I don’t post every time something upgrades but the wordpress development blog says version 2.2.2 is being released.
This addresses 1 of the 7 security issues found on this page last week.
The one that is fixed is a XSS exploit that allows the attacker to execute remote commands (remote shell) with the privileges of your web server.
The example code given is :
BTW I love wordpress’s priority on this one of – OMG BBQ
A.D.D SIDENOTE – why does wordpress name every download latest.tar.gz and say its always the newest….
Actually I think it is up to date. If you look at the wp-includes/version.php file it says
$wp_version = ‘2.2.2’;
$wp_db_version = 5183;
But when I upgraded it still shows:
Maybe its just me?
UPDATE: it was just me…. hats off to wordpress for responding to this serious vulnerability so fast.