This patch continues our series of repairs and improvements in several areas, perhaps most notably in the Discussion Services:

Discussions Services:

• Large messages no longer turned into pseudo-attachments (final fix; a partial form is already in place on Tigris)
• Increase default maximum message size limit (to ~10MB)
• Separate “non-logged-in web user” and “non-registered email user” (extensive Discussion configuration changes; see an upcoming post here)
• Provide “allow future posts from this sender” during email-mediated moderation (final fix; temporary fix already in place on Tigris)
• Allow centrally enforcd use of CAPTCHA for anonymous web posts (post about planned Tigris policies upcoming here)
• Enforce security and spam protections on the “other recipients” field of the web-post form (final fix; temporary fix already in place on Tigris)
• Better handling (RFC 2047) of accents and non-English characters in reply-to headers

Subversion:

• Svnsync now does not choke on certain data
• Non-expiring passwords no longer expire anyway

Wiki:

• Security enhancement relating to a guest-access Denial of Service
• Security enhancement to block server-side test

Site:

• Performance enhancements in page loading, particularly for clients with high latency or low bandwidth
• Project News RSS URL backwards-compatibility redirect

Project Pages:

• Now able to invoke a Project Tracker “named saved query”
• Project Pages: Project Tracker “Return to list view” now works
• Now able to use a Project Tracker “saved query” containing an apostrophe

Project Tracker:

• Mixed-field queries with null fields now work
• API: protect against embedded invalid XML data
• API: annotate private (non-accessible to this user) related artifacts
• API: proper pagination of long result lists