Now, it looks like WordPress has been forked into two branches – WP 2.1.3 and 2.0.10. My blogs are actually running 2.1.2 and 2.0.9 and I thought the 2.0.9 version will the the last stable version before WP rolls out with it’s major 2.1.x upgrade path.
We have a security update release now available for both the 2.1 and 2.0 branches of WordPress now available for immediate download. This update is highly recommend for all users of both branches.
These releases include fixes for several publicly known minor XSS issues, one major XML-RPC issue, and a proactive full sweep of the WordPress codebase to protect against future problems. Many thanks to Sumit Siddharth and Alex Concha for their help with reporting issues in this release.
Anyway, it means that there are issues with the 2.1.x that the 2.0.10 needs to be pushed further.
So, go ahead and download these versions here.
Those several publicly known minor XSS issues, and one major XML-RPC issue are security issues, aren’t they? So that means 2.1.3 is a security update. :)
I was hoping for a security update but oh well…
They did announce that 2.1 is a branch from 2.0 and that 2.0.x would still be supported until the year 2010. In fact, 2.0.9 and 2.1.1 was released the same time, and the stable release before they rolled out 2.1 “Ella” was 2.0.7. :)