An important security issue has been brought to the attention of the WordPress team and we have worked diligently to bring you a new stable release that addresses it. Our latest version 2.0.2 contains several bugfixes and security fixes.
The problems addressed are unannounced XSS issues privately discovered and reported to the WordPress team. Thanks to Michael Boman, Mark Jaquith, Robert Deaton, and David House for assisting with this release.
Just a quick note: this is different than the snake-oil reports that went out on some security lists a few days ago. There were a couple, but they were either not actual security problems, too small to warrant a release, or just patently false. Remember: just because you read it on a mailing list doesn’t mean that it’s true. We’d be the first people to panic if there was an actual problem.
As always, when something serious crosses our desks we jump on it and get a well-tested release out as soon as possible.