WordPress 2.6.5 has been released. It fixes an XSS security problem concerning blogs running on Apache 2.x using IP-based virtual servers and there are three small non-critical bug fixes. You can download the fix or use Subversion to pull them down thus:
1: svn sw http://svn.automattic.com/wordpress/tags/2.6.5/
As usual, it took me longer to log onto my server than actually do the upgrade itself.
If you pay attention to things like version numbers, you’ll note that the numbers skipped from 2.6.3 to 2.6.5. That’s because there is a rogue version floating around calling itself 2.6.4. If you’re tempted to install it, DON’T!!! It’s not a real release. There will never be a WordPress 2.6.4.