Wordpress just announced a new release of their infamous blogging script with wordpress 2.2.2 and 2.0.11. It is time for me also to upgrade to this version due to some security issues wordpress pointed out on their blog and the ticket submitted which are located here http://trac.wordpress.org/ticket/4429

I have an update script that brings a plugin from any version up to the current version. Early on there is an add_option request. Later I need to add to the content so I perform a get_option, modify the content and perform an update_option. This also happens a second time in the script. Results can vary. For some the sequence works fine. For others the final option content may only contain the final two ‘update’ calls having lost the original. In tests I have just performed I ended up with two option rows (with the same option_name) - the first with the original content, the second with the two modifications combined. I do not believe this ever happened (to my knowledge) prior to 2.2 but seems to be quite common on 2.2. It’s almost as if the subsequent calls are not pulling the original option from the cache.

and to this http://trac.wordpress.org/ticket/4689.

In /upload.php the parameter style is prone to XSS Attacks when editing Temporary Uploads (they usually have a negative ID). An attack could look like this: /upload.php?style=%22%3E{shellcode}&tab=upload&post_id=-1337
Patch: // IDs should be integers $ID = (int) $ID; $post_id = (int) $post_id; *$style = preg_replace(’/[A-Za-z]/’, , $style);

add the line marked with the * to upload.php behind the $post_id one

And there are other minor update also in this version. So there is no harm in updating to this version. These will protect your blog to some attack thus it is better to be safe than sorry.