Changes since Rhino 1.6R5
=========================
- Added org.mozilla.javascript.PolicySecurityController as a concrete 
  implementation of an org.mozilla.javascript.SecurityController and the 
  preferred way of integrating with Java security architecture.
- When no security controller is in use, generated classes and scripts run in
  the ProtectionDomain of Rhino classes.
- Wrapped access to system properties and creation of class loaders into
  AccessController.doPrivileged() to nicely play in secured environments.
- Added implementation of __defineGetter__ and __defineSetter__ to match
  SpiderMonkey. __lookupGetter__ and __lookupSetter__ are not
  implemented, nor are the JS get and set keywords.  Also see #224334.
- E4X can now be used without Apache XMLBeans, as long as DOM Level 3 is
  available.  DOM Level 3 is bundled with JDK 1.5 and can be added to JDK
  1.4.  See #355677.
- Fixed #318305: ScriptOrFnNode class reports bad end line number
- Fixed #352319: Rhino threw a ClassCastException when a continuation captured
  from a catch() block was restarted.
- Fixed #340561: <Function>.prototype should not be DontEnum
- Fixed #342807: Could set line number/source file in thrown JavaScript Error
- Fixed #350580: importPackage Ambiguous import error fix
- Fixed #351664: Rethrown JavaScriptException's toString() returns 
  "[object Error]"
- Fixed #353300: Rhino now implements the ECMA-262 mandatory 
  String.localeCompare
- Fixed #353002: Outdated Information on BSF, Update Requested, Text Suggestion
  Enclosed
- Fixed #358058:  JavaScript debugger's text source editor allows tab key 
  presses
- Fixed #359411: LazilyLoadedCtor is not serializable
- Fixed #360568: Make swing debugger easier to subclass and extend
- Fixed #361574: Typo in Parser.java
- Fixed #361616: toLocaleUpperCase/toLocaleLowerCase is not supported