Menü Schließen

MediaWiki Maintenance und Security Release 1.35.9, 1.38.5 and 1.39.1

MediaWiki Logo

Noch vor Weihnachten haben die Entwickler des Open-Source MediaWiki die Updates 1.35.9, 1.38.5 und 1.39.1 veröffentlicht. Die Updates beheben einige Fehler und schließen eine Sicherheitslücke.

MediaWiki Security Ankündigung

  • (T322637, CVE-2022-PENDING) SECURITY: Make sqlite DB files not world
    readable.

MediaWiki 1.35.9 Release Notes

  • Localisation updates.
  • (T319000) WebInstaller: Don’t try and run trim() on null.
  • (T320864) When calling mail(), use an array for headers.
  • (T311567) In ManualLogEntry, cast the comment to string.
  • (T323082) Upgrading wikimedia/xmp-reader (0.7.0 => 0.8.5).
  • Language: Handle ronna and quetta.
  • (T304515) LCStoreStaticArray: atomically replace the cache file.
  • (T324890, T324891, T324901) Parser: Allow dynamic properties on PHP 8.2.
  • (T322637) SECURITY: sqlite should not create DB file world-readable.

https://phabricator.wikimedia.org/diffusion/MW/browse/REL1_35/RELEASE-NOTES-1.35
https://www.mediawiki.org/wiki/Release_notes/1.35

MediaWiki 1.38.5 Release Notes

  • Localisation updates.
  • Tests: Explicit cast to int in RandomImageGenerator test (php8 warnings).
  • (T319000) WebInstaller: Don’t try and run trim() on null.
  • (T318753) Installer: Disable logo dropper for now.
  • (T320864) When calling mail(), use an array for headers.
  • (T311567) In ManualLogEntry, cast the comment to string.
  • (T289926) api: Fix minor PHP 8.1 incompatibility in ApiOptions.
  • (T322803) SpecialBotPasswords: Don’t pass null to trim().
  • (T323082) Upgrading wikimedia/xmp-reader (0.8.1 => 0.8.5).
  • Language: Handle ronna and quetta.
  • PostgresUpdater: Remove trailing space from ‚user_id ‚ column.
  • (T304515) LCStoreStaticArray: atomically replace the cache file.
  • (T324890, T324891, T324901) Parser: Allow dynamic properties on PHP 8.2.
  • (T324910) On pages using multi-content revisions, the raw content of a
 specific slot can be retrieved using the action=raw&slot=<role-name> query
 parameters.
  • (T322637) SECURITY: sqlite should not create DB file world-readable.

https://phabricator.wikimedia.org/diffusion/MW/browse/REL1_38/RELEASE-NOTES-1.38
https://www.mediawiki.org/wiki/Release_notes/1.38

MediaWiki 1.39.1 Release Notes

  • Localisation updates.
  • PostgresUpdater: Remove trailing space from ‚user_id ‚ column.
  • (T304515) LCStoreStaticArray: atomically replace the cache file.
  • (T324516) postgres: Fix upgrade for templatelinks primary key.
  • (T324890, T324891, T324901) Parser: Allow dynamic properties on PHP 8.2.
  • (T324513) uuid\GlobalIdGenerator: Check if getmyuid() exists.
  • (T314099) OutputPage: Remove unused dynamic property ParserOptions->isBogus.
  • (T314099) api: Remove use of undeclared property in action=comparepages.
  • Upgrading wikimedia/xmp-reader (0.8.5 => 0.8.6).
  • (T324489) Upgrading wikimedia/parsoid (v0.16.0 => v0.16.1).
  • Updated pear/mail (v1.4.1 => v1.5.0).
  • Removed wikimedia/dodo (v0.4.0).
  • (T324910) On pages using multi-content revisions, the raw content of a specific slot can be retrieved using the action=raw&slot=<role-name> query parameters.
  • (T322637) SECURITY: sqlite should not create DB file world-readable.

https://phabricator.wikimedia.org/diffusion/MW/browse/REL1_39/RELEASE-NOTES-1.39
https://www.mediawiki.org/wiki/Release_notes/1.39

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert