Movable Type 6.0.3, 5.2.10 and 5.17 release notes
This version of Movable Type was released April 19, 2014.
The following information concerns Movable Type 6.0.3, 5.2.10 and 5.17.
Cross site scripting (XSS) was possible due to improper escaping of certain entry editing screen fields and comment input fields.
After previewing an entry or page that contains image custom fields and then returning to edit the entry or page, the image data becomes corrupted. A patch for this issue was subsequently released May 8, 2014. Please download the version that corresponds to your version of Movable Type:
Install the patch by extracting the archive contents on top of the Movable Type installation folder, resulting in
addons/Commercial.pack/lib/CustomFields/Util.pm getting replaced with the patched version.
Note this issue only affects Movable Type versions 6.0.3, 5.2.10 and 5.17. It does not affect versions 6.0.2, 5.2.9, 5.16 and prior versions.
The following only affects Movable Type 6.0.3.
New configuration directive
It is now possible to set the database driver buffer size. Please see the DBBlobMaxLen](/documentation/appendices/config-directives/dbblobmaxlen.html) configuration directive document for more information. (#111362
Data was not being displayed properly on the Site Stats widget graph. (#111364)
Entries and pages
If the PreviewInNewWindow configuration directive was enabled, the preview temporary file would not be automatically deleted after an entry or page was saved. (#111444)
The process number limit set with RPTProcessCap was not always respected by the run-periodic-tasks command line utility. (#111271)
The error “Cannot find column ‘blogs’ for class ‘MT::Blog’” would appear upon browsing to the Dashboard page in certain situations. (#111419)
Some Japanese text was revised. (#111576)
Limitations and known issues
There are several known issues and restrictions with Movable Type 6. For more information, please see Movable Type 6 Installation Notes.
All bugs are documented through an external site. A FogBugz account is required in order to view case details.