Difference between revisions of "Mediawiki Release Notes"

From wikieduonline
Jump to navigation Jump to search
 
(40 intermediate revisions by the same user not shown)
Line 1: Line 1:
 +
[[Mediawiki]]: https://www.mediawiki.org/wiki/Release_notes
 +
* https://github.com/wikimedia/mediawiki
 +
 +
 +
== Mediawiki [[LTS]] ==
 
https://www.mediawiki.org/wiki/Release_notes
 
https://www.mediawiki.org/wiki/Release_notes
  
 +
* https://www.mediawiki.org/wiki/Release_notes/1.39
 +
 +
* 1.38 2022 https://www.mediawiki.org/wiki/Release_notes/1.38
 +
** [[Vector skin]] modified
 +
 +
* 1.37 https://www.mediawiki.org/wiki/Release_notes/1.37
  
== Mediawiki LTS ==
+
* 1.36 5 April 2021 https://www.mediawiki.org/wiki/Release_notes/1.36
https://www.mediawiki.org/wiki/Release_notes
+
 
* [https://www.mediawiki.org/wiki/Release_notes/1.31 MediaWiki 1.31 LTS] 2018-04-17
+
* 1.35 LTS Jul 2020 https://www.mediawiki.org/wiki/Release_notes/1.35
*** SECURITY: Do not allow user scripts on Special:PasswordReset.
+
 
 +
* 1.33 (obsolete) https://www.mediawiki.org/wiki/MediaWiki_1.33
 +
 
 +
* [https://www.mediawiki.org/wiki/Release_notes/1.31 1.31 LTS] 2018-04-17, EOL 2021/06
 +
** SECURITY: Do not allow user scripts on Special:PasswordReset.
 +
** 1.31.9
 +
** 1.31.8
 +
** 1.31.7
 
** [https://phabricator.wikimedia.org/source/mediawiki/browse/REL1_31/RELEASE-NOTES-1.31 1.31.6]  
 
** [https://phabricator.wikimedia.org/source/mediawiki/browse/REL1_31/RELEASE-NOTES-1.31 1.31.6]  
 
** [https://phabricator.wikimedia.org/source/mediawiki/browse/REL1_31/RELEASE-NOTES-1.31 1.31.5] maintenance release
 
** [https://phabricator.wikimedia.org/source/mediawiki/browse/REL1_31/RELEASE-NOTES-1.31 1.31.5] maintenance release
** [https://phabricator.wikimedia.org/source/mediawiki/browse/REL1_31/RELEASE-NOTES-1.31 1.31.4] security and maintenance
+
** [https://phabricator.wikimedia.org/source/mediawiki/browse/REL1_31/RELEASE-NOTES-1.31 1.31.4] '''security''' and maintenance (Sep 30 2019)
*** SECURITY: Add permission check for suppressed account to Special:Redirect.
+
*** SECURITY: Add permission check for suppressed account to <code>Special:Redirect</code>.
 
** [https://phabricator.wikimedia.org/source/mediawiki/browse/REL1_31/RELEASE-NOTES-1.31 1.31.3] maintenance
 
** [https://phabricator.wikimedia.org/source/mediawiki/browse/REL1_31/RELEASE-NOTES-1.31 1.31.3] maintenance
** [https://phabricator.wikimedia.org/source/mediawiki/browse/REL1_31/RELEASE-NOTES-1.31 1.31.2] security and maintenance
+
** [https://phabricator.wikimedia.org/source/mediawiki/browse/REL1_31/RELEASE-NOTES-1.31 1.31.2] '''security''' and maintenance (Jun 6 2019)
 
*** SECURITY: User JS may no longer be loaded with mime type text/javascript if there is no account associated with the username
 
*** SECURITY: User JS may no longer be loaded with mime type text/javascript if there is no account associated with the username
*** SECURITY: Fix an issue that prevents Extension:OAuth working when $wgBlockDisablesLogin is true.
+
*** SECURITY: Fix an issue that prevents Extension:[[OAuth]] working when $wgBlockDisablesLogin is true.
*** SECURITY: action=logout now requires to be posted and have a csrf token.
+
*** SECURITY: action=logout now requires to be posted and have a [[CSRF]] token.
 
*** (T197279) SECURITY: Fix reauth in Special:ChangeEmail.
 
*** (T197279) SECURITY: Fix reauth in Special:ChangeEmail.
 
*** (T208881) SECURITY: blacklist CSS var().
 
*** (T208881) SECURITY: blacklist CSS var().
Line 21: Line 39:
 
*** (T212118) SECURITY: Fix cache mode for (un)patrolled recent changes query.
 
*** (T212118) SECURITY: Fix cache mode for (un)patrolled recent changes query.
 
*** (T222036, T222038) SECURITY: Add permission check for user is permitted to view the log type.
 
*** (T222036, T222038) SECURITY: Add permission check for user is permitted to view the log type.
* (T221739) SECURITY: resources: Patch jQuery 3.2.1 for CVE-2019-11358.
+
*** (T221739) SECURITY: resources: Patch jQuery 3.2.1 for CVE-2019-11358.
** [https://phabricator.wikimedia.org/source/mediawiki/browse/REL1_31/RELEASE-NOTES-1.31 1.31.1] security and maintenance
+
 
 +
** [https://phabricator.wikimedia.org/source/mediawiki/browse/REL1_31/RELEASE-NOTES-1.31 1.31.1] '''security''' and maintenance (Sep 20 2018)
 
***  (T169545, CVE-2018-0503) SECURITY: $wgRateLimits entry for 'user' override 'newbie'.
 
***  (T169545, CVE-2018-0503) SECURITY: $wgRateLimits entry for 'user' override 'newbie'.
 
*** (T194605, CVE-2018-0505) SECURITY: BotPasswords can bypass CentralAuth's account lock.
 
*** (T194605, CVE-2018-0505) SECURITY: BotPasswords can bypass CentralAuth's account lock.
*** (T199029, CVE-2018-13258) SECURITY: Tarball was missing .htaccess files.
+
*** (T199029, CVE-2018-13258) SECURITY: Tarball was missing <code>.[[htaccess]]</code> files.
 +
 
 
* MediaWiki 1.27 LTS 2016-05-31
 
* MediaWiki 1.27 LTS 2016-05-31
* MediaWiki 1.23 LTS 2014-04-14
+
* MediaWiki 1.23 LTS 2014-04-14<ref>https://www.mediawiki.org/wiki/MediaWiki_1.23</ref>. Supported until May 2017.
 +
* MediaWiki 1.21
 +
** [[SyntaxHighlight]]
 
* MediaWiki 1.19 LTS 2012-02-09
 
* MediaWiki 1.19 LTS 2012-02-09
 +
* MediaWiki 1.18
 +
* MediaWiki 1.17
 +
* MediaWiki 1.16 (2010-02-22)
  
 
+
== See also ==
 +
* [[Software Change logs]]
 +
* {{Mediawiki}}
  
 
[[Category:Changelogs]]
 
[[Category:Changelogs]]

Latest revision as of 09:13, 2 February 2024

Mediawiki: https://www.mediawiki.org/wiki/Release_notes


Mediawiki LTS[edit]

https://www.mediawiki.org/wiki/Release_notes

  • 1.31 LTS 2018-04-17, EOL 2021/06
    • SECURITY: Do not allow user scripts on Special:PasswordReset.
    • 1.31.9
    • 1.31.8
    • 1.31.7
    • 1.31.6
    • 1.31.5 maintenance release
    • 1.31.4 security and maintenance (Sep 30 2019)
      • SECURITY: Add permission check for suppressed account to Special:Redirect.
    • 1.31.3 maintenance
    • 1.31.2 security and maintenance (Jun 6 2019)
      • SECURITY: User JS may no longer be loaded with mime type text/javascript if there is no account associated with the username
      • SECURITY: Fix an issue that prevents Extension:OAuth working when $wgBlockDisablesLogin is true.
      • SECURITY: action=logout now requires to be posted and have a CSRF token.
      • (T197279) SECURITY: Fix reauth in Special:ChangeEmail.
      • (T208881) SECURITY: blacklist CSS var().
      • (T209794) SECURITY: rate-limit and prevent blocked users from changing email.
      • (T199540) SECURITY: API: Respect $wgBlockCIDRLimit in action=block.
      • (T212118) SECURITY: Fix cache mode for (un)patrolled recent changes query.
      • (T222036, T222038) SECURITY: Add permission check for user is permitted to view the log type.
      • (T221739) SECURITY: resources: Patch jQuery 3.2.1 for CVE-2019-11358.
    • 1.31.1 security and maintenance (Sep 20 2018)
      • (T169545, CVE-2018-0503) SECURITY: $wgRateLimits entry for 'user' override 'newbie'.
      • (T194605, CVE-2018-0505) SECURITY: BotPasswords can bypass CentralAuth's account lock.
      • (T199029, CVE-2018-13258) SECURITY: Tarball was missing .htaccess files.
  • MediaWiki 1.27 LTS 2016-05-31
  • MediaWiki 1.23 LTS 2014-04-14[1]. Supported until May 2017.
  • MediaWiki 1.21
  • MediaWiki 1.19 LTS 2012-02-09
  • MediaWiki 1.18
  • MediaWiki 1.17
  • MediaWiki 1.16 (2010-02-22)

See also[edit]

  • https://www.mediawiki.org/wiki/MediaWiki_1.23
  • Advertising: