Hi Thijs, Wordpress does publish md5sums: http://wordpress.org/download/release-archive/
Btw 2.1.x is an unstable branch. The Wordpress stable branch 2.0.x is for etch, hopefully. So I like to think 2.0.x of being on topic, not so much 2.1.x. Though lets address your concerns for 2.1.x. Upstream took the "just upgrade" path with 2.1.2 as it is dealing largely with a non-technical audience. Quoting Mark Jaquith: """ But ultimately, even without another security vulnerability necessitating a new release, it probably still would have been a good idea. We're dealing with a mostly non-technical audience here, and bumping the version number is a sure way for people to know if they are vulnerable or not with 100% certainty and no technical skill.""" If you're really interested in the exploit view the Debian Wordpress changelog for the ticket number. I would like to add that many of these security issues are quite minor and exaggerated. Any questions? Please get in touch with me. Best wishes from Cornwall,
signature.asc
Description: Digital signature
