Six Apart announced a new Movable Type version which, according to the press release, it is a mandatory security release recommended for all users and fixes a good number of bugs from version 4.21.
On a side note, you should know that there was no version 4.22, so don't worry that after v4.21 the movable type crew launched v4.23 (it's a long story that is not made public yet).
Looking at the change log, I've noticed that I've dealt with some of the bugs fixed in this new release.
I should express my gratefulness to Six Apart for putting together this improved movable type version.
Are you having your own Movable Type installation? Are you interested for an upgrade? I'm available to upgrade your Movable Type installation to v4.23. Get in touch via the contact page form...
You may like to check the movable type v4.23 change log below.
55719: Selecting for tag in MTEntries loop that doesn't exist on the blog yields an incomplete error
Fixed a bug for the Entries/Assets tags when using the "tags" attribute along with a non-existent tag. This will now no longer result in a template build error (thanks to Jay Allen for reporting the issue).
81318: ID conflict in Community Forum template set config
Fixed a bug in the Community Forum template set for the Category Groups widget.
81430: Template types lost for weblog with Universal Website template set applied after upgrading to MT 4.2
Fixed a bug with the Universal Template set so that template types ("main_index", etc.) are recognized.
81689: Upgrade should map index templates set to not rebuild with indexes to be published "Manually"
Fixed an upgrade issue around index templates that were configured to "not rebuild with indexes" so they are now assigned the "Manual" publishing option.
81755: TrackBack.pm throws errors when no title set on trackback
Fixed a bug affecting the TrackBack listing screen when no title is assigned to one or more TrackBack pings (thanks to Michele Neylon for reporting the issue).
81922: Select 'High Priority Static Publishing' does generate error.
Fixed a bug affecting selection of the "High Priority Static Publishing" publishing profile.
82155: 'Removing unused template maps' step is very slow for large upgrades
Optimized the upgrade process for the "Removing unused template maps" upgrade step.
81407: MT 4.2 - > widget sets not cloning when you clone a blog
Fixed a bug that prevented the cloning of Widget Sets when a blog is cloned (thanks to Alex Cacciamani for reporting the issue).
80799: Blogs disappear when choosing new layout while using fastcgi
Fixed a bug affecting system functionality when applying a new theme using StyleCatcher and running in a persistent environment.
80975: Unable to delete all categories and subcategories at once
Fixed a bug that prevented the deletion of categories when they had subcategories assigned to them.
81050: Feedback: (FireFox3) URL is rewritten when switching editor mode on create entry screen
Fixed a bug under Firefox 3 that caused relative URLs to be rewritten as full URLs when switching between the text editor and the richtext editor and then back again.
81066: setvar attribute fails under SetHashVar
Added support for assigning hash variable elements using the 'setvar' attribute (thanks to Jay Allen for the suggestion).
81071: Publish archives setting error goes to General Settings
Fixed a bug that redirected a user to the "General" blog settings screen when getting an error while trying to save blog publishing settings.
81417: Debugging code in StyleCatcher plugin causes 502 error when applying a theme (IIS)
Removed some debug logging code from StyleCatcher that was causing an error under Windows/IIS when applying a new theme.
81361: Can't delete (or otherwise act on) templates from the global search screen
Fixed a bug preventing template actions from working for the global template listing screen (thanks to Jay Allen for reporting the issue supplying a patch).
81403: Not execute rebuild_options code
Fixed a bug affecting the operation of custom site rebuild options.
79723: Error Message Buttons Can Lead Users In Unproductive Circles
Fixed various issues for the buttons displayed on the error messaging shown when saving and publishing an index/archive template.
80788: link error displays in a pop-up window
Fixed a bug on Windows that caused links to the popup window for an uploaded image to use '\' characters instead of '/'.
81077: Create Entry by XML-RPC to Community Template blog which have Date CF generate error
Fixed a bug that prevented the assignment of custom date and date-time fields via XMLRPC.
81153: "Go Back" From Error Publishing Entry Does Not Return to Edit Entry Screen
Fixed various issues for the "Go Back" button on the error message shown when publishing an entry or page.
81241: Cannot Select '0' (Zero) or Blank Option in Custom Field Drop Down Menu
Fixed a bug that prevented the user from choosing a '0' or blank option for a drop-down-menu custom field.
82162: MTAuthorBasename tag not implemented for dynamic publishing
Added support for the MTAuthorBasename tag to the dynamic publishing engine.
82172: Page saved with no title cannot be accessed from the page listing screen
Fixed a bug that prevented pages without titles from being editable on the page listing screen (thanks to Jay Allen for reporting the issue and supplying a patch).
81846: Template list filters are hardcoded in MT 4.2
Fixed a bug that prevented plugin-supplied listing filters from working on the template listing screen.
81896: L10N: Publish archives setting error
Fixed a JavaScript bug that occurred when checking the "Publish archives outside of Site Root" and attempting to save with an empty archive site root or archive site URL field.
81588: MTDate requires blog_id in context and produces Perl error if none is provided
Fixed a bug affecting the MTDate tag when used without a blog context (thanks to Brian M. Petersen for reporting the issue and supplying a patch).
81928: Empty Widget Sets output content from previously created widget set
Fixed an issue with Widget Sets when saving a widget set without any widgets in it.
82050: "Entries with comments in the last 7 days" quick filter list entries from last 10 days instead of last 7 days
Fixed a bug with the entry listing filter "Entries with comments in the last 7 days" (it was displaying 10 days worth).
82146: Feed of the tag search doesn't work without specifying blog_id
Fixed a bug that prevented a tag search feed from working without a "blog_id" parameter.
81834: MT::WeblogPublisher::rebuild_indexes does not correctly ascertain blog from passed template
Fixed an API bug in MT::WeblogPublisher's "rebuild_indexes" method so that it derives the blog in context based on the supplied template, when invoked with a specific template to rebuild but without a blog parameter.
81073: L10N: Logs need to be translated, which are logged when creating professional website
Improved Japanese localization for the Professional Website template set.
78989: 'Close' button should be removed from the error screen
When the MT error screen is displayed in a full browser window, the "Close" button is now suppressed.
82544: Disallow angle brackets for key user fields
Username, display name, email address and URL profile fields no longer permit use of angle brackets.
82723: remove_html can be tricked using CDATA blocks
Improved handling of remove_html with multiple CDATA blocks.
82474: [XSS] Profile View template does not escape user's display name
SECURITY: Added escape="html" modifier to templates in Community.pack and Movable Type default templates to escape the name of authors and commenters properly. Note that the change requires refreshing of these templates. If the templates are modified and cannot be refreshed easily, you can add escape="html" to all of the occurances of MTEntryAuthorUsername, MTAuthorDisplayName, MTEntryAuthorDisplayName and MTCommenterName in the publicly facing templates.
82498: Category groups template is not found
Fixed a bug that was occurring when a template set re-uses template identifiers but with varying types (widget/category_groups and widgetset/category_groups, for instance).
82499: [XSS] User archive name on published Community Blog template
Fixed HTML encoding of archive titles when markup exists in category/folder labels and author display names.
81291: [XSS report] more places to escape?
Improved handling of HTML markup in the CMS app for several listing and edit screens.
81529: Textarea custom field for User objects causes error
Fixed a bug regarding the use of multi-line custom fields that display on a user's profile edit screen.
81574: Author archive path does not respect archive mapping or dirify
Fixed a bug affecting author archives that publish using the author basename and "-" characters instead of "_".
81579: contributors can publish entries through the 'manage entries' interface
Fixed a permissions bug where a user with "create post" permission and no "publish post" permission could still publish posts from a system-wide entry listing screen.
81666: Author archive republishing is endlessly looping when there a disabled author has an author archive
Fixed a bug that caused author archives to loop repeatedly when publishing them when there are one or more disabled authors associated with the blog.
81697: Oracle DBI deaths
Fixed an issue with the Oracle database driver to prevent issuing queries that exceed the maximum number of items permitted in an "IN" clause.
81797: MSSQLServer too slow because of the frequent calls to DBI::ping
Improved overall performance for the Microsoft SQL Server database driver.
81943: Actions without event description in profile actions listing screen
Fixed a bug affecting Action Stream events when using Memcached.
82007: MTArchiveList tag displays an author archive link for every entry instead of just one link (MS-SQL Server and Oracle)
Fixed a bug affecting MS SQL Server and Oracle and the functionality of the MTArchiveList tag and author archives.
81918: MT4.2 profile template renders differently when accessed via mod_rewrite URL (MVN)
Fixed an issue with recognizing a user viewing their own profile when the profile is accessed by username instead of user ID.
82201: Cannot save custom field data
Fixed a bug affecting editing custom fields on a user's profile page.
82290: Restore fails if the name of the user who did backup contains "<"
Fixed a bug with restoring a blog where author(s) name contains a '<' character.
81939: favorites appear on unpublished entries
Fixed an issue where an entry that has been "favorited" by a user still appear on their profile even after unpublishing the entry.
81858: [XSS] TrackBack title and other input may bypass sanitization
Improved filtering support for our HTML sanitization library.
81861: Unable to attach profile image to user who have Contributor permission
Fixed a bug preventing a user with a limited "contributor" role from uploading a userpic to their profile.
81800: file_ext does not work in MTEntryAssets
Fixed a bug affecting the "file_ext" attribute of the MTEntryAssets tag.
81806: 'Format' attribute broken on 'Date' custom fields
Added support for a 'format' attribute for date/time custom field tags.
81788: Upload of the file of the same name will overwrite a thumbnail
Fixed an filename conflict issue where two users could upload an thumbnail image with the same filename.
81790: Contents of Custom Fields are not saved when an entry is previewed
Fixed a bug that prevented the saving of custom field data after previewing an entry/page.
81677: Sign In module in Global Templates has wrong js call
Fixed a JavaScript bug in the "Sign In" widget for the Community Blog template set.
81617: asset metadata error on upgrade to mt4.21
Fixed a bug affecting the upgrade of asset metadata with Microsoft SQL Server.
81624: MT:Actions not pulling the latest entries
Fixed an issue with ordering of items on a user's profile view, so that all entries are listed by their authored-on date, rather than their creation date.
81658: Upgrade script (4.21) runs out of memory with large # of entries in mt_permission
Improved performance and resource utilization of the upgrade process when using the command-line "upgrade" script.
Posted by Mihai Bocsaru on December 04, 2008
Permalink | Comments (0)