Well guys, we're still inching our way towards an official release of WordPress (news, site) 2.9. The journey so far has been full of joy, pain, tiny iterations and most recently, some serious security issues. So serious, in fact, that WordPress developer Peter Westwood recently reported that the team will be back-porting some changes to the 2.8 branch.
Though Westwood claims the move is to get the features out there for WordPress users to try prior to the 2.9 release, we presume it's also partially because the popular blogging platform suffered some backlash when a particularly nasty worm wreaked havoc in September.
The newest release, WordPress 2.8.5, features the following goodies expected in 2.9:
- A fix for the Trackback Denial-of-Service attack that is currently being seen
- Removal of areas within the code where php code in variables was evaluated
- Switched the file upload functionality to be whitelisted for all users including Admins
- Retiring of the two importers of Tag data from old plugins
Thinking of holding out until the official 2.9 release to upgrade? Team WordPress urges you to think again. They're even offering up a plugin called WordPress Exploit Scanner which searches the files on your website, as well as the posts and comment tables of your database for anything suspicious.
So go on, get started already.