pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/www/mediawiki



Module Name:    pkgsrc
Committed By:   wen
Date:           Sat Dec 20 02:26:59 UTC 2014

Modified Files:
        pkgsrc/www/mediawiki: Makefile PLIST distinfo

Log Message:
Update to 1.24.1(security update)

Upstream changes:
MediaWiki 1.24.1
This is a security and maintenance release of the MediaWiki 1.24 branch.

Changes since 1.24.0
(bug T76686) [SECURITY] thumb.php outputs wikitext message as raw HTML, which could lead to xss. Permission to edit MediaWiki namespace is required to exploit this.
(bug T77028) [SECURITY] Malicious site can bypass CORS restrictions in $wgCrossSiteAJAXdomains in API calls if it only included an allowed domain as part of its name.
(bug T74222) The original patch for T74222 was reverted as unnecessary.
Fixed a couple of entries in RELEASE-NOTES-1.24.
(bug T76168) OutputPage: Add accessors for some protected properties.
(bug T74834) Make 1.24 branch directly installable under PostgreSQL.


To generate a diff of this commit:
cvs rdiff -u -r1.49 -r1.50 pkgsrc/www/mediawiki/Makefile
cvs rdiff -u -r1.21 -r1.22 pkgsrc/www/mediawiki/PLIST
cvs rdiff -u -r1.36 -r1.37 pkgsrc/www/mediawiki/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.




Home | Main Index | Thread Index | Old Index