• [Feature] Let the user choose how to update modified files (merging, using new file or using old file) within automatic updater
• [Feature] Allow "older" updates applied with the automatic updater. This allows people using it for updating, say, from 3.0.0 to 3.0.1 (with the correct package of course) and then from 3.0.1 to 3.0.2 if the latest version at this time is 3.0.2. These changes take effect beginning with RC4 or people replacing install/install_update.php manually prior doing the updates.
• [Feature] Ability to disable birthdays completely with new board features setting
• [Feature] Ability to externally set $phpbb_root_path if wrapping phpBB3 by defining constant PHPBB_ROOT_PATH
• [Change] Add version number to ACP index (Bug #13703)
• [Change] Improved utf8_clean_string with a more complete list of homographs and NFKC normalization
• [Change] Re-implemented All Yes/No/Never links in permission panels for easier changing all categories at once
• [Change] Advanced permission link now "marked" if no role is assigned and custom permissions set. With this an admin can instantly see if the object is not set at all or having custom permissions, something you only saw if advanced permissions were viewed before.
• [Fix] Enforce the max password length for automatically generated password created by the password sender (Bug #13181)
• [Fix] Correctly destroy sql cache for some query combinations (Bug #13237)
• [Fix] Allow link forums being password protected (Bug #12967)
• [Fix] Correctly hide post/reply buttons if permissions are not given (related to Bug #12809)
• [Fix] Remove orphan/wrong permission entries for non-existent forums - self-repairing permissions if conversions went "crazy"
• [Fix] Increased the number of style objects (styles, templates, themes and imagesets) possible from 127 to 65535 for MySQL (Bug #13179)
• [Fix] Correctly convert 2.0 website profile fields. (Bug #13379)
• [Fix] Correctly mark forums read if using cookie based topic tracking (Bug #13245)
• [Fix] Only show moderator log entries for forums the user is having moderation rights in (Bug #12481)
• [Fix] Fixed bug in realpath replacement letting it actually work again
• [Fix] Use global url validation for img bbcode tag (Bug #11935)
• [Fix] Added proper unicode support to style names (Bug #12165)
• [Fix] Missing localisation for an imageset no longer triggers a lot of "imageset refreshed" log messages (Bug #12027)
• [Fix] Allow manual specification of remote avatar dimensions if getimagesize is disabled (Bug #13531)
• [Fix] Send out activation email if admin activation is enabled and user activated through inactive users panel upon registration (Bug #12065)
• [Fix] Several fixes for custom profile fields on multi-lingual boards (Bugs #13763, #13527, #13525, #11515)
• [Fix] Cron now uses a locking variable to make sure it does not spawn too many webserver processes (Bug #12741)
• [Fix] Cached stylesheet now supporting gzip compression
• [Fix] Fixing session problems when using MySQL strict mode in conjunction with very long browser agent string (Bug #13827)
• [Fix] Allow moving private messages from the sentbox (Bug #13791)

EA SHIFTS GEARS WITH NEED FOR SPEED PROSTREET

EA announced today that Need for Speed™ ProStreet is being developed by EA Black Box in Vancouver, B.C., and is to ship this autumn. This is a ground-breaking Need for Speed experience where you're thrust to compete head to head against the best street racers in a multitude of racing showdowns.

Those visiting the hijacked pages risk having keylogging software installed on their PC if it is not protected with the latest patches.

The webpages compromised are all legitimate sites devoted to subjects such as tax, jobs, tourism and cars.

The sites are thought to have been booby-trapped using a malware kit, called MPack, sold commercially online.

Hacked host

The MPack kit was first discovered by Panda Software in May 2007 and is now implicated in infections on more than 160,000 computers.

The kit, put together by Russian hackers, can be bought for $1,000 (£503) and the price includes a year of technical support.

Using the kit, budding hi-tech criminals can churn out code that exploits the latest vulnerabilities in widely used web browsers that work on Windows.

The latest round of infections using MPack is thought to be one of the most successful.

It is believed to have started when malicious hackers got access to one of Italy's largest website hosting companies and seeded servers with the code that attacks anyone visiting those sites.

Security experts say the attack code is "browser aware" and will tune its attack depending on the web browsing software used by a visitor. Attack code is present for Internet Explorer, Firefox and Opera.

Following the initial outbreak in Italy, booby-trapped sites are now turning up in Spain, the US and many other nations.

The new outbreaks come about as the attack code is inserted on more and more legitimate websites.

Hundreds of thousands of users are thought to have been caught out by the infection.

Many anti-virus companies have already updated their security software to defend against the attacks used in this outbreak.