A few hours ago, Ryan Boren announced via the official WordPress blog the availability of WordPress 3.1.1. This update is a maintenance and security release that contains about thirty patches/fixes to issues found on the 3.1 version like security hardening to media uploads, performance improvements, fixes for IIS6 support, fixes for taxonomy and PATHINFO (/index.php/) permalinks and fixes for various query and taxonomy edge cases causing plugin compatibility issues.
Aside from the issues mentioned above, WordPress 3.1.1 also addresses three security issues that were discovered by Jon Cave and Peter Westwood – both WordPress core developers and members of the WordPress security team.
- Hardens CSRF prevention in the media uploader.
- Avoids a PHP crash in certain environments when handling devilishly devised links in comments.
- Addresses a XSS flaw.
Whether you’ve already upgraded to WordPress 3.1 or not, this is the best time to upgrade your WordPress installation to the latest version.
WordPress 3.1.1 can be downloaded manually from WordPress.org or automatically via the WordPress admin panel — Dashboard > Updates. Personally, I prefer to do the upgrade manually because it has less problems and issues. Make sure that you disable/deactivate all active plugins before you start the upgrade process. This reduces the risk of running into problems or plugin compatibility issues.
Anyone upgraded their blogs to WordPress 3.1.1? What version of WordPress were you running prior to the upgrade? Please share your thoughts.