Hello all,
This message is important to everyone running an instance of Wikibase including the Query Service GUI.
We just released a new version of the Wikidata Query Service GUI. This release is primarily to fix several security issues described in T238822 https://phabricator.wikimedia.org/T238822 and T238824 https://phabricator.wikimedia.org/T238824 (these tasks will be made public soon). These are different from the previous fix we deployed on November 7th. The fix has been successfully deployed for the Wikidata Query Service.
In order to keep your instance safe, please make sure to update your Query Service GUI!
Git repositories, releases and currently active version docker images also include the latest fixed code (see links below). If you have a local test setup using the docker-compose example then see: https://gist.github.com/addshore/36f8d6fe2331d28ca8f70df5abda20fd
Gerrit repositories:
-
https://gerrit.wikimedia.org/r/#/c/wikidata/query/gui/+/553311/ -
https://gerrit.wikimedia.org/r/#/c/wikidata/query/gui-deploy/+/553313/
Docker images:
-
latest: digest: sha256:6570acb916b429f10ccb3bf3479b66aa6697b3fb3982166a09aba87eeaba7c90 -
legacy: digest: sha256:4503257bbe1744ce389f07f6dcbaf53db7569cc3e570e30dd5a85c8d0073a39d
If you have any questions or issues updating your code, please let us know (you can write me an email, or ask in the Wikibase Telegram group https://t.me/joinchat/HGjGexZ9NE7BwpXzMsoDLA)
Thanks for your understanding,
Cheers,