-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
October 10, 2006
This is the quarterly release snapshot for Fall 2006. While the code
has been running on Wikipedia for some time, installation and upgrade
bits may be less well tested. Bug fix releases may follow in the coming
days or weeks.
MediaWiki is now using a "continuous integration" development model with
quarterly snapshot releases. The latest development code is always kept
"ready to run", and in fact runs our own sites on Wikipedia.
Release branches will continue to receive security updates for about a year
from first release, but nonessential bugfixes and feature development happen
will be made on the development trunk and appear in the next quarterly release.
Those wishing to use the latest code instead of a branch release can obtain
it from source control: http://www.mediawiki.org/wiki/Download_from_SVN
== Configuration changes ==
* $wgUseETag, to enable/disable sending of HTTP ETag headers
(default: disabled)
* $wgLegalTitleChars now includes '+' by default for better compatibility
with importing data dumps from Wikipedia
* $wgDefaultUserOptions now includes all default option settings instead
of only overrides.
== Major new features ==
* (bug 7098) Add an option to disable/enable sending of HTTP ETag headers,
as it seems to result in broken behaviour in combination with Squid 2.6
(disabled by default).
* (bug 550) Allow blocks on anonymous users only.
* (bug 6420) Render thumbnails for DJVU images, support multipage DJVU display
on image pages. Added new 'page=' thumbnail option to select a page from a
multipage djvu for thumbnail generation.
* Full Postgres support is now enabled. It requires version 8.1 or better, and
needs to have both plpgsql and tsearch2 already installed.
* (bug 6386) fix grammatical errors in danish naming of talk namespaces.
Full release notes:
http://svn.wikimedia.org/viewvc/mediawiki/tags/REL1_8_0/phase3/RELEASE-NOTEShttp://svn.wikimedia.org/viewvc/mediawiki/tags/REL1_8_0/phase3/HISTORY
Download:
http://prdownloads.sourceforge.net/wikipedia/mediawiki-1.8.0.tar.gz
MD5 checksum:
9141eba6b8faf17fe80edeb7699cfca4 mediawiki-1.8.0.tar.gz
SHA-1 checksum:
28084a2a1c307e558fa5e99975d3a3dbee2e9586 mediawiki-1.8.0.tar.gz
Before asking for help, try the FAQ:
http://www.mediawiki.org/wiki/Help:FAQ
Low-traffic release announcements mailing list:
(Please subscribe to receive announcements of security updates.)
http://mail.wikimedia.org/mailman/listinfo/mediawiki-announce
Wiki admin help mailing list:
http://mail.wikimedia.org/mailman/listinfo/mediawiki-l
Bug report system:
http://bugzilla.wikimedia.org/
Play "stump the developers" live on IRC:
#mediawiki on irc.freenode.net
- -- brion vibber (brion @ pobox.com)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFLCV1wRnhpk1wk44RAoUcAJ9cGr304axlxgLLUWMwwfd4K8tR/ACgj12i
K8n5h25gWOLReeSsjdzBPlg=
=ceUE
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
MediaWiki 1.7.1 is a security and bugfix maintenance release of the
Summer 2006 snapshot:
A potential HTML/JavaScript-injection vulnerability in a debugging script
has been fixed. Only versions and configurations of PHP vulnerable to the
$GLOBALS overwrite vulnerability are affected.
As a workaround for existing installs, profileinfo.php may simply be deleted
if it's not being used.
* Fix for 'emailconfirmed' implicit user group
* Fix for upgrades on some versions of MySQL 4.0.x
* Fixed potential XSS in profileinfo.php
* Installer now shows clear error message about old PHP versions
rather than a confusing parse error
Note that MediaWiki 1.7 and above require PHP 5. If you are stuck with PHP 4,
please install MediaWiki 1.6.8.
Full release notes:
http://svn.wikimedia.org/viewvc/mediawiki/tags/REL1_7_1/phase3/RELEASE-NOTEShttp://svn.wikimedia.org/viewvc/mediawiki/tags/REL1_7_1/phase3/HISTORY
Download:
http://prdownloads.sourceforge.net/wikipedia/mediawiki-1.7.1.tar.gz
MD5 checksum:
50b74e2b5c86fb94c7201b72d2037662 mediawiki-1.7.1.tar.gz
SHA-1 checksum:
bdd685d4fe5d7b0d8e0ef2cf9a843bbab60d20ac mediawiki-1.7.1.tar.gz
Before asking for help, try the FAQ:
http://www.mediawiki.org/wiki/Help:FAQ
Low-traffic release announcements mailing list:
(Please subscribe to receive announcements of security updates.)
http://mail.wikimedia.org/mailman/listinfo/mediawiki-announce
Wiki admin help mailing list:
http://mail.wikimedia.org/mailman/listinfo/mediawiki-l
Bug report system:
http://bugzilla.wikimedia.org/
Play "stump the developers" live on IRC:
#mediawiki on irc.freenode.net
- -- brion vibber (brion @ pobox.com)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEsJ4DwRnhpk1wk44RAt5RAJ97vL8gs+I8kOPAJdWU4RYtL74ixgCdGqZm
KreZ2Yxl68GLGqjDC0sPwAI=
=G+v5
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This is the quarterly release snapshot for Summer 2006. While the code
has been running on Wikipedia for some time, installation and upgrade
bits may be less well tested. Bug fix releases may follow in the coming
days or weeks.
MediaWiki is now using a "continuous integration" development model with
quarterly snapshot releases. The latest development code is always kept
"ready to run", and in fact runs our own sites on Wikipedia.
Release branches will continue to receive security updates for about a year
from first release, but nonessential bugfixes and feature development happen
on the development trunk and appear in the next quarterly release.
Those wishing to use the latest code instead of a branch release can obtain
it from source control: http://www.mediawiki.org/wiki/Download_from_SVN
This is the first version of MediaWiki to require PHP 5. 5.1.x is recommended;
5.0 may work but is not well tested. (PHP 5.0 is no longer maintained; all PHP
5.0 users should upgrade to a current 5.1 release to ensure they have all
security fixes.) PHP 4.x is no longer supported by MediaWiki. If you are unable
to upgrade PHP, sorry, but you will have to stick with old versions of MediaWiki
for now.
Full release notes:
http://svn.wikimedia.org/viewvc/mediawiki/tags/REL1_7_0/phase3/RELEASE-NOTEShttp://svn.wikimedia.org/viewvc/mediawiki/tags/REL1_7_0/phase3/HISTORY
Download:
http://prdownloads.sourceforge.net/wikipedia/mediawiki-1.7.0.tar.gz
MD5 checksum:
d3b0ed529ae5ac9dfe713fbdbeae8025 mediawiki-1.7.0.tar.gz
SHA-1 checksum:
90c484ad4c2c20023ee1dcbd0eb2904e1a6a1727 mediawiki-1.7.0.tar.gz
Before asking for help, try the FAQ:
http://www.mediawiki.org/wiki/Help:FAQ
Low-traffic release announcements mailing list:
(Please subscribe to receive announcements of security updates.)
http://mail.wikimedia.org/mailman/listinfo/mediawiki-announce
Wiki admin help mailing list:
http://mail.wikimedia.org/mailman/listinfo/mediawiki-l
Bug report system:
http://bugzilla.wikimedia.org/
Play "stump the developers" live on IRC:
#mediawiki on irc.freenode.net
- -- brion vibber (brion @ pobox.com)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFErr/xwRnhpk1wk44RAoIoAJ0bj15IFY+Svs0rTnKVbVvZ21kdTgCfYfq2
airYE+1H4ga28uhXTSXNL+k=
=o2qo
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
MediaWiki 1.6.7 is a security and bugfix maintenance release of the
Spring 2006 snapshot:
An HTML/JavaScript-injection vulnerability in the edit form has been closed.
This vulnerability was new in 1.6.0; MediaWiki versions 1.5.x or earlier are
not affected.
Extensions, comments, and <nowiki> sections are now handled in a one-pass
way which is more reliable and safer. Under earlier versions of MediaWiki,
certain extensions could be abused to inject HTML/JavaScript into the page.
Additional precautions are made against offsite form submissions when
the restricted raw HTML mode is enabled.
Some small localization and user interface updates are also included.
* (bug 6051) Improvement to German localisation (de)
* (bug 6017) Update bookstore list for German language (de)
* (bug 6138) Minor grammar tweak in "loginreqlink"
* (bug 5957) Update for Hebrew language (he)
* Increase robustness of parser placeholders; fixes some glitches when
adjacent to identifier-ish constructs such as URLs.
* (bug 5384) Fix <!-- comments --> in <ref> extension
* Nesting of different tag extensions and comments should now work more
consistently and more safely. A cleaner, one-pass tag strip lets the
'outer' tag either take source (<nowiki>-style) or pass it down to
further parsing (<ref>-style). There should no longer be surprise
expansion of foreign extensions inside HTML output, or differences
in behavior based on the order tags are loaded.
* (bug 885) Pre-save transform no longer silently appends close tags
* Pre-save transform no longer changes the case of close tags
* Edit security precautions in raw HTML mode, etc
Full release notes:
http://svn.wikimedia.org/viewvc/mediawiki/tags/REL1_6_7/phase3/RELEASE-NOTEShttp://svn.wikimedia.org/viewvc/mediawiki/tags/REL1_6_7/phase3/HISTORY
Download:
http://prdownloads.sourceforge.net/wikipedia/mediawiki-1.6.7.tar.gz
MD5 checksum:
cbcba609339abb5688068e5dc379110b mediawiki-1.6.7.tar.gz
SHA-1 checksum:
b5aadd8240d63c644728d071e4f452d0efacf5bf mediawiki-1.6.7.tar.gz
Before asking for help, try the FAQ:
http://www.mediawiki.org/wiki/FAQ
Low-traffic release announcements mailing list:
(Please subscribe to receive announcements of security updates.)
http://mail.wikimedia.org/mailman/listinfo/mediawiki-announce
Wiki admin help mailing list:
http://mail.wikimedia.org/mailman/listinfo/mediawiki-l
Bug report system:
http://bugzilla.wikimedia.org/
Play "stump the developers" live on IRC:
#mediawiki on irc.freenode.net
- -- brion vibber (brion @ pobox.com)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEhUuXwRnhpk1wk44RAt3lAJ47O0Zy8n3AuM03GM5jvXETaC75ogCfdsEe
JFcS6FqSkz0485oU4HN7eBs=
=8x0L
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
MediaWiki 1.6.6 is a security and bugfix maintenance release.
An XSS injection vector in brace replacement has been fixed, as have some
potential problems with table parsing. Upgrading is strongly recommended
for all users of 1.6. MediaWiki versions 1.5 and earlier are not affected.
As a quick fix, if you are not able to fully upgrade to 1.6.6 you can apply this
two-line patch to fix the main known problems:
http://svn.wikimedia.org/viewvc/mediawiki/branches/REL1_6/phase3/includes/S…
Additionally some localization and user interface updates are included.
* Correct "revertpage" message in English
* (bug 5507) Logouttext uses now wiki markup
* (bug 5857, 5957) Update for German localisation (de)
* (bug 5586) <gallery> treated text as links
* (bug 5957) Update for Hebrew language (he)
* (bug 6025) SpecialImport: wrong message when no file selected
* (bug 6015) EditPage: add spacing in the boxes "edit is minor" and "watch this"
* (bug 6018) Userrights: new message when no user specified ('nouserspecified')
* (bug 6055) Fix for HTML/JS injection bug in variable handler (found by Nick
Jenkins)
* Reordered wiki table handling and __TOC__ extraction in the parser to better
handle some overlapping tag cases.
* Only the first __TOC__ is now turned into a TOC.
* (bug 361) URL in URL, they were almost fixed. Now they are.
Full release notes:
http://svn.wikimedia.org/viewvc/mediawiki/tags/REL1_6_6/phase3/RELEASE-NOTEShttp://svn.wikimedia.org/viewvc/mediawiki/tags/REL1_6_6/phase3/HISTORY
Download:
http://prdownloads.sourceforge.net/wikipedia/mediawiki-1.6.6.tar.gz
MD5 checksum:
b19b11dbe4a9c61bf857f6584e4d6010 mediawiki-1.6.6.tar.gz
SHA-1 checksum:
debb5970dd30632b0d6fff6dd95727da9d730f6f mediawiki-1.6.6.tar.gz
Before asking for help, try the FAQ:
http://www.mediawiki.org/wiki/FAQ
Low-traffic release announcements mailing list:
(Please subscribe to receive announcements of security updates.)
http://mail.wikimedia.org/mailman/listinfo/mediawiki-announce
Wiki admin help mailing list:
http://mail.wikimedia.org/mailman/listinfo/mediawiki-l
Bug report system:
http://bugzilla.wikimedia.org/
Play "stump the developers" live on IRC:
#mediawiki on irc.freenode.net
- -- brion vibber (brion @ pobox.com)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEcutRwRnhpk1wk44RAudPAKDJg58CEg9ROIbTDL3kG8jBrW0AgACfeWTk
25YeMM3CnncCe/QQGK1fyrs=
=JbhE
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
MediaWiki 1.6.4 is a maintenance bug fix release, which rolls up some fixes to
additional minor problems and localization updates to the Spring 2006 quarterly
snapshot.
* Further improvements to Hebrew localisation
* (bug 5544) Fix redirect arrow in Special:Listredirects for right-to-left
languages
* Replace "doubleredirectsarrow" with a content language check that picks
the appropriate arrow
* Remove live debugging hack which caused errors with certain database names
* (bug 5510) Warning produced when using {{SUBPAGENAME}} in some namespaces
* (bug 5548) Improvements to Indonesian localisation [patch: Ivan Lanin]
* (bug 5403) Fix Special:Newpages RSS/Atom feeds
* (bug 3359) Add hooks on completion of file upload
* (bug 5184) CSS misapplied to elements in Special:Allmessages due to
conflicting anchor identifiers
* (bug 5519) Allow sidebar cache to be disabled; disable it by default.
* Add $wgReservedUsernames configuration directive to block account creation/use
* (bug 5576) Remove debugging hack in session check
* (bug 5181) Update "nogomatch" for Slovak
* (bug 5594) Id translation up to '# Login and logout pages' section
* (bug 5536) Use content language for editing help link
* Minor improvements to English language files
* Improvements to German localisation files
* (bug 5628) Translations for MessagesHr.php
* (bug 5595, 5644) Localisation for Bosnian language (bs)
* (bug 5592) Actions are logged with the default language for the
wiki, not the language of the user performing the operation.
* (bug 5646) Compare for identical types in wfElement()
* Fix for concurrency problem in job queue (image description page invalidation)
* (bug 5497) regeression in HTML normalization in 1.6 (unclosed <li>,<dd>,<dt>)
* (bug 5709) Allow customisation of separator for categories
* (bug 4834) Fix XHTML output when using $wgMaxTocLevel
* Improvements to update scripts; print out the version, check for superuser
credentials before attempting a connection, and produce a friendlier error if
the connection fails
* (bug 5005): Fix XHTML <gallery> output.
* (bug 5315) "Expires: -1" HTTP header made strictly valid (using 1970 date).
* (bug 4825): note in DefaultSettings.php about 'profiling' table creation
* Remove unneeded extra whitespace at top of Special:Categories
* Rewrite reassignEdits script to be more efficient; support optional updates to
recent changes table; add reporting and silent modes
* Updated initStats maintenance script
* (bug 5723) Don't count pages linked to from the MediaWiki namespace as "wanted"
* (bug 5789) Treat "loginreqpagetext" as wikitext
* (bug 5796) We require MySQL >=4.0.14
Full release notes:
http://svn.wikimedia.org/viewvc/mediawiki/tags/REL1_6_4/phase3/RELEASE-NOTEShttp://svn.wikimedia.org/viewvc/mediawiki/tags/REL1_6_4/phase3/HISTORY
Download:
http://prdownloads.sourceforge.net/wikipedia/mediawiki-1.6.4.tar.gz
MD5 checksum:
3afc13074e29db9083fb73435e5e7371 mediawiki-1.6.4.tar.gz
Before asking for help, try the FAQ:
http://www.mediawiki.org/wiki/FAQ
Low-traffic release announcements mailing list:
(Please subscribe to receive announcements of security updates.)
http://mail.wikimedia.org/mailman/listinfo/mediawiki-announce
Wiki admin help mailing list:
http://mail.wikimedia.org/mailman/listinfo/mediawiki-l
Bug report system:
http://bugzilla.wikimedia.org/
Play "stump the developers" live on IRC:
#mediawiki on irc.freenode.net
- -- brion vibber (brion @ pobox.com)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEV8sJwRnhpk1wk44RAkmoAKC6egTg4YhnXbPSn9BhbjiSC3a8OgCgsL1T
SwVYtN4ftr3BBgBUsQWlgXw=
=HNzm
-----END PGP SIGNATURE-----