IN THIS CHAPTER

WordPress' upgrade cycle is pretty much set in stone. On average, a major release of the software is released three times a year (or about once every four months). These release cycles increase the version number by increments of .1 (WordPress 2.5, 2.6, 2.7, 2.8, and so on) and are referred to as "major" releases.

Security fixes are released as needed and append an additional digit to the version number (WordPress 2.8.1, 2.8.2, 2.8.3, and so on). These releases are called security releases or "point" releases.

Those in the WordPress community have often expressed frustration over the cycle and speed at which releases come. Many times, the fast-paced releases — particularly security releases — reflect the need to get flaws fixed quickly.

A main argument against open source software is that because the code is available to anyone, malicious hackers can roadmap their way to an exploit. Of course, this is also one of the strengths of open source software — security researchers can also find flaws, and inform others of them and address them, before a security problem becomes public knowledge.

WordPress takes an aggressive approach to security flaws, in some cases releasing security fixes quickly to address the issues. Of course, no software is ever perfect, WordPress included.