DirectAdmin 1.34.5 has been released:
http://www.directadmin.com/versions.php?version=1.345000
 
This is mainly bugfix release, which includes some fixes for security issues.
 
The most significant security fix is the addition of the "Referer" check:
http://www.directadmin.com/features.php?id=1050
Note that you will be booted from your DA login after the update and will have to login again (which is normal) such that the "host" value be added to your new session file.
 
The othe security fix was a theoretical mysql issue, but no effective "attack" was able to be duplicated due to multi-layered checks (blocking of some characters), but fixed none the less:
http://www.directadmin.com/features.php?id=1047
 
The rest of the fixes are minor.  Some are for improvements with IPv6 support, others are checks to prevent duplicate dns zones (checks for duplicate: www vs www.domain.com. values)
 
One simple feature was added, giving the admin the ability to skip all imap/Maildir data from being added to backups.
http://www.directadmin.com/features.php?id=1040
 
There are also now no known bugs with regards to the secure_access_group option and the check_subdomain_owner option.
After more testing, they will likely be enabled by default in future releases of DA.