diff options
author | Pierre Schmitz <pierre@archlinux.de> | 2010-03-09 07:35:26 +0100 |
---|---|---|
committer | Pierre Schmitz <pierre@archlinux.de> | 2010-03-09 07:35:26 +0100 |
commit | 68d8f40ee713b12fefce5dfb93f6843717ccc951 (patch) | |
tree | 2e2dd99da303081975560021fde9880efee64ee3 /RELEASE-NOTES | |
parent | 41f758f4ba17efde372e3cd18eee6f45519b41e2 (diff) | |
parent | 6f5403ca6e8561c3dcd19284f86b4c3c8dd715ff (diff) |
Merge branch 'master' into redesign
Diffstat (limited to 'RELEASE-NOTES')
-rw-r--r-- | RELEASE-NOTES | 22 |
1 files changed, 19 insertions, 3 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 903d0d81..d041b9c3 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -3,11 +3,11 @@ Security reminder: MediaWiki does not require PHP's register_globals setting since version 1.2.0. If you have it on, turn it *off* if you can. -== MediaWiki 1.15.1 == +== MediaWiki 1.15.2 == -July 14, 2009 +March 8, 2010 -This is a security and bugfix release of the the 2009 Q2 branch of MediaWiki. +This is a security and maintenance release. MediaWiki is now using a "continuous integration" development model with quarterly snapshot releases. The latest development code is always kept @@ -20,6 +20,22 @@ will be made on the development trunk and appear in the next quarterly release. Those wishing to use the latest code instead of a branch release can obtain it from source control: http://www.mediawiki.org/wiki/Download_from_SVN +=== Changes since 1.15.1 === + +* The installer now includes a check for a data corruption issue with certain + versions of libxml2 2.7 and PHP earlier than 5.2.9, and also for a PHP bug + present in the official release of PHP 5.3.1. +* (bug 20239) MediaWiki:Imagemaxsize does not contain anymore a <br /> tag which + was displayed to the user +* (bug 21150) SQLite no longer raise an error when deleting files +* (bug 20880) Fixed updater failure on SQLite backend +* upgrade1_5.php now requires to be run --update option to prevent confusion +* Fixed a CSS validation issue which allowed external images to be included + into wikis where that is disallowed by configuration. +* Fixed a data leakage vulnerability for private wikis using img_auth.php or + similar image access authentication schemes. Check user permissions before + streaming out scaled images from thumb.php. + === Changes since 1.15.0 === * Fixed fatal errors for unusual file repository configurations, such as |