SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for mediawiki-1.25.2-2.fc23.noarch.rpm :
Wed Aug 19 14:00:00 2015 Michael Cronenworth - 1.25.2-2
- Rename shared library directories to not confict with old bundled names

Tue Aug 18 14:00:00 2015 Michael Cronenworth - 1.25.2-1
- Update to 1.25.2
- https://www.mediawiki.org/wiki/Release_notes/1.25#MediaWiki_1.25.2

Wed Jun 24 14:00:00 2015 Michael Cronenworth - 1.25.1-3
- Temp workaround for RHBZ#1230630
- Enable tests

Wed Jun 17 14:00:00 2015 Fedora Release Engineering - 1.25.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild

Tue May 26 14:00:00 2015 Michael Cronenworth - 1.25.1-1
- Update to 1.25.1
- http://www.mediawiki.org/wiki/MediaWiki_1.25

Thu May 21 14:00:00 2015 Michael Cronenworth - 1.24.2-2
- Less restrictive requires on webserver and php engine (rhbz#1223712)

Wed Apr 1 14:00:00 2015 Michael Cronenworth - 1.24.2-1
- Update to 1.24.2
- (bug T85848, bug T71210) SECURITY: Don\'t parse XMP blocks that contain XML entities, to prevent various DoS attacks.
- (bug T85848) SECURITY: Don\'t allow directly calling Xml::isWellFormed, to reduce likelihood of DoS.
- (bug T88310) SECURITY: Always expand xml entities when checking SVG\'s.
- (bug T73394) SECURITY: Escape > in Html::expandAttributes to prevent XSS.
- (bug T85855) SECURITY: Don\'t execute another user\'s CSS or JS on preview.
- (bug T64685) SECURITY: Allow setting maximal password length to prevent DoS when using PBKDF2.
- (bug T85349, bug T85850, bug T86711) SECURITY: Multiple issues fixed in SVG filtering to prevent XSS and protect viewer\'s privacy.
- Fix case of SpecialAllPages/SpecialAllMessages in SpecialPageFactory to fix loading these special pages when $wgAutoloadAttemptLowercase is false.
- (bug T70087) Fix Special:ActiveUsers page for installations using PostgreSQL.
- (bug T76254) Fix deleting of pages with PostgreSQL. Requires a schema change and running update.php to fix.

Thu Dec 18 13:00:00 2014 Michael Cronenworth - 1.24.1-1
- Update to 1.24.1
- (bug T76686) [SECURITY] thumb.php outputs wikitext message as raw HTML, which could lead to xss. Permission to edit MediaWiki namespace is required to exploit this.
- (bug T77028) [SECURITY] Malicious site can bypass CORS restrictions in $wgCrossSiteAJAXdomains in API calls if it only included an allowed domain as part of its name.
- (bug T74222) The original patch for T74222 was reverted as unnecessary.
- Fixed a couple of entries in RELEASE-NOTES-1.24.
- (bug T76168) OutputPage: Add accessors for some protected properties.
- (bug T74834) Make 1.24 branch directly installable under PostgreSQL.

Fri Nov 28 13:00:00 2014 Michael Cronenworth - 1.24.0-1
- Update to 1.24.0
- Release notes: http://www.mediawiki.org/wiki/Release_notes/1.24

Mon Nov 3 13:00:00 2014 Michael Cronenworth - 1.23.6-1
- Update to 1.23.6
- (bug 67440) Allow classes to be registered properly from installer
- (bug 72274) Job queue not running (HTTP 411) due to missing Content-Length: header

Thu Oct 2 14:00:00 2014 Michael Cronenworth - 1.23.5-1
- Update to 1.23.5
- CVE-2014-7295 (bug 70672) SECURITY: OutputPage: Remove separation of css and js module
allowance.

Fri Sep 26 14:00:00 2014 Michael Cronenworth - 1.23.4-1
- Update to 1.23.4
- (bug 69008) SECURITY: Enhance CSS filtering in SVG files. Filter