WordPress 2.8.2 fixes an XSS vulnerability. Comment author URLs were not fully sanitized when displayed in the admin. This could be exploited to redirect you away from the admin to another site.
This release also fixes a number of other bugs, most notably the upgrade notice, but also fixes a number of other problems. See the timeline for a record of the latest activity.
Grab the new release from the download page or upgrade automatically from within WordPress MU.