pkgsrc.se | The NetBSD package collection

./www/mediawiki, Free software wiki package originally written for Wikipedia

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2011Q4, Version: 1.17.2, Package name: mediawiki-1.17.2, Maintainer: pkgsrc-users

MediaWiki is free server-based software which is licensed under the GNU
General Public License (GPL). It's designed to be run on a large server
farm for a website that gets millions of hits per day. MediaWiki is an
extremely powerful, scalable software and a feature-rich wiki implementation,
that uses PHP to process and display data stored in its MySQL database.

Required to run:
[databases/php-mysql]

Required to build:
[lang/perl5] [pkgtools/x11-links] [www/apache22]

Package options: apache, mysql

Master sites:

http://download.wikimedia.org/mediawiki/1.17/ (Download)

SHA1: ffaa528ce62527813af21f30022c0c7d8511b641
RMD160: ab3eaad170c9083a046fff1abe00499fef320dc5
Filesize: 14574.163 KB

Version history: (Expand)

(2012-01-13) Updated to version: mediawiki-1.17.2
(2012-01-08) Package added to pkgsrc.se, version mediawiki-1.17.0nb2 (created)

CVS history: (Expand)

2012-01-13 14:20:49 by Matthias Scheler | Files touched by this commit (3) | Package updated

Log message:
Pullup ticket #3649 - requested by obache
www/mediawiki: security update

Revisions pulled up:
- www/mediawiki/Makefile                                        1.18
- www/mediawiki/PLIST                                           1.7
- www/mediawiki/distinfo                                        1.11

---
   Module Name:	pkgsrc
   Committed By:	obache
   Date:		Fri Jan 13 11:27:17 UTC 2012

   Modified Files:
   	pkgsrc/www/mediawiki: Makefile PLIST distinfo

   Log message:
   Update mediawiki to 1.17.2.

   == MediaWiki 1.17.2 ==
   2012-01-11

   This a maintenance and security release of the MediaWiki 1.17 branch.

   === Security changes ===
   * (bug 33117) prop=revisions allows deleted text to be exposed through cache \ 
pollution.

   === Changes since 1.17.1 ===
   * (bug 32709) Private Wiki users were always taken to Special:Badtitle on login.

   == MediaWiki 1.17.1 ==

   2011-11-24

   This a maintenance and security release of the MediaWiki 1.17 branch.

   === Security changes ===
   * (bug 32276) Skins were generating output using the internal page title which
      would allow anonymous users to determine wheter a page exists, potentially
      leaking private data. In fact, the curid and oldid request parameters would
      allow page titles to be enumerated even when they are not guessable.
   * (bug 32616) action=ajax requests were dispatched to the relevant internal
      functions without any read permission checks being done. This could lead to
      data leakage on private wikis.