WordPress 3.1.2 has been released.
This release addresses a vulnerability that allowed Contributor-level users to improperly publish posts.
The issue was discovered by a member of our security team.
We suggest you update to 3.1.2 promptly, especially if you allow users to register as contributors or if you have untrusted users. This release also fixes a few bugs that missed the boat for version 3.1.1.
The official WordPress announcement
A list of the modified files (between WordPress 3.1.1 and 3.1.2)
Download 3.1.2 (entire installation)
Download 3.1.2 (just the changed files between 3.1.1 and 3.1.2)