Version 3.17 of Movable Type
Release Notes: A problem where installations at the root of a domain would continually log the user out has been fixed. A bug in nofollow that caused HTML sanitization of everything within an <MTPings> block has been fixed. A bug in mt-db2sql.cgi that caused it to fail in certain situations when subcategories are in use before conversion has been fixed. URL encoding of uploaded file paths (e.g. images%2fbeach-pic.jpeg) has been fixed.
Other releases
Release Notes: This version provides a vastly improved installation and upgrade system and allows users to have unlimited blogs (licensing restriction change). Improved comment management and trackback management were implemented, and SpamLookup is now included as part of the default install.
Release Notes: A problem where installations at the root of a domain would continually log the user out has been fixed. A bug in nofollow that caused HTML sanitization of everything within an <MTPings> block has been fixed. A bug in mt-db2sql.cgi that caused it to fail in certain situations when subcategories are in use before conversion has been fixed. URL encoding of uploaded file paths (e.g. images%2fbeach-pic.jpeg) has been fixed.
Release Notes: Several important improvements were made with regards to application authentication and security. Various bugs relating to notifications were fixed. Error checking was improved, and authors can no longer delete their own accounts, which could result in disabled installations. Various user interface issues were fixed.
Release Notes: An exploit that allowed an attacker to send mail to an arbitrary address is now prevented. Any email addresses that contain newline characters are now disallowed. MT::Mail now converts newlines in mail headers to simple spaces.
