stable

mediawiki-1.38.2-1.fc37

FEDORA-2022-bca2c95559 created by mooninite 4 months ago for Fedora 37

MediaWiki 1.38.2

This is a security and maintenance release of the MediaWiki 1.38 branch. Changes since MediaWiki 1.38.1

Localisation updates.
(T309426) Repair language selector for SVGs.
(T310013) Fix default value for $wgShowEXIF and $wgUsePathInfo.
(T308471) SECURITY: Escape welcomeuser message passed to showSuccessPage().
(T308473) SECURITY: Escape contributions-title msg for use within page title.
(T311272) Call parent constructor of AddSite maintenance script first.
MediaWiki: Don't eagerly initialize action name.
(T311384, CVE-2022-27776) Updated guzzlehttp/guzzle from 7.4.1 to 7.4.5.
(T289926) Avoid passing null to trim() in SkinTemplate.
(T289879) Address deprecations for PHP 8.1.
(T311473) rollbackEdits: Pass user identity to RollbackPage.
Upgrade wikimedia/remex-html from 3.0.1 to 3.0.2.
(T311551) ShellboxClientFactory::getUrl(): Check if $this->key is null.
(T311552) ChangesListSpecialPage: Don't pass null to FormatJson::decode().
(T311569) FileBackend::isStoragePath() Handle being passed null.
(T311544) Pass int to ApiUsageException::newWithMessage()'s $httpCode param.
(T311678) SpecialEditWatchlist: Prevent passing null to strtolower().
(T311554) ChangeTags: Return early in formatSummaryRow() if $tags === null.
Upgrade wikimedia/common-passwords from 0.3.0 to 0.4.0.

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2022-bca2c95559

This update has been submitted for testing by mooninite.

4 months ago

This update's test gating status has been changed to 'ignored'.

4 months ago

This update has been pushed to testing.

4 months ago

This update has been submitted for stable by bodhi.

4 months ago

This update has been pushed to stable.

4 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
4 months ago
in testing
4 months ago
in stable
4 months ago
BZ#2101639 MediaWiki 1.37.2 pulls in version of dependency (Parsoid 0.14.0) broken with PHP 8.1
0
0
BZ#2102955 mediawiki-1.38.2 is available
0
0
BZ#2112771 CVE-2022-34911 mediawiki: Cross-site Scripting [fedora-all]
0
0
BZ#2112773 CVE-2022-34912 mediawiki: Username not escaped in the contributions-title message [fedora-all]
0
0

Automated Test Results

ignored