The most important reason for 2.716 is to follow up my security announcement yesterday with a release that implements the improvement. Now passwords, validation secrets, and the nefarious temporaryCryptedPassword use 128-bit md5 hashes with something close to real entropy (/dev/random bits if you got 'em).

Security-related action to take:

* Install 2.716.
* reset your admin password to ensure it is stored with md5 hash (lest your password file ever get leaked)
* set the temporaryCryptedPassword = 'disabled'; in your CGI stub. This will protect against a brute-force attack if your CGI stub ever leaks. (New installations will be protected by a md5 password; but since your stub already exists, it won't get updated. Besides, now that you're installed, there's no reason to leave that password available anymore.)

Other changes:

Fixes a minor bug affecting the "expert editing" features.

Oh yeah, and in the course of releasing it, I realized that I'd been forgetting the "make manifest" step to include new files. That means that a bunch of features that I've claimed to be rolling in may not have made into previous versions. Well, that would be 2.715, since I haven't done a release for eons anyway. :v) Anyway, now the Russian translation is in the release (not just the CVS tree), as well as all the other po-based translations and 'recentrdf'. Sheesh. I'd apologize for missing this, but then I'm covered by not having actually done any releases. :v)