formatting options you see with other browsers, the tags do make the whole process that much easier.
Anyway, the release is available for download so hop to it …