I am pleased to announce that DotNetNuke 5.6.1 is officially released.  This release resolves a number of outstanding issues with the 5.6.0 version and adds a few new significant enhancements including:

• Razor Scripts – 5.6.1 includes the new RazorHost module which allows you to use Razor scripts in your DotNetNuke installation.  For an example of what can be accomplished, checkout the recent entries in the Razor Hackathon.
• Child Portal Aliases – In the past you were forced to designate a portal as either a child portal or parent portal at the time the portal was created.  In 5.6.1, you will be able to add Child Portal Aliases at any time, to any existing portal.
• Improved Portal Alias Handling – In the past, it was possible to create multiple Portal Aliases for your site.  This has always caused potential SEO issues.  In 5.6.1 we have taken portal aliases one step further.  You will now be able to designate a single portal alias as the default alias.  The administrator can specify special handling for the portal aliases including the ability to use the default portal alias as the base domain for the “canonical url”.  Alternatively, the administrator can choose to use a 301 redirect so that all portal aliases will be redirected to the default portal alias.

During the 5.6.1 development cycle our security team received a few reports of security issues that affected previous versions of the platform.  Based on these reports we did further testing on the platform and identified additional areas that we felt warranted additional hardening as a preventative measure.  Because of the number and seriousness of the issues identified, and the additional hardening work done to the platform, we recommend that everyone upgrade to the 5.6.1 version to ensure your sites remain secure.

In addition to these great enhancements we resolved a number of significant issues as noted below.

Major Highlights

• Fixed issue to remove preCondition checks when upgrading to .Net 4.0
• Fixed issue where some valid domains were failing email validation checks.
• Fixed issue where editing Host menu page settings assigns the page to a Portal.
• Fixed issue which caused XHTML validation problems in 5.6.0
• Fixed issue where an aspx page in any subfolder was inaccessible.
• Fixed issue where Config.Touch method signature had an unintentional breaking change in 5.6.0
• Fixed issue which caused error on adding new super user account
• Fixed issue where Google Analytics was broken during upgrade to 5.6.0
• Re-Added Checkbox to Profile Property Types 

Security Fixes

• Edit Level Users have Admin rights to modules 
• Unauthenticated user can install/uninstall modules 
• Failure to filter viewstate exception details can lead to reflective xss issue
• Remove OS identification code 
• Add additional checks to core input filter
• Change localized text to stop user enumeration 
• Ensure that profile properties are correctly filtered

Updated Modules/Providers

The following modules and providers have been updated in the 5.6.1 packages.  Please see the specific project pages for notes on what bugs or enhancements were corrected with each release.

Modules

• Newsfeeds Module 04.01.00

You can find out more information about all of the issues fixed in this release on the changelog.