Appears that a new version (up from 1.2.1d) which is 1.3:
From their changelog file
Code:
Greymatter 1.3
changelog
1) security-related fixes
* Rebuilding Files no longer exposes author username and password
+ uses a token file written to disk which is cleaned up at the end of the rebuild
+ passes a reference to that token instead
+ this keeps author usernames/password out of server and proxy logs, and out
of browser history.
+ knowledge of the token will not grant access since it expires.
* &gm_phphackcheck improved in several ways
+ now catches all PHP alternative delimiter styles: <?php ?> <? ?>
<% %> and <script language="php"> </script>
+ catches other forms of comment XSS attacks as well
+ now logs to control panel log--with a config setting to
disable this logging (gm-phphacklog.cgi file now obsolete)
+ now emails the comment email recipient list with a hack attempt
notice-- with a config setting to disable this behavior
+ some variable renaming bugs were cleaned up from patch to 1.21d
+ &gm_phphackcheck is now called much earlier in the script
* tag removal from comments made significantly more robust
+ now catches any tags containing spaces (and attributes) previously
+ still can't really catch nested tags cleanly, however,
<script></script> is now intercepted by &gm_phphacklog
* &gm_searchresults now improved for XSS issues
+ now converts < and > to entites before printing the search string
+ search string is still passed to the regex unmodified
* passwords are stored in an encrypted form in gm-authors.cgi
+ for compatibility and upgrade purposes, plaintext passwords are still
supported, which allows for a "password reset" by modifying gm-authors.cgi
* search function input is examined before passing to the search code
+ solves issues with special characters causing the search function to crash
2) feature improvements
* upgrade routine improved
+ removed "cannot determine version setup" issues
+ upgrade recognizes recent versions, including the versions with
encrypted passwords
* included emoticons (smilie hack)
+ includes clickable smilies on "add an entry" page
+ includes clickable smilies on comment page
+ emoticons can be disabled on a per-entry basis
* added emoticons path to configuration
+ allows use of {{emoticonspath}} in templates
* changed number of entries being rebuilt from 20 to 10
+ reduces load while rebuilding
* &gm_saveconfigurationdr added to have gm save the config when going to the D&R screen
+ removes the step of having to save the config and then go back to run the D&R
* added music input for entries
+ allows use of {{entrymusic}} variable in entry related templates
+ {{smartentrymusic}} template allows you to repurpose the field for
something else, and that label that won't display if the music field
is left blank on that entry
* added mood input for entries
+ allows use of {{entrymood}} variable in entry related templates
+ {{smartentrymood}} template allows you to repurpose the field for
something else, and that label that won't display if the music field
is left blank on that entry
* new {{smartentrymusic}} and {{smartentrymood}} templates
+ allow you to define your own label for the entry music and mood fields
+ will not display the label if the fields are blank for an entry
* new CSS-based default template set
+ radically improves the look of a fresh install
+ easier to modify since the stylesheet rules are in the header template
+ uses most of the new template variables and new templates
* new Date Grouping Footer template
+ allows you to use the Date Grouping Header template to open a <div> or other
element, which you can close in the Date Grouping Footer template, allowing
significantly improved grouping of entries by date
+ the corresponding template also appears in archive pages as well
* new miscellaneous templates: Smartlink Target Template and Comment Smartlink Target Template
+ allow you to specify a target frame for the {{*smartlink}} variables, specifically
allows using target="_blank" to make commenters' homepage links target a new window
3) bug fixes
* changed ambiguous wording in gm menu
* added 00000000.cgi bugfix (http://www.greymatterforums.com/viewtopic.php?t=5053)
* added fix for square brackets and various other metacharacters in subject lines.
(http://www.greymatterforums.com/viewtopic.php?t=5368)
* comment preview code edited to allow use of image buttons in {{entrycommentsform}}
template (http://www.greymatterforums.com/viewtopic.php?t=4185)
* allow non-integer server time offset value.
* added the {{logentrylist commentsnumber}} fix (bugfix and performance)
(http://www.greymatterforums.com/viewtopic.php?t=5797)
* fixed 1.21c bug that affected editing authors passwords
Linear Mode
