Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 86470

Summary: MediaWiki 1.4.2 has released
Product: Gentoo Linux Reporter: Mike Baikov <rusxakep>
Component: New packagesAssignee: Gentoo Web-apps project <webapps-request>
Status: RESOLVED DUPLICATE    
Severity: enhancement CC: rockoo, security
Priority: High    
Version: unspecified   
Hardware: All   
OS: All   
URL: http://wikipedia.sourceforge.net/
Whiteboard:
Package list:
Runtime testing required: ---

Description Mike Baikov 2005-03-23 23:00:25 UTC 
MediaWiki 1.4.0 is the first official stable release in the 1.4 series. All new installations are highly recommended to use 1.4.0 instead of 1.3.x; 1.3.x users should consider upgrading for bug fixes and new features. 
 
1.4 beta or release candidate users should upgrade to this release. 
 
See the release notes (link below) for a fuller list of changes from the previous 1.3.x series and installation notes. 
 
Release notes: 
http://sourceforge.net/project/shownotes.php?release_id=314389 
 
Download: 
http://prdownloads.sf.net/wikipedia/mediawiki-1.4.0.tar.gz?download 
 
Low-traffic release announcements mailing list: 
http://mail.wikipedia.org/mailman/listinfo/mediawiki-announce 
 
Wiki admin help mailing list: 
http://mail.wikipedia.org/mailman/listinfo/mediawiki-l 
 
Bug report system: 
http://bugzilla.wikipedia.org/ 
 
Play "stump the developers" live on IRC: 
#mediawiki on irc.freenode.net

Reproducible: Always
Steps to Reproduce:
1.
2.
3.
Comment 1 Ricardo Nuno 2005-04-06 18:58:45 UTC 
already in portage testing:
http://packagestest.gentoo.org/ebuilds/?mediawiki-1.4.0
Comment 2 Daniel Webert 2005-04-21 12:50:18 UTC 
MediaWiki 1.4.2 is a security and bug fix release for the 1.4 stable release series.

A cross-site scripting injection vulnerability was discovered, which affects only MSIE clients and is only open if MediaWiki has been manually configured to run output through HTML Tidy ($wgUseTidy).

same security problem fixed in 1.3.12
Comment 3 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-04-21 22:33:03 UTC 

*** This bug has been marked as a duplicate of 89949 ***