Hui, vor kurzem kam erst die 3.4 heraus, jetzt wird schon das erste Update hinterher geschickt – anscheinend gab es bei einigen Server/php Versionen und Einstellungen wie "safe-mode" Schwierigkeiten, die nun behoben sind:

  • Fixes an issue where a theme’s page templates were sometimes not detected.
  • Addresses problems with some category permalink structures.
  • Better handling for plugins or themes loading JavaScript incorrectly.
  • Adds early support for uploading images on iOS 6 devices.
  • Allows for a technique commonly used by plugins to detect a network-wide activation.
  • Better compatibility with servers running certain versions of PHP (5.2.4, 5.4) or with uncommon setups (safe mode, open_basedir), which had caused warnings or in some cases prevented emails from being sent.

Additionally: Version 3.4.1 fixes a few security issues and contains some security hardening. These issues were discovered and fixed by the WordPress security team:

  • Privilege Escalation/XSS. Critical. Administrators and editors in multisite were accidentally allowed to use unfiltered_html for 3.4.0.
  • CSRF. Additional CSRF protection in the customizer.
  • Information Disclosure: Disclosure of post contents to authors and contributors (such as private or draft posts).
  • Hardening: Deprecate wp_explain_nonce(), which could reveal unnecessary information.
  • Hardening: Require a child theme to be activated with its intended parent only.

Also, alle Mann in die Takelage, Update voraus - über den Adminbereich oder bei wordpress.org, wordpress-deutschland.org