Hi, We have released 0.43.0.
This includes security fixes and the changes mentioned below NOTE: If you have a blog site derived from the skel/blog then replace the archives.tpl file in your site with the one provided in priv/skel/blog/archives.tpl This also fixes a reflected XSS problem in the admin. We request people to update their 0.x installation to 0.43 to mitigate this problem. Main changes are: * Allowed uploadable files in mod_acl_user_groups are now configurable * Security fixes for reflected XSS in the admin and skel/blog/archives.tpl * Hardened HTTP headers for securing Zotonic sessions and requests * mod_twitter now uses polling for fetching tweets, stopped using deprecated streaming API ## Compatibility If you include a page of your site inside a frame on another site, then set the ``allow_frame`` option on the affected dispatch rule. Regards from the Zotonic core team, Marc Worrell -- --- You received this message because you are subscribed to the Google Groups "Zotonic developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
