FEDORA-2015-56543978e8 created by mooninite 4 years ago for Fedora 22
stable

Changes since 1.26.1

  • (bug T121892) Various special pages resulted in fatal errors.

Changes since 1.26.0

  • (bug T117899) SECURITY: $wgArticlePath can no longer be set to relative paths that do not begin with a slash. This enabled trivial XSS attacks. Configuration values such as "http://my.wiki.com/wiki/$1" are fine, as are "/wiki/$1". A value such as "$1" or "wiki/$1" is not and will now throw an error
  • (bug T119309) SECURITY: Use hash_compare() for edit token comparison
  • (bug T118032) SECURITY: Don't allow cURL to interpret POST parameters starting with '@' as file uploads
  • (bug T115522) SECURITY: Passwords generated by User::randomPassword() can no longer be shorter than $wgMinimalPasswordLength
  • (bug T97897) SECURITY: Improve IP parsing and trimming. Previous behavior could result in improper blocks being issued
  • (bug T109724) SECURITY: Special:MyPage, Special:MyTalk, Special:MyContributions and related pages no longer use HTTP redirects and are now redirected by MediaWiki
  • Fixed ConfigException in ExpandTemplates due to AlwaysUseTidy.
  • Fixed stray literal \n in Special:Search.
  • Fix issue that breaks HHVM Repo Authorative mode.
  • (bug T120267) Work around APCu memory corruption bug

How to install

sudo dnf upgrade --advisory=FEDORA-2015-56543978e8

This update has been submitted for testing by mooninite.

4 years ago

This update has been pushed to testing.

4 years ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

4 years ago

This update has been submitted for stable by mooninite.

4 years ago

This update has been pushed to stable.

4 years ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
4 years ago
in testing
4 years ago
in stable
4 years ago
BZ#1292807 mediawiki-1.26.2 is available
0
0
BZ#1293847 mediawiki: multiple flaws fixed in 1.26.1, 1.25.4, 1.24.5, and 1.23.12
0
0
BZ#1293848 mediawiki: multiple flaws fixed in 1.26.1, 1.25.4, 1.24.5, and 1.23.12 [fedora-all]
0
0

Automated Test Results