SiteBar

File Release Notes and Changelog

Release Name: 3.3.9

Notes:
This is mainly a security release, please read the change log.

If you are looking for new features, please check the website
http://sitebar.org/downloads.php and try development version,
which is close to release as well.


Changes:
[+] Reduced time for loading of roots - important performance boost on large
    installations.
[+] Add index on nid column on root table for performance.
[-] Wrong detection of comment end in Netscape format caused incomplete load
    of bookmarks (from Firefox).
[-] Fetching time added to the time spent in database for statistics.
[-] Fixed escaping for blogroll format.
[-] Fixed quoting of comments for export to Opera.
[-] Fixed incorrect date and missing TTL in a RSS feed.
[-] Integration problem with IE7 (icons) solved. Credit to jouellet from sf.net!!!
[-] Backend search is now not case sensitive.
[-] Fixed bug with favicon cache management leading to SQL error with
    ambiguous column name in the WHERE clause.

Credit to Tim Brown for security problem report http://www.nth-dimension.org.uk/

[-] Multiple security issues fixed in the translation module which could be 
    exploited by user having admin or translation access to SiteBar. 
    A workaround for version 3.3.8 is to delete the file translator.php, it only
    used for translation of SiteBar strings into other languages.
[-] Multiple cross site scripting issues fixed (CVE-2006-3320 and others).
    You would have to click on a link prepared by malicious user, what could
    let him get control over your session (until it expires).