Security update

SA-CONTRIB-2009-109 - Printfriendly - Cross Site Scripting

2009-11-18
The following bugs have been fixed since Ubercart 6.x-2.0 (-r 2001..2015), including two security updates outlined in SA-CONTRIB-2009-107:

• #610664 by Island Usurper: fix the country_id column in uc_countries to be an integer without auto_increment.
• #609444 by Island Usurper: Make countries that don't have different names work for USPS again.
• #611044 by Carsten Müller: Avoid conflict with date_order().
• #613498 by Island Usurper: Let product features affect product shippability correctly.
• #622998 by FiNeX: supply a missing t() in an order pane.
• #622998 by FiNeX: supply a missing t() in an order pane (again).
• Updating the version number for the next release.
• #618932 by Island Usurper: Remove predicate locking entirely.
• u#14100 by Lyle: Allow product nodes to have titles with 255 characters.

The following bugs have been fixed, including two security updates outlined in SA-CONTRIB-2009-107.

• 1434 Ryan 2009-10-19
  #551470 by lucyconnuk: fix the month-to-date total in the sales report summary.
• 1435 Ryan 2009-10-20
  #597022 by greg.harvey, longwave, rszrama: remove CC payment details from order edit page if not in debug mode and replace with instructions for submitting credit card payments.
• 1436 Ryan 2009-10-20
  #541652 by lunaris: add CC start date and issue number to the admin CC terminal form if enabled.
• 1437 Ryan 2009-10-20
  #607436 by krlucas: add htmlspecialchars() to Auth.Net XML request formation.
• 1438 Ryan Szrama 2009-11-18
  Update the access and redirect workflow for a couple paths.

SA-CONTRIB-2009-104 Filter output on mapping pages.

SA-CONTRIB-2009-104 Filter output on mapping pages.

SA-CONTRIB-2009-108 - Gallery Assist - Cross Site Scripting