Hi Alex and All others,
Doesn't this very issue go to the heart of the Mediawiki survey of Stakeholders found?
Accordingly to the slideshow on that survey 71% of all independent users of Mediawiki use
an old outdated version of the software. I think we can safely assume almost all of those
users have not updated their sites with security patches. The problem is the technical
knowledge to update Mediawiki is above the average user of the software and/or they lack
command line access. By not having an easy GUI to both update the software and the
extensions to the software it effectively leads to a lot of sites running with the ghost
of Christmas past.
Sent from my iPad
On Dec 4, 2015, at 12:29 PM, Alex Monk
<krenair(a)gmail.com> wrote:
On 4 December 2015 at 19:52, Jan Steinman
<Jan(a)ecoreality.org> wrote:
Having been stung by various upgrades over the years, I tend to not touch
stuff that isn't broken. I'm running several MediaWiki sites between 1.13
and 1.16. I'd sorta like to upgrade, but I don't know what that buys me,
and y'know, they're all working... :-)
Are you aware of what security issues (which are now public) your wikis are
vulnerable to? I am very sceptical that stuff "isn't broken", although I
(personally) am not going to research old issues, find your wiki, and then
attack it, to make a point. Have you really backported/rewritten patches
for all of them yourself? I've been involved in MediaWiki development for a
few years now - and 1.16 was obsolete before I started.
_______________________________________________
MediaWiki-l mailing list
To unsubscribe, go to:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l