brion at pobox
Jul 8, 2006, 11:08 PM
Post #1 of 1
(1513 views)
Permalink
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
MediaWiki 1.6.8 is a security and bugfix maintenance release of the
Spring 2006 snapshot:
A potential HTML/JavaScript-injection vulnerability in a debugging script
has been fixed. Only versions and configurations of PHP vulnerable to the
$GLOBALS overwrite vulnerability are affected.
As a workaround for existing installs, profileinfo.php may simply be deleted
if it's not being used.
* (bug 5957) Updates to Hebrew translation (he)
* Respect language directionality when displaying arrow in Special:Brokenredirects
* (bug 6415) Typo in Parser.php
* Fixed potential XSS in profileinfo.php
Full release notes:
http://svn.wikimedia.org/viewvc/mediawiki/tags/REL1_6_8/phase3/RELEASE-NOTES
http://svn.wikimedia.org/viewvc/mediawiki/tags/REL1_6_8/phase3/HISTORY
Download:
http://prdownloads.sourceforge.net/wikipedia/mediawiki-1.6.8.tar.gz
MD5 checksum:
4befcbe776f8585efe705b9bd799a488 mediawiki-1.6.8.tar.gz
SHA-1 checksum:
b2ac945ceef2cac253a1e73b9de1da5f79aa7e77 mediawiki-1.6.8.tar.gz
Before asking for help, try the FAQ:
http://www.mediawiki.org/wiki/Help:FAQ
Low-traffic release announcements mailing list:
(Please subscribe to receive announcements of security updates.)
http://mail.wikimedia.org/mailman/listinfo/mediawiki-announce
Wiki admin help mailing list:
http://mail.wikimedia.org/mailman/listinfo/mediawiki-l
Bug report system:
http://bugzilla.wikimedia.org/
Play "stump the developers" live on IRC:
#mediawiki on irc.freenode.net
- -- brion vibber (brion @ pobox.com)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEsJ1KwRnhpk1wk44RAovlAJ9Gs76xhbaTWcnCOOZOF21zAm7H5ACgge+u
dif+f35fEbm4OqW9g1OotHQ=
=rMZR
-----END PGP SIGNATURE-----
_______________________________________________
MediaWiki-announce mailing list
MediaWiki-announce[at]wikimedia.org
http://mail.wikipedia.org/mailman/listinfo/mediawiki-announce
|
