-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

MediaWiki 1.3.4 is a bug fix and security release. File uploads are now tested for validity which should screen out Internet Explorer file type autodetection cross-site scripting vulnerabilities and at least the known instance of the so-called "JPEG virus".

This does not check any existing uploads, and may not catch everything if you've disabled the strict file type checking. Upgrading is highly recommended for any wiki allowing public uploads!

(Upgrading from the previous release should be a simple matter of decompressing the updated files into place, if you have not altered the originals. There are no database structure changes.)

Changes from 1.3.3: * Fixed lots of template-related bugs, esp. for cases where template variables are used for links, images, etc. * Fixed transformation of page messages when viewing Special:Allmessages * Handle "ISBN ISBN 1234" correctly * Fixed warning on Category pages * Fixed some bad error messages on login page * Fixed history entry for initial main page on install * Removed problematic { and } from legal title characters * Strip leading blank from output in preformated text. * Fixed problem when moving pages to titles with '#' in * Optional $wgRawHtml for raw <html> sections. Use only on limited- participation 'trusted' wikis, as it does not protect against cross-site scripting attacks. For security, this option can only be enabled if in $wgWhitelistEdit mode. * Fixed problem where pages which were created as a redirect following a move never showed on Special:Randompage. * Fixed line spacing on printed table of contents * Allow links to pages with names of the form [[RFC 1234]] * Fixed broken edit links being shown for sections from included templates * Verify that uploaded image files are of the claimed type.

Release notes: http://sourceforge.net/project/shownotes.php?release_id=271359

Download: http://prdownloads.sf.net/wikipedia/mediawiki-1.3.4.tar.gz?download

Wiki admin help mailing list: http://mail.wikipedia.org/mailman/listinfo/mediawiki-l

Bug report system: http://bugzilla.wikipedia.org/

Play "stump the developers" live on IRC: #mediawiki on irc.freenode.net

- -- brion vibber (brion @ pobox.com)