On September 6, 2012, WordPress 3.4.2 was released to the public. This is a maintenance and security update.
For version 3.4.2, the database version (db_version in wp_options) changed to 21707.
Installation/Update Information
To download WordPress 3.4.2, update automatically from the Dashboard > Updates menu in your site’s admin area or visit https://wordpress.org/download/release-archive/.
For step-by-step instructions on installing and updating WordPress:
If you are new to WordPress, we recommend that you begin with the following:
- New To WordPress – Where to Start
- First Steps With WordPress or Upgrading WordPress Extended
- WordPress Lessons
Summary
From the announcement post, this maintenance release addresses 18 bugs with version 3.4 and 3.4.1, including:
- Fixes some issues in the admin area where some older browsers (IE7, in particular) may slow down, lag, or freeze.
- Fixes an issue where a theme may not preview correctly, or its screenshot may not be displayed.
- Fixes the use of multiple trackback URLs in a post.
- Prevents improperly sized images from being uploaded as headers from the customizer.
- Ensures proper error messages can be shown to PHP4 installs. (WordPress requires PHP 5.2.4 or later.)
- Fixes handling of oEmbed providers that only return XML responses.
- Addresses pagination problems with some category permalink structures.
- Adds more fields to be returned from the XML-RPC wp.getPost method.
- Avoids errors when updating automatically from very old versions of WordPress (pre-3.0).
- Fixes problems with the visual editor when working with captions.
Additionally: Version 3.4.2 fixes a few security issues and contains some security hardening. These issues were discovered and addressed by the WordPress security team:
- Fix unfiltered HTML capabilities in multisite.
- Fix possible privilege escalation in the Atom Publishing Protocol endpoint.
- Allow operations on network plugins only through the network admin.
- Hardening: Simplify error messages when uploads fail.
- Hardening: Validate a parameter passed to wp_get_object_terms().
A full log of the changes made for 3.4.2 can be found at https://core.trac.wordpress.org/changeset?old_path=%2Ftags%2F3.4.1&old=21780&new_path=%2Ftags%2F3.4.2&new=21780
List of Files Revised
wp-load.php wp-includes/class-wp-atom-server.php wp-includes/taxonomy.php wp-includes/version.php wp-includes/js/wp-lists.js wp-includes/js/tinymce/plugins/wpeditimage/editor_plugin.js wp-includes/js/tinymce/plugins/wpeditimage/editor_plugin_src.js wp-includes/js/tinymce/langs/wp-langs.php wp-includes/js/tinymce/wp-tinymce.js.gz wp-includes/js/plupload/wp-plupload.js wp-includes/js/plupload/wp-plupload.dev.js wp-includes/js/imgareaselect/jquery.imgareaselect.dev.js wp-includes/js/imgareaselect/jquery.imgareaselect.js wp-includes/js/wp-lists.dev.js wp-includes/class-wp-customize-control.php wp-includes/class-wp-theme.php wp-includes/theme.php wp-includes/functions.php wp-includes/load.php wp-includes/class-wp-xmlrpc-server.php wp-includes/formatting.php wp-includes/rewrite.php wp-includes/capabilities.php wp-includes/class-oembed.php wp-includes/css/editor.dev.css wp-includes/css/editor.css wp-includes/class-wp-editor.php readme.html wp-admin/includes/class-wp-ms-themes-list-table.php wp-admin/includes/class-wp-upgrader.php wp-admin/includes/meta-boxes.php wp-admin/includes/class-wp-plugins-list-table.php wp-admin/includes/update-core.php wp-admin/includes/class-wp-themes-list-table.php wp-admin/js/post.dev.js wp-admin/js/link.js wp-admin/js/customize-controls.js wp-admin/js/link.dev.js wp-admin/js/post.js wp-admin/js/customize-controls.dev.js wp-admin/index.php wp-admin/plugins.php wp-admin/setup-config.php wp-admin/about.php