Browse files

Update release notes with changes backported from master

  • Loading branch information...
jonjensen committed Sep 16, 2009
1 parent e108da7 commit 4387b5468090c760b43672d6454d0a1c536fd045
Showing with 48 additions and 0 deletions.
  1. +48 −0 WHATSNEW-5.6
@@ -53,18 +53,48 @@ Core
should review any custom credit card encryption templates to make sure that
the CVV2 is not included, and purge it from any historical data.
+* Fixed rare bug that caused requests to / URL with a query string to fail.
+* Correct .access functionality directly in pages/
+ .access worked in subdirectories like pages/abc/, but didn't work directly
+ under pages/. Instead of looking for pages/.access, it was looking for
+ pages/PAGENAME/.access
+* Fix catalog name not appearing in DebugTemplate output.
+* Fix bug which prevented custom widget type from working. Found by Jeff Boes.
+* Remove CVV2/CSC from default credit card encrypted block template for
+ PCI-DSS compliance.
+* Require Digest::SHA1 module in the sha1 filter.
+* Abort daemon startup when required module is missing and clean up error output.
+* Don't ignore case of passed options to compile_link.
+* Fix problem restarting daemon in PreFork mode.
* Made [email] process cc and bcc options for plain text emails (#250).
+* Updated usps-query tag with country map and latest shipmodes. By Josh Lavin.
+* Fix omission of media type in <link> output. By Thomas J.M. Burton.
* Recognize Opera as DHTML browser. Thanks to Don Hathaway for the patch.
* Fix broken form action quoting. Thanks to Richard Templet <>.
+* Add framekiller for clickjacking defense in template. Probably we are
+ unlikely to have problems in the standard template, but you never know.
@@ -78,6 +108,24 @@ Standard demo
* Fix cross site scripting error found by Josh Lavin of Perusion.
+* Fix default shipmode on admin/entry page.
+* Make forum only available for logged-in users, as spammers are exploiting it
+ constantly.
+* Prevent an incomprehensible error when following an order link that was
+ created on an mv_tmp_session page or other non-connecting session.
+* Avoid possible problem with read-only variable table by using @@MV_PAGE@@
+ instead of @_MV_PAGE_@
+* Removed javascript that submits the form if the user changes his
+ email preferences. By René Hertell.
+* Corrected min/max username length.
+* Correct update of saved company value for shipping address.

0 comments on commit 4387b54

Please sign in to comment.