Fixes XSS attack mentioned in bug #103308, along with 5 (!) other security problems.  
Should just be a version bump.  
  
Full Changelog:  
  
2005.12.13  -  1.0.0rc4  
  
- 0006421: [security] Private bugs show up in public RSS feed (vboctor)  
- 0006458: [security] Port #6457: SQL Injection in manage user page (TKADV2005-11-002)  
(vboctor)  
- 0006461: [security] Port #6460: HTTP Header CRLF Injection (TKADV2005-11-002)  
(vboctor)  
- 0006485: [security] XSS Vulnerability in filters (TKADV2005-11-002) (thraxisp)  
- 0006489: [security] Port Injection Vulnerabilities in Filters (TKADV2005-11-002) (thraxisp)  
- 0006492: [security] Port #6453: Make note private has no effect when resolving bug  
(thraxisp)  
- 0006432: [bugtracker] error processing does not work! (jlatour)  
- 0006379: [filters] Filter returns private issues when it should not (thraxisp)  
- 0006254: [localization] strings_korean_utf8.txt has UTF-8 byte-order marker (ryandesign)  
- 0006268: [localization] strings_chinese_simplified_utf8.txt has UTF-8 byte-order marker  
(ryandesign)  
- 0006304: [localization] [PATCH] Major overhaul of strings_dutch.txt (jlatour)  
- 0006358: [localization] Updated Dutch localization (Wanderer)  
- 0006474: [localization] Calls to htmlspecialchars should take into account the current  
charset  
(jlatour)  

Reproducible: Always
Steps to Reproduce:
1.
2.
3.