WordPress 2.3.2 has been released, here is a list of most of the changes in detail:

• Performance improvements for post sanitization when raw content is required (#5325).
• Changes to is_admin() to ensure that it is only true for admin pages thereby protecting against exposing draft posts. (#5487).
• Suppression of database errors unless WP_DEBUG is true (#5473).
• Check for valid database connection information during install and display and error if the install fails due to database rights (#5495).
• Support for a custom database down page to be displayed on database connection errors (#5500).
• Changes to wp-mail.php to escape the error messages when displaying them to avoid a possible XSS attack (#5484).
• Changes to ensure that the post password is only exposed by the xmlrpc method metaWeblog.getRecentPosts to users with rights to edit a post (#5535).
• Changes to the information exposed the wp.getAuthors xmlrpc method to reduce the information exposed and add a capabilites check (#5534).
• Addition of extra capabilites checks to APP server (#6508).
• Changes to validate_file() to improve its traversal attempt detection when running on windows (#6521).

For a complete list of all the changes you can read this section of the branches/2.3 log.