Fix #6986 several security issues. CVE-2012-3442: Cross-site scripting in authentication views CVE-2012-3443: Denial-of-service in image validation CVE-2012-3444: Denial-of-service via get_image_dimensions()