-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
An XSS injection vulnerability was located in the AJAX support module, affecting MediaWiki 1.6.x and up when the optional setting $wgUseAjax is enabled.
There is no danger in the default configuration, with $wgUseAjax off.
If you are using an extension based on the optional Ajax module, either disable it or upgrade to a version containing the fix:
* 1.9: fixed in 1.9.0rc2 * 1.8: fixed in 1.8.3 * 1.7: fixed in 1.7.2 * 1.6: fixed in 1.6.9
Full release notes: http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_9_0RC2/phase3/RELEASE-N... http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_8_3/phase3/RELEASE-NOTE... http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_7_2/phase3/RELEASE-NOTE... http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_6_9/phase3/RELEASE-NOTE...
Download: http://sourceforge.net/project/showfiles.php?group_id=34373
MD5 checksums: 747d79037d3b90494d7e8b956a6bb9a0 mediawiki-1.9.0rc2.tar.gz 9ef825abfcf0888b22571bbb097480f0 mediawiki-1.8.3.tar.gz ef33231cb1689dc813f4b08e955f4b18 mediawiki-1.7.2.tar.gz 1ce42061b5f7ea6e4101826b969d2ee4 mediawiki-1.6.9.tar.gz
SHA-1 checksums: 1451e8a8a10f41e517c12ede266dd1a5a743d8fe mediawiki-1.9.0rc2.tar.gz fa4daa4376b80f61be5925e6172daa76938d9bad mediawiki-1.8.3.tar.gz f63468ce745bbda6d42f66fc64c713b4fd000ef2 mediawiki-1.7.2.tar.gz a00bcc6b306a92234da0c2cd3d564869a15045a0 mediawiki-1.6.9.tar.gz
Before asking for help, try the FAQ: http://www.mediawiki.org/wiki/Manual:FAQ
Low-traffic release announcements mailing list: (Please subscribe to receive announcements of security updates.) http://lists.wikimedia.org/mailman/listinfo/mediawiki-announce
Wiki admin help mailing list: http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
Bug report system: http://bugzilla.wikimedia.org/
Play "stump the developers" live on IRC: #mediawiki on irc.freenode.net
- -- brion vibber (brion @ pobox.com / brion @ wikimedia.org)
Okay, I haven't gotten to update my Wiki yet, needed major amounts of sleep lol. After seeing a few errors by others, and noticed these have been basically squashed now..
I was just wondering for sure, what'd be the easiest way for me to upgrade mine? I've the upgrade instructions MediaWiki's wiki site there, but still a bit confused.. Last time, I had finally gotten into the SSH or whatever, using PUTTY..
Made my way to the example: wiki.mydomain.net location, and tried a command line, but rather then it going over the files in the root, it placed a folder in there called: phase3 .. =/
Now, just to be sure, what command line should I use on the subdomain name.. to upgrade mine right? I've just backed up my MediaWiki here, database, files and such of course..
Also, when doing this upgrade stuff, I'm correct to assume, all those page changes I made before.. (customizing of the "login / create account" links and so forth) will be overwritten right? And I'll have to reapply these changes again... or? Just was wondering lol.. Thanks in advanced. :)
-- spencerp http://spencerp.net
An XSS injection vulnerability was located in the AJAX support module, affecting MediaWiki 1.6.x and up when the optional setting $wgUseAjax is enabled.
There is no danger in the default configuration, with $wgUseAjax off.
If you are using an extension based on the optional Ajax module, either disable it or upgrade to a version containing the fix:
- 1.9: fixed in 1.9.0rc2
- 1.8: fixed in 1.8.3
- 1.7: fixed in 1.7.2
- 1.6: fixed in 1.6.9
Full release notes: http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_9_0RC2/phase3/RELEASE-N... http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_8_3/phase3/RELEASE-NOTE... http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_7_2/phase3/RELEASE-NOTE... http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_6_9/phase3/RELEASE-NOTE...
Download: http://sourceforge.net/project/showfiles.php?group_id=34373
MD5 checksums: 747d79037d3b90494d7e8b956a6bb9a0 mediawiki-1.9.0rc2.tar.gz 9ef825abfcf0888b22571bbb097480f0 mediawiki-1.8.3.tar.gz ef33231cb1689dc813f4b08e955f4b18 mediawiki-1.7.2.tar.gz 1ce42061b5f7ea6e4101826b969d2ee4 mediawiki-1.6.9.tar.gz
SHA-1 checksums: 1451e8a8a10f41e517c12ede266dd1a5a743d8fe mediawiki-1.9.0rc2.tar.gz fa4daa4376b80f61be5925e6172daa76938d9bad mediawiki-1.8.3.tar.gz f63468ce745bbda6d42f66fc64c713b4fd000ef2 mediawiki-1.7.2.tar.gz a00bcc6b306a92234da0c2cd3d564869a15045a0 mediawiki-1.6.9.tar.gz
Before asking for help, try the FAQ: http://www.mediawiki.org/wiki/Manual:FAQ
Low-traffic release announcements mailing list: (Please subscribe to receive announcements of security updates.) http://lists.wikimedia.org/mailman/listinfo/mediawiki-announce
Wiki admin help mailing list: http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
Bug report system: http://bugzilla.wikimedia.org/
Play "stump the developers" live on IRC: #mediawiki on irc.freenode.net
- -- brion vibber (brion @ pobox.com / brion @ wikimedia.org)
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFo1FGwRnhpk1wk44RAhkpAKCpAoOvgk+5C3Kb0l/3prvhOVd9bQCeL/AK WAUsj8tCaZfJ+X6f20piUoc= =s1qL -----END PGP SIGNATURE-----
MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
On 09/01/07, spencerp spencerp1@gmail.com wrote:
Also, when doing this upgrade stuff, I'm correct to assume, all those page changes I made before.. (customizing of the "login / create account" links and so forth) will be overwritten right? And I'll have to reapply these changes again... or? Just was wondering lol.. Thanks in advanced. :)
No, those will be preserved.
Rob Church
[Rob wrote> No, those will be preserved.~~]
Nice!! Thanks for letting me know Rob. ;) :)
-- spencerp http://spencerp.net
mediawiki-l@lists.wikimedia.org