Aktualisierung auf MediaWiki 1.9.2

1 files changed, 19 insertions, 0 deletions

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 6c1a8626..77ae6c5f 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -3,6 +3,25 @@
 Security reminder: MediaWiki does not require PHP's register_globals
 setting since version 1.2.0. If you have it on, turn it *off* if you can.
 
+== MediaWiki 1.9.2 ==
+
+February 4, 2007
+
+This is a bug-fix update that fixes some installation and other minor
+issues with the 1.9.1 release as well as a security issue which was
+introduced in the 1.9 branch.
+
+JavaScript code which regenerated the "sortable tables" feature did
+not properly sanitize input, leading to an HTML injection vulnerability.
+
+* (bug 8774) Fix path for GNU FDL rights icon on new installs
+* (bug 8819) Fix full path disclosure with skins dependencies
+* (bug 4268) Fixed data-loss bug in compressOld batch text compression
+  affecting pages which had null edits (move, protect, etc) as second
+  edit in a batch group. Isolated and patched by Travis Derouin.
+* Security fix for sortable tables JavaScript
+
+
 == MediaWiki 1.9.1 ==
 
 January 24, 2007