-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
MediaWiki 1.3.5 is a security update, which contains a small fix for a potential cross-site scripting vulnerability. All MediaWiki 1.3.x users are strongly encouraged to upgrade to this latest release.
The only substantial change from 1.3.4 is in includes/RawPage.php, so you can copy that one file in to perform a 'hotfix'. (Copy also includes/DefaultSettings.php to update the version number.)
Changes from 1.3.4: * Clean up input validation in 'raw' page output mode which was a potential cross-site scripting opportunity.
Release notes: http://sourceforge.net/project/shownotes.php?release_id=271848
Download: http://prdownloads.sf.net/wikipedia/mediawiki-1.3.5.tar.gz?download
Wiki admin help mailing list: http://mail.wikipedia.org/mailman/listinfo/mediawiki-l
Bug report system: http://bugzilla.wikipedia.org/
Play "stump the developers" live on IRC: #mediawiki on irc.freenode.net
- -- brion vibber (brion @ pobox.com)
wikitech-l@lists.wikimedia.org