| Date: Wed, 18 Dec 2002 21:20:00 -0000 From: "FDSE Update Notification" <notify@xav.com> X-Abuse-To: abuse@nickname.net Subject: Fluid Dynamics Search Engine update - version 2.0.0.0060 Hello, The Fluid Dynamics Search Engine was updated to version 2.0.0.0060 on December 11, 2002. This new version has been posted on the site for the last week, and there have been no problems reported. There have been dozens of code changes since the last announcement in June. All changes are documented on the "changes" page. Major improvements include: * An XSS security hole has been patched. This hole allowed HTML to be passed to the script and returned without being escaped. To see if your version is vulnerable, visit it using the parameters: search/search.pl?Terms=test&Match="><h1>Fix me</h1> Note that this bug only appears when there are multiple pages of search results. * Added "substring search" feature. Allows keyword "eat" to match "beating" and "neat"; see: http://www.xav.com/scripts/search/help/1172.html * Changed templates to meet US government Section 508 standards on accessibility; see: http://www.xav.com/scripts/search/help/1164.html * Administrator can now display a "most popular searches" list on the output pages. Thanks to Ian Dobson for the code; see: http://www.xav.com/scripts/search/help/1154.html * A new Arabic translation has been contributed. Updates to the German, Italian, Norwegian, and Dutch translations have been contributed. * Fixed several bugs in the code. Added dozens of new help files, and added links to the help files from the error messages and interface pages. The product is available from: http://www.xav.com/scripts/search/ For information on how to upgrade, see: http://www.xav.com/scripts/search/help/1036.html Thanks, Zoltan Milosevic -- To stop receiving email, please visit: http://www.xav.com/notify/?s=genesis&remove=notify@xav.com |