-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
MediaWiki 1.6.8 is a security and bugfix maintenance release of the Spring 2006 snapshot:
A potential HTML/JavaScript-injection vulnerability in a debugging script has been fixed. Only versions and configurations of PHP vulnerable to the $GLOBALS overwrite vulnerability are affected.
As a workaround for existing installs, profileinfo.php may simply be deleted if it's not being used.
* (bug 5957) Updates to Hebrew translation (he) * Respect language directionality when displaying arrow in Special:Brokenredirects * (bug 6415) Typo in Parser.php * Fixed potential XSS in profileinfo.php
Full release notes: http://svn.wikimedia.org/viewvc/mediawiki/tags/REL1_6_8/phase3/RELEASE-NOTES http://svn.wikimedia.org/viewvc/mediawiki/tags/REL1_6_8/phase3/HISTORY
Download: http://prdownloads.sourceforge.net/wikipedia/mediawiki-1.6.8.tar.gz
MD5 checksum: 4befcbe776f8585efe705b9bd799a488 mediawiki-1.6.8.tar.gz
SHA-1 checksum: b2ac945ceef2cac253a1e73b9de1da5f79aa7e77 mediawiki-1.6.8.tar.gz
Before asking for help, try the FAQ: http://www.mediawiki.org/wiki/Help:FAQ
Low-traffic release announcements mailing list: (Please subscribe to receive announcements of security updates.) http://mail.wikimedia.org/mailman/listinfo/mediawiki-announce
Wiki admin help mailing list: http://mail.wikimedia.org/mailman/listinfo/mediawiki-l
Bug report system: http://bugzilla.wikimedia.org/
Play "stump the developers" live on IRC: #mediawiki on irc.freenode.net
- -- brion vibber (brion @ pobox.com)
mediawiki-announce@lists.wikimedia.org