5.x

The seventeenth maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.

This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:

• SA-CORE-2009-005 Drupal core - Cross site scripting

This release of Fivestar is a bug-fixing release, adding no new features. This release fixes several moderate bugs, including display of Fivestar widgets when used in AJAX situations, such as within AJAX views or with the AJAX QuickTabs. It also fixes a security issue that could possibly allow a malicious user to hijack votes of other users, causing ratings to be skewed to the malicious user's preference.

Upgrading is recommended for all users of Fivestar module. No database updates are required for this release.

Updated with patches for issues #436694: Allows multiple valid tickets per (users, purpose) pair, #436674: Uninstall hook calls loginticket hook unnecessarily,

- Security fix for SQL injection
- added Spanish .po file
- added Aggregator dependency
- bug fix: double create content link (#175240)
- bug fix: Blog It graphics not displaying (#238063)
- bug fix: Used filter_xss() on item titles for Google Reader compatibility (#252667)
- bug fix: RSS Doctype (#240039)
- Missing argument 3 for news_page_link() (#166346)

- fixed bug in view own private number permission

Add support for storing EXIF data in the database to improve scalability.

This release fixes a security vulnerability. Sites are urged to upgrade immediately after reading the security announcement:

• SA-CONTRIB-2009-022 - XSS through EXIF data.