WordPress 3.7.1 Maintenance Release

WordPress 3.7.1 is now available! This maintenance release addresses 11 bugs in WordPress 3.7, including:

  • Images with captions no longer appear broken in the visual editor.
  • Allow some sites running on old or poorly configured servers to continue to check for updates from WordPress.org.
  • Avoid fatal errors with certain plugins that were incorrectly calling some WordPress functions too early.
  • Fix hierarchical sorting in get_pages(), exclusions in wp_list_categories(), and in_category() when called with empty values.
  • Fix a warning that may occur in certain setups while performing a search, and a few other notices.

For a full list of changes, consult the list of tickets and the changelog.

If you are one of the nearly two million already running WordPress 3.7, we will start rolling out the all-new automatic background updates for WordPress 3.7.1 in the next few hours. For sites that support them, of course.

Download WordPress 3.7.1 or venture over to Dashboard → Updates and simply click “Update Now.”

Just a few fixes
Your new update attitude:
Zero clicks given

CVE-2013-5783

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Swing. (CVSS:6.4) (Last Update:2014-10-04)

CVE-2013-5819

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. (CVSS:5.0) (Last Update:2014-02-06)

CVE-2013-5787

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. (CVSS:10.0) (Last Update:2014-01-27)

CVE-2013-5820

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to JAX-WS. (CVSS:5.0) (Last Update:2014-10-04)

CVE-2013-5790

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to BEANS. (CVSS:4.3) (Last Update:2014-10-04)