Two new WordPress releases are now available. The first being a security update for the stable 3.1 series. The second is beta 2 of the upcoming WordPress 3.2 release. Details below.

WordPress 3.1.3

WordPress 3.1.3 is available now and is a security update for all previous versions. It contains the following security fixes and enhancements:

  • Various security hardening by Alexander Concha.
  • Taxonomy query hardening by John Lamansky.
  • Prevent sniffing out user names of non-authors by using canonical redirects. Props Verónica Valeros.
  • Media security fixes by Richard Lundeen of Microsoft, Jesse Ou of Microsoft, and Microsoft Vulnerability Research.
  • Improves file upload security on hosts with dangerous security settings.
  • Cleans up old WordPress import files if the import does not finish.
  • Introduce “clickjacking” protection in modern browsers on admin and login pages.

Consult the change log for more details.

Download WordPress 3.1.3 or update automatically from the Dashboard → Updates menu in your site’s admin area.

WordPress 3.2 beta 2

Here are some of the things that changed since Beta 1:

  • Google Chrome Frame is now supported in the admin, if you have it installed. This is especially useful for IE 6 users (remember, IE 6 is otherwise deprecated for the admin).
  • The admin is less ugly in IE 7.
  • The blue admin color scheme has caught up to the grey one, and is ready for testing.
  • We are now bundling jQuery 1.6.1. You should test any JS that uses jQuery. WordPress JavaScript guru Andrew Ozz has a post with more info.

Download WordPress 3.2 Beta 2