[ic] Interchange 5.4.2 released
Jon Jensen
jon at endpoint.com
Tue Feb 6 23:51:16 EST 2007
The Interchange Development Group is pleased to announce the release of
Interchange 5.4.2, the latest production-ready version of our web
application server. This is a maintenance release and upgrading from
versions 5.4.0 or 5.4.1 should present no compatibility problems.
The main changes are:
* Fixed a DoS exploit caused by carefully crafted HTTP POST requests.
* Worked around apparent Perl bug that allowed code called by
DispatchRoutines to overwrite the routines arrays themselves.
* Fixed [sql-quote] sub-tag of the [query] tag, which didn't work for
multi-line column data.
* Fixed masking of unencrypted credit card numbers to work with a custom
MV_CREDIT_CARD_INFO_TEMPLATE that does not match the regexp. Also fixed
the regexp so it removes the CVV2 value from the unencrypted data.
* Fixed shipping problem with the temporary mv_shipping cart, which could
cause trouble in cart recalculations.
* Made get_option_hash return a copy when passed a reference.
* Don't run check_sub on POSTAUTH for Linkpoint.
* Made &and and &or profile commands work when alone on a line between two
profile checks.
* Increased XHTML compatibility and fixed some CSS.
* Various admin, Standard demo, and Debian package fixes.
The software and a more detailed change log are available here:
http://ftp.icdevgroup.org/interchange/5.4/
Detached PGP signatures of the packages (signed by my key, ID DCCAC084)
are in the download directory. Cryptographic hashes for
interchange-5.4.2.tar.gz are:
MD5: 15e706c472ce7bae28e85e61291d4a46
SHA1: 7bded027ad7720059e26b6dd5e1d513108d92663
Further information and links to documentation and the user discussion
mailing list are at:
http://www.icdevgroup.org/
Jon Jensen
Interchange Development Group
PGP key: http://ftp.icdevgroup.org/keys/jon-jensen-dccac084.txt
More information about the interchange-users
mailing list