Various security hardening
Taxonomy query hardening
Prevent sniffing out user names of non-authors by using canonical redirects.
Media security fixes
Improves file upload security on hosts with dangerous security settings.
Cleans up old WordPress import files if the import does not finish.
Introduce “clickjacking” protection in modern browsers on admin and login pages.
WordPress Codex lists the file changes in this new release at:
WordPress recommend updating WordPress installations as soon as possible to improve security and close the security and privacy vulnerabilities fixed in the release.
More info on the WordPress blog: