Check here for details. Basically a security fix has been released. The RSS feeds that WordPress site owners see in their dashboard are presented via the Snoopy library, and this is where a vulnerability has been discovered.
I am about to upgrade this blog, so if anything happens to go wrong, and I’m not able to post for a while, you know why 🙂 Alternatively, no posts might be visible at all if it goes horribly wrong, in which case you won’t see this post until I’ve fixed any problems.
[edit]
OK, all went fine, and I’ve just noticed that a slightly annoying bug with the brilliant WordPress Automatic Upgrade (WPAU) plugin has gone – plugins that were previously disabled are no longer automatically re-enabled during the WP upgrade process.