WordPress 2.2.1 is out: Upgrading now is recommended!

Well, having just finished upgrading to version 2.2.0, I’m now upgrading again to 2.2.1 just as soon as I can. Since there are some vulnerabilities with 2.2.0, you should consider this too! Now it’s much easier than before.Backup your posts via the backup tool. Turn all the plugins off. And (on my own host) click upgrade in the One-Click Installs section of your ! Voila! It’s easy.

WordPress 2.2.1 is now available.

2.2.1 is a bug fix release for the 2.2 series. Since 2.2 was released a month ago, the WordPress community has been improving fit-and-finish by identifying and fixing those little bugs that can be so annoying and by fine-tuning some small details. The result is a nicely polished 2.2.1 release. Here are some highlights.

  • Atom feed validation fixes (#4274, #4307, #4381, #4382)
  • XML-RPC fixes (#4314, #4329, #4315, #4469)
  • Widget backward compatibility fixes (#4275)
  • Widget layout fixes for IE7 (#4264, #4268)
  • Page and Text Widget improvements (#4302, #4259).

Unfortunately, 2.2.1 is not just a bug fix release. Some security issues came to light during 2.2.1 development, making 2.2.1 a required upgrade. 2.2.1 addresses the following vulnerabilities:

  • Remote shell injection in PHPMailer
  • Remote SQL injection in XML-RPC Discovered by Alexander Concha.
  • Unescaped attribute in default theme

So, if you are using WordPress you should be getting ready to upgrade! It will fix many of the problems from 2.2.0!