[Interchange-announce] Interchange 5.4.2 released
jon at endpoint.com
Tue Feb 6 23:51:16 EST 2007
The Interchange Development Group is pleased to announce the release of
Interchange 5.4.2, the latest production-ready version of our web
application server. This is a maintenance release and upgrading from
versions 5.4.0 or 5.4.1 should present no compatibility problems.
The main changes are:
* Fixed a DoS exploit caused by carefully crafted HTTP POST requests.
* Worked around apparent Perl bug that allowed code called by
DispatchRoutines to overwrite the routines arrays themselves.
* Fixed [sql-quote] sub-tag of the [query] tag, which didn't work for
multi-line column data.
* Fixed masking of unencrypted credit card numbers to work with a custom
MV_CREDIT_CARD_INFO_TEMPLATE that does not match the regexp. Also fixed
the regexp so it removes the CVV2 value from the unencrypted data.
* Fixed shipping problem with the temporary mv_shipping cart, which could
cause trouble in cart recalculations.
* Made get_option_hash return a copy when passed a reference.
* Don't run check_sub on POSTAUTH for Linkpoint.
* Made &and and &or profile commands work when alone on a line between two
* Increased XHTML compatibility and fixed some CSS.
* Various admin, Standard demo, and Debian package fixes.
The software and a more detailed change log are available here:
Detached PGP signatures of the packages (signed by my key, ID DCCAC084)
are in the download directory. Cryptographic hashes for
Further information and links to documentation and the user discussion
mailing list are at:
Interchange Development Group
PGP key: http://ftp.icdevgroup.org/keys/jon-jensen-dccac084.txt
More information about the interchange-announce