WordPress 2.8.5 has been released. As always, it is recommended to update your WordPress installation to the latest patch for security purposes. Here’s a quote from the WordPress team about this release.
As you know over the past couple of months we have been working on the new features for WordPress 2.9. We have also been working on trying to make WordPress as secure as possible and during this process we have identified a number of security hardening changes that we thought we worth back-porting to the 2.8 branch so as to get these improvements out there and making all your sites as secure as possible.
- A fix for the Trackback Denial-of-Service attack that is currently being seen.
- Removal of areas within the code where php code in variables was evaluated.
- Switched the file upload functionality to be whitelisted for all users including Admins.
- Retiring of the two importers of Tag data from old plugins.
For everyone looking to upgrade multiple wordpress blogs on the same server at once, you can use my bash script to do that for you.