Log Message:
Update to 1.2.8:

This is a bugfix release for 1.2 and it is compatible with the
other 1.2 versions. The main reason for this release was an important
security fix. This issue was filed as CVE-2007-5742, it did allow
others to view the content of files on the remote computer. We did
now fix this problem by removing the option to use ../ in paths.

Another problem could arise with the preference option "turn_cmd".
Due to this problem the computer could either be stalled by a faulty
add-on or *maybe* (we found no way to do so) some other application
could be started. This option has now been removed since it probably
wasn't used anyway.

Beside those important changes only small things were changed. For
all the other changes (really not much), have a look at the changelog.

Since those are rather serious issues we do advise everybody using
the 1.2.x stable series to upgrade to 1.2.8 as soon as possible.
All saves and the existing content should still work after this
upgrade. In general be careful in regards to add-ons you use, there
might be some bad ones available even on the official add-on server
because the content available there is usually not checked.