WordPress 2.3.1 has been released today and includes a number of changes including one security fix, here is a list of most of the changes in detail:
- Improvements to the email address extraction in
wp-mail.php
(#5169). - An improvement to the link manager to ensure that only user with the manage_links capability can access the page (#4627).
- A security fix to ensure that
edit-post-rows.php
cannot be directly loaded to prevent XSS attacks when register_globals is enabled ([6258]). - Groupings in the SQL queries used during upgrade to remove errors on duplicate entries in the old post2cat and link2cat tables (#5223).
- The Sender is set on emails to help on hosts that limit which email addresses can send (#5007).
- Fixes to category assignment during link import from OPML (#5107)
- Manifest file for Windows Live Writer so as to enable tagging support (#5023).
- Performance improvements for the Taxonomy intersection queries (#5137).
- Exclusion of the post previews from canonicalisation (#5203)
- Improvements to the handling of the main query to ensure it is saved when calling
wp()
(#5121). - Fix the in-line uploader so that send to editor works with a blank title (#5080).
- Removal of the case-sensitivity on host names of
wp_safe_redirect()
(#5114). - Changes to the load order in the javascript loader to ensure that Prototype is loaded before jQuery (#5067).
- Enforcement of the same sanitisation rules for pages as for posts (#5135)
For a complete list of all the changes you can read the branches/2.3 log.