Forwarding.
Pine
---------- Forwarded message ----------
From: Marko Obrovac <mobrovac(a)wikimedia.org>
Date: Wed, Jan 20, 2016 at 11:36 AM
Subject: Re: [Wikitech-l] RESTBase 0.9.2 (security release)
To: Wikimedia developers <wikitech-l(a)lists.wikimedia.org>
Cc: Services Team <services(a)lists.wikimedia.org>
Hello,
Just a clarification: MediaWiki-Vagrant~[1] users should run `vagrant
git-update` to update to the latest version. This is especially relevant
for users running it on publicly-accessible hosts and having any of the
following roles enabled:
- visualeditor
- restbase
- parsoid
Cheers,
Marko Obrovac, PhD
Senior Services Engineer
Wikimedia Foundation
[1] https://www.mediawiki.org/wiki/MediaWiki-Vagrant
On 20 January 2016 at 11:20, Gabriel Wicke <gwicke(a)wikimedia.org> wrote:
> A vulnerability has been found in RESTBase v0.9.1 and earlier that
> allowed attackers to read arbitrary files on the host system by
> passing a specially crafted URL. This vulnerability has been fixed in
> [1].
>
> All RESTBase users are strongly encouraged to upgrade to v0.9.2
> immediately. Files readable by the RESTBase service user might have
> been accessed by third parties, so appropriate measures should be
> taken.
>
> mediawiki-containers [2] users with automatic updates enabled have
> already been upgraded to v0.9.2.
>
> --
> Gabriel Wicke
> Principal Engineer, Wikimedia Foundation
>
> [1]:
>
https://github.com/wikimedia/restbase/commit/1ea649306ae4e85ab2cee5a36318e9…
> [2]: https://github.com/wikimedia/mediawiki-containers
>
> _______________________________________________
> Wikitech-l mailing list
> Wikitech-l(a)lists.wikimedia.org
> https://lists.wikimedia.org/mailman/listinfo/wikitech-l
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
In includes/specials/SpecialExport.php there's a hardcoded limit of 5000
pages in the two functions getPagesFromCategory() and
getPagesFromNamespace() [0].
For a variety of reasons I find myself wanting to export pages from a
category which has over 5000 pages, and the Special:Export page seems
like a convenient place to do this, but of course it limits category
page title fetching to 5000.
Would it be:
a) dangerous to fiddle with this value temporarily to facilitate the
export, and
b) worth considering to split this off in for example a variable one
could set in LocalSettings.php?
[0]
https://github.com/wikimedia/mediawiki/blob/51e8a36a92f34f6a57d7694df26b811…
Hi!
Is there a way to rebuild the contents of 'page_props' table? There are numerous maintenance scripts to rebuild page data but it seems that none of them affects the 'page_props'.
As far as I know the 'page_props' data gets written by when the content of a page gets parsed. I can clear the parser cache but I'd still have to access all the pages on the wiki to have the parser act on them. Are there any recommendations/suggestions?
--
Robert Vogel
Hello,
I need to find out how many pages a user has created and if possible in a
range of dates... doing a search like this:
author:ranieri.mazili date-start:2015-06-01 data-end:2015-12-31
Is this possible using native resources or with extensions?
Thanks
Hello,
I'm new to mediawiki and I'm trying it to my company... I want to
substitute our current wiki (wikispaces) by another one and I'm studying
some possibilities.
I just installed on my ubuntu and it's working but it's very simple.
I want to know which plugins you think are essential to install to have a
better media wiki.
I would like to have a better editor because the default doesn't have too
much options to format the text and one to create templates.
Do you recommend any plugin to get these resources and others to make it
more "usable"?
I really appreciate any help
Regards.
I am trying to install the extension Content Translation. I have installed the required extensions and everything is confirmed on Special:Version. When I go to the Special:ContentTranslations page, after a brief pause I get a message that says "Error: Could not connect to the server." I have been following the directions for installing the cxserver, but run into issues when I try to use the command "cxserver." The command prompt states that it cannot find the command. For example, in the directions it states make sure the server is set to the right port with the following command:
cxserver --port=8080
I then receive the following message:
No command 'cxserver' found, did you mean:
Command 'cserver' from package 'freewnn-cserver' (universe)
cxserver: command not found
I enter this command from within the cxserver directory. The directions I am following are located at https://www.mediawiki.org/wiki/Content_translation/Setup. Any guidance would be appreciated. Thanks in advance.
MediaWiki: 1.26.2
PHP: 5.5.9-1ubuntu4.14 (apache2handler)
MySQL: 5.5.46-0ubuntu0.14.04.2
Sincerely,
Andrew
Andrew Geary
SEG Publications outreach editor
Society of Exploration Geophysicists (SEG)
8801 South Yale, Suite 500 / Tulsa, OK 74137 USA
504-407-1303
ageary(a)seg.org
www.seg.org
Please, what is the purpose of the below parsoid.conf file found in a
one-click install.
/opt/bitnami/app/mediawiki/conf/parsoid.conf
/opt/bitnami/app/mediawiki/htdocs/[mw root]
Is it for extension:parsoid? (deprecated, not installed)
Is it for parsoid server? (not installed)
Why does it have re-write rules?
Thanks
David
=== parsoid.conf start ===
<IfDefine USE_PHP_FPM>
<Proxy
"unix:/opt/bitnami/php/var/run/mediawiki.sock|fcgi://mediawiki-fpm"
timeout=300>
</Proxy>
</IfDefine>
<Directory "/opt/bitnami/apps/mediawiki/htdocs">
Options +MultiViews
AllowOverride None
<IfVersion < 2.3 >
Order allow,deny
Allow from all
</IfVersion>
<IfVersion >= 2.3>
Require all granted
</IfVersion>
<IfDefine USE_PHP_FPM>
<FilesMatch \.php$>
SetHandler "proxy:fcgi://mediawiki-fpm/"
</FilesMatch>
</IfDefine>
RewriteEngine On
#RewriteBase /mediawiki/
RewriteRule ^index\.php$ - [S=1]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L]
</Directory>
Include "/opt/bitnami/apps/mediawiki/conf/htaccess.conf"
===== end ===
Hi list users,
I have been through many manuals without finding something useful.
I have a common code base and a couple of sites.
Uploads should be outside the web root. To keep it organized and to save
space on the servers drive.
URL's should not reflect the actual path to the upload directory.
I have tried something like
$wgUploadDirectory = "/home/someuser/mediawiki/files";
$wgUploadPath = "{IP}/img";
I /can/ upload e.g. an image. I can see it in the list and I can find it
in the automatically generated subdirectory. But when I click on the
image link, I get an error like
"The requested URL /usr/local/www/mediawiki/img/4/4f/IMG_4025a.jpg was
not found on this server."
I guess I could solve the problem by using a symlink from the sites
images directory to the other directory. But I think there /should/ be a
way to do it by setting the right options in the LocalSettings.php.
Regards,
Jon Theil Nielsen
Dear developers,
with actual Mediawiki
one user get this error by saving an edited page:
"Something went wrong
Unknown error
Dismiss"
What may be the cause?
How to investigate?
For me everything works fine...
Bests, Markus
Dear developers,
with actual Mediawiki
one user get this error by saving an edited page:
"Something went wrong
Unknown error
Dismiss"
What may be the cause?
How to investigate?
For me everything works fine...
Bests, Markus
(now without screenshot)