As if the unprofessional handling of WordPress security announcements (see Another WordPress Security Update and More on Security Announcements) wouldn’t be bad enough, the WordPress developers also seem to have problems with organizing releases.
Stefan Esser reports that there are two WordPress 1.5.2 versions. The first one, which didn’t fix the problem it was supposed to fix, was available for download for several hours before it silently was replaced by the fixed second version.
It’s hard to understand why the version number wasn’t bumped for the second release and why the WordPress developers didn’t inform users about the mistake.
The comments from the WordPress crowd are a bit weak in my opinion. If there’s FUD about WordPress’ security it’s the sole fault of the WordPress developers!