Open Source WordPress blog hits version 2.6
The open source WordPress blogging software is out with version 2.6 which moves the system closer to being a Content Management System with version control functionality. Ohh and it fixes about 200 bugs, some of which are security related including what I consider to be a VERY important SSL enhancement.
WordPress's announcement states that there are, "A number of proactive security enhancements, including cookies and database interactions."
The SSL enhancement that I consider to be key is the fact that a WordPress admin can now force SSL on a user. From my lay understanding what that should enable is if a user goes to a login page (without HTTPS) they should get bumped to the HTTPS version which will prevent their passwords from being sent in clear text over the wire (and thus easily sniffed).
They've also put up a neat 3 min overview of features in WordPress 2.6 - check it out below: