JARVIS
Die Entwickler von MediaWiki haben vor ein paar Tagen ein Security und Bugfix Update für die drei Hauptzweige veröffentlicht.
MediaWiki 1.38.2 Release Notes
- Localisation updates.
- (T309426) Repair language selector for SVGs.
- (T310013) Fix default value for $wgShowEXIF and $wgUsePathInfo.
- (T308471) SECURITY: Escape welcomeuser message passed to showSuccessPage().
- (T308473) SECURITY: Escape contributions-title msg for use within page title.
- (T311272) Call parent constructor of AddSite maintenance script first.
- MediaWiki: Don’t eagerly initialize action name.
- (T311384, CVE-2022-27776) Updated guzzlehttp/guzzle from 7.4.1 to 7.4.5.
- (T289926) Avoid passing null to trim() in SkinTemplate.
- (T289879) Address deprecations for PHP 8.1.
- (T311473) rollbackEdits: Pass user identity to RollbackPage.
- Upgrade wikimedia/remex-html from 3.0.1 to 3.0.2.
- (T311551) ShellboxClientFactory::getUrl(): Check if $this->key is null.
- (T311552) ChangesListSpecialPage: Don’t pass null to FormatJson::decode().
- (T311569) FileBackend::isStoragePath() Handle being passed null.
- (T311544) Pass int to ApiUsageException::newWithMessage()’s $httpCode param.
- (T311678) SpecialEditWatchlist: Prevent passing null to strtolower().
- (T311554) ChangeTags: Return early in formatSummaryRow() if $tags === null.
- Upgrade wikimedia/common-passwords from 0.3.0 to 0.4.0.
MediaWiki 1.37.3 Release Notes
- Localisation updates.
- (T289879) Type hints for ArrayAccess and JsonSerializable.
- (T304783) TemplateParser: avoid warnings when called by NoLocalSettings.
- Rebuilt vendor with composer 2.3.3.
- Fix old_name in UserLogoutComplete hook.
- (T289879) Address some deprecations for PHP 8.1.
- (T193565) UserGroupManager: Fix dbDomain in addUserToGroup() deferred update.
- (T309114) LocalFile::prerenderThumbnails: Limit the number of thumbnail jobs triggered.
- (T307982) Updated wikimedia/parsoid from v0.14.0 to v0.14.1.
- (T308471) SECURITY: Escape welcomeuser message passed to showSuccessPage().
- (T308473) SECURITY: Escape contributions-title msg for use within page title.
- (T311272) Call parent constructor of AddSite maintenance script first.
- MediaWiki: Don’t eagerly initialize action name.
- Updated wikimedia/shellbox from v2.0.0 to v2.1.1.
- (T311384, CVE-2022-27776) Updated guzzlehttp/guzzle from 7.2.0 to 7.4.5.
- (T289926) Avoid passing null to trim() in SkinTemplate.
- (T311473) rollbackEdits: Pass user identity to RollbackPage.
- (T307282) Avoid passing null to strcasecmp(), for PHP 8.1.
- (T311551) ShellboxClientFactory::getUrl(): Check if $this->key is null.
- (T311552) ChangesListSpecialPage: Don’t pass null to FormatJson::decode().
- (T311569) FileBackend::isStoragePath() Handle being passed null.
- (T311544) Pass int to ApiUsageException::newWithMessage()’s $httpCode param.
- (T311678) SpecialEditWatchlist: Prevent passing null to strtolower().
- (T281741) ChangeTags: Fix adding CSS classes for hidden tags.
- (T296642) changetags: Fix management of a ‘0’ tag.
- (T311554) ChangeTags: Return early in formatSummaryRow() if $tags === null.
- (T303033) Handle null in ChangeTags::modifyDisplayQuery.
- Updated wikimedia/common-passwords from 0.3.0 to 0.4.0.
MediaWiki 1.35.7 Release Notes
- Localisation updates.
- (T289879) Type hints for ArrayAccess.
- (T304783) TemplateParser: avoid warnings when called by NoLocalSettings.
- Rebuilt vendor with composer 2.3.3.
- (T289879) Address some deprecations for PHP 8.1.
- Fix old_name in UserLogoutComplete hook.
- (T286260, T307979) objectcache: normalize $exptime to a TTL in APCUBagOStuff/WinCacheBagOStuff.
- MediaSearchWidget should declare an explicit dependency on mediawiki.user module
- (T288423) WikiImporter: Replace deprecated WikiRevision::setText.
- (T309377, CVE-2022-29248, T311384, CVE-2022-27776) Updating guzzlehttp/guzzle (6.5.5 => 6.5.8)
- (T308471) SECURITY: Escape welcomeuser message passed to showSuccessPage().
- (T311272) Call parent constructor of AddSite maintenance script first.
- MediaWiki: Don’t eagerly initialize action name.
- (T289926) Avoid passing null to trim() in SkinTemplate.
- (T307282) Avoid passing null to strcasecmp(), for PHP 8.1.
- (T311552) ChangesListSpecialPage: Don’t pass null to FormatJson::decode().
- (T311569) FileBackend::isStoragePath() Handle being passed null.
- (T311544) Pass int to ApiUsageException::newWithMessage()’s $httpCode param.
- (T311678) SpecialEditWatchlist: Prevent passing null to strtolower().
- (T281741) ChangeTags: Fix adding CSS classes for hidden tags.
- (T296642) changetags: Fix management of a ‘0’ tag.
- (T311554) ChangeTags: Return early in formatSummaryRow() if $tags === null.
- (T303033) Handle null in ChangeTags::modifyDisplayQuery.
Interessiert in verschiedenste IT Themen, schreibe ich in diesem Blog über Software, Hardware, Smart Home, Games und vieles mehr. Ich berichte z.B. über die Installation und Konfiguration von Software als auch von Problemen mit dieser. News sind ebenso spannend, sodass ich auch über Updates, Releases und Neuigkeiten aus der IT berichte. Letztendlich nutze ich Taste-of-IT als eigene Dokumentation und Anlaufstelle bei wiederkehrenden Themen. Ich hoffe ich kann dich ebenso informieren und bei Problemen eine schnelle Lösung anbieten. Wer meinen Aufwand unterstützen möchte, kann gerne eine Tasse oder Pod Kaffe per PayPal spenden – vielen Dank.