WordPress Version 3.4.2
On September 6, 2012, WordPress 3.4.2 was released to the public. This is a maintenance and security update.
For version 3.4.2, the database version (db_version in wp_options) changed to 21707.
- Fixes some issues in the admin area where some older browsers (IE7, in particular) may slow down, lag, or freeze.
- Fixes an issue where a theme may not preview correctly, or its screenshot may not be displayed.
- Fixes the use of multiple trackback URLs in a post.
- Prevents improperly sized images from being uploaded as headers from the customizer.
- Ensures proper error messages can be shown to PHP4 installs. (WordPress requires PHP 5.2.4 or later.)
- Fixes handling of oEmbed providers that only return XML responses.
- Addresses pagination problems with some category permalink structures.
- Adds more fields to be returned from the XML-RPC wp.getPost method.
- Avoids errors when updating automatically from very old versions of WordPress (pre-3.0).
- Fixes problems with the visual editor when working with captions.
Additionally: Version 3.4.2 fixes a few security issues and contains some security hardening. These issues were discovered and addressed by the WordPress security team:
- Fix unfiltered HTML capabilities in multisite.
- Fix possible privilege escalation in the Atom Publishing Protocol endpoint.
- Allow operations on network plugins only through the network admin.
- Hardening: Simplify error messages when uploads fail.
- Hardening: Validate a parameter passed to wp_get_object_terms().
A full log of the changes made for 3.4.2 can be found at http://core.trac.wordpress.org/changeset?old_path=%2Ftags%2F3.4.1&old=21780&new_path=%2Ftags%2F3.4.2&new=21780