If you keep up with security vulnerabilities, you're probably familiar with the terrible track record of blogs. If you don't, perhaps you should search the National Vulnerability Database for the name of your favorite blog software.
It seems as though bugs in blogs are a very common intrusion vector, one that has humiliated a number of security experts, as demonstrated in the Zero for Owned Zine.
Among many security experts, the consensus is that the only way to run it securely is to outsource hosting of it (so that compromises don't affect your site), which really just shifts the risk, and re-writing substantial portions or the whole thing.
One such project for "re-writing from scratch" is the secblog project, although I have lost interest in the project.
The other major option is to have a system that generates a set of static HTML pages, so that no run-time logic is necessary (beyond the well-tested web server that serves up static pages). This has the downside of not allowing user comments, or dynamic content, but that's the tradeoff.
Many of these programs can generate other kinds of web content, not just blogs. I've written up all of my ideas for a web generator that I can remember in case anyone wants to see them.
I should apologize in advance for the variable quality of this page; it turned out to be a much larger project than I expected, and I realized how much I really needed a more powerful markup language while writing it. In particular, it would be handy to have more cross-references and a feature matrix.
In particular, since there are so many options, I had to narrow my focus somehow; I did this by limiting myself to python implementations, since that's what I'm most familiar with. I have nothing against ruby; I have written some stuff in it, but it's still a little less familiar to me (the curly braces in particular still look alien).
Typically, the various programs will be written in some language. Furthermore, they will have two major components, a (lightweight) markup language and a templating system, which are often (but not always) particular to the language in which they're implemented.
There are two main sub-languages involved:
TODO: feature matrix. What about RSS/Atom feeds? Which are web-like, and which blog-like?
Poole is an easy to use markdown-driven static website generator. You write the content of your pages in Markdown and Poole creates a nice and simple site with a navigation menu. You don't need to learn a template or preprocessing engine.
Though Poole is made for simple sites, it has basic support for content generation by embedding Python code in page source files. This is a dirty merge of content and logic but for simple sites it's a pragmatic way to get things done fast and easy -- if you know Python you're ready to start.
Conceptually it's something in between plain Markdown to HTML conversion and more sophisticated site generators like Hyde.
Poole uses one global HTML skeleton file to inject the HTML versions of Markdown source pages into. Poole has basic support for generating content by embedding Python code in page source files. This is a dirty merge of content and logic but a pragmatic solution to get things done fast for simple sites. No need to learn a template or preprocessing engine.
Poole may be a good choice if you are familiar with Markdown and Python and if you want to build a rather simple site with only a spot of generated content.