WordPress.org

Codex

Interested in functions, hooks, classes, or methods? Check out the new WordPress Code Reference!

Version 3.4.1

On June 27, 2012, WordPress 3.4.1 was released to the public. This is a maintenance and security update.

For version 3.4.1, the database version (db_version in wp_options) changed to 21115.

Installation/Update Information

To download WordPress 3.4.1, update automatically from the Dashboard > Updates menu in your site's admin area or visit http://wordpress.org/download/release-archive/.

For step-by-step instructions on installing and updating WordPress:

If you are new to WordPress, we recommend that you begin with the following:

Summary

From the announcement post, this maintenance release addresses 18 bugs with version 3.4, including:

  • Fixes an issue where a theme’s page templates were sometimes not detected.
  • Addresses problems with some category permalink structures.
  • Better handling for plugins or themes loading JavaScript incorrectly.
  • Adds early support for uploading images on iOS 6 devices.
  • Allows for a technique commonly used by plugins to detect a network-wide activation.
  • Better compatibility with servers running certain versions of PHP (5.2.4, 5.4) or with uncommon setups (safe mode, open_basedir), which had caused warnings or in some cases prevented emails from being sent.

Additionally: Version 3.4.1 fixes a few security issues and contains some security hardening. These issues were discovered and fixed by the WordPress security team:

  • Privilege Escalation/XSS. Critical. Administrators and editors in multisite were accidentally allowed to use unfiltered_html for 3.4.0.
  • CSRF. Additional CSRF protection in the customizer.
  • Information Disclosure: Disclosure of post contents to authors and contributors (such as private or draft posts).
  • Hardening: Deprecate wp_explain_nonce(), which could reveal unnecessary information.
  • Hardening: Require a child theme to be activated with its intended parent only.

A full log of the changes made for 3.4.1 can be found at http://core.trac.wordpress.org/changeset?reponame=&new=21153%40branches%2F3.4&old=21076%40trunk

List of Files Revised

wp-login.php
wp-includes/post-template.php
wp-includes/class-wp-customize-manager.php
wp-includes/update.php
wp-includes/class-phpmailer.php
wp-includes/version.php
wp-includes/js/customize-preview.dev.js
wp-includes/js/customize-preview.js
wp-includes/class-wp-theme.php
wp-includes/theme.php
wp-includes/functions.php
wp-includes/l10n.php
wp-includes/class.wp-scripts.php
wp-includes/class-wp-xmlrpc-server.php
wp-includes/rewrite.php
wp-includes/canonical.php
wp-includes/capabilities.php
wp-includes/script-loader.php
wp-includes/class-wp-editor.php
readme.html
wp-admin/includes/plugin.php
wp-admin/includes/update.php
wp-admin/includes/meta-boxes.php
wp-admin/includes/update-core.php
wp-admin/customize.php
wp-admin/js/common.js
wp-admin/js/common.dev.js
wp-admin/js/customize-controls.js
wp-admin/js/customize-controls.dev.js
wp-admin/load-scripts.php
wp-admin/css/wp-admin.dev.css
wp-admin/css/wp-admin.css
wp-admin/about.php
wp-admin/themes.php
See also: other WordPress Versions.