This is a security bugfix release. Please upgrade!
Changes
* Fixes a RCE vulnerability when importing OPML files containing
script commands. Now script commands from untrusted OPML files are
always dropped.
(reported by Laurence Tennant)
* Fixes a RCE vulnerability in the download manager plugin where
a command could have been injected into file paths.
(reported by Laurence Tennant)