Various security hardening by Alexander Concha. Taxonomy query hardening by John Lamansky. Prevent sniffing out user names of non-authors by using canonical redirects. Props Verónica Valeros. Media security fixes by Richard Lundeen of Microsoft, Jesse Ou of Microsoft, and Microsoft Vulnerability Research. Improves file upload security on hosts with dangerous security settings. Cleans up old WordPress import files if the import does not finish. Introduce “clickjacking” protection in modern browsers on admin and login pages.
Consult the change log for full details.