When a new version of Piwik is out, a notification box appears where we used to see the current Piwik version. That small notification box contains the number of the newer version and that of the old (current) version, as well as links for performing the update and for reading the release notes.
When Piwik is running from a page under HTTPS, the redirection fails (I can’t remember the exact message since my SSL’d website is currently up-to-date). I’ve guessed it’s because the current protocol is secured and the target page is “insecure”.
I have checked and the release notes can be viewed just as well with HTTPS. Could you fix this and adapt the URL of the target page to the current protocol? And while you’re at it, why not simply put the target address in the href attribute instead of resorting to a complicated scheme like below?