@mathmax, Yes, it is a security measure and the best approach is to go through the theme’s templates and add the |raw filter to outputs that can be trusted. Or ask the developer of the theme to make it 1.7 compatible.
See my answer to a similar topic.
Changes in config files should normally trigger a refresh of the cache. If templates change a manual refresh is required.