Version 2.65 Released

By Ben Trott

A security issue has been found in Movable Type's XML-RPC server. We suggest that all users of Movable Type upgrade their installations to fix this issue.

We have released a new version of Movable Type, version 2.65, to fix this problem. Version 2.65 also includes the mt-send-entry.cgi fix released about 1 month ago.

In addition, version 2.65 includes an Atom syndication template in the default templates, along with an auto-discovery tag in the main index template. It also includes a couple of new tags used for the Atom feeds. If you're upgrading, you can get the syndication template from the default template list.

You can download the 2.65 upgrade from the download page and follow the standard upgrade instructions.

If you'd rather just fix the XML-RPC security issue, you can just replace lib/MT/XMLRPCServer.pm on your server with the new version of XMLRPCServer.pm (this is a ZIP file--extract it and upload the version of XMLRPCServer.pm within to your server in ASCII mode).