./www/mediawiki, Free software wiki package originally written for Wikipedia

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2016Q1, Version: 1.26.3, Package name: mediawiki-1.26.3, Maintainer: wenheping

MediaWiki is free server-based software which is licensed under the GNU
General Public License (GPL). It's designed to be run on a large server
farm for a website that gets millions of hits per day. MediaWiki is an
extremely powerful, scalable software and a feature-rich wiki implementation,
that uses PHP to process and display data stored in its MySQL database.


Required to run:
[textproc/php-dom] [textproc/php-intl] [textproc/php-json] [databases/php-mysql] [graphics/php-gd]

Required to build:
[www/apache22]

Package options: apache, mysql

Master sites:

SHA1: 788f52be4b5e6f082fe9b0002465f7f361104b25
RMD160: 945d10b1283cf0f44e838de473c28bdf538a3ed8
Filesize: 24588.652 KB

Version history: (Expand)

CVS history: (Expand)


   2016-05-21 21:53:38 by Benny Siegert | Files touched by this commit (3) 
Log message:
Pullup ticket #5027 - requested by wen
www/mediawiki: security fix

Revisions pulled up:
- www/mediawiki/Makefile                                        1.59
- www/mediawiki/PLIST                                           1.28
- www/mediawiki/distinfo                                        1.45

---
   Module Name:    pkgsrc
   Committed By:   wen
   Date:           Sat May 21 11:58:12 UTC 2016

   Modified Files:
           pkgsrc/www/mediawiki: Makefile PLIST distinfo

   Log message:
   Update to 1.26.3

   Upstream changes:
   MediaWiki 1.26.3

   This is a maintenance release of the MediaWiki 1.26 branch.
   Changes since 1.26.2

       (bug T116266) Fixed undefined property notices in DairikiDiff under HHVM.
       (bug T123166) Fix fatal error when importing pages to titles which
   cannot be created, such as invalid titles or titles the user is not
   allowed to edit.
       (bug T122056) Old tokens are remaining valid within a new session
       (bug T127114) Login throttle can be tricked using
   non-canonicalized usernames
       (bug T123653) Cross-domain policy regexp is too narrow
       (bug T123071) Incorrectly identifying http link in a's href
   attributes, due to m modifier in regex
       (bug T129506) MediaWiki:Gadget-popups.js isn't renderable
       (bug T125283) Users occasionally logged in as different users
   after SessionManager deployment
       (bug T103239) Patrol allows click catching and patrolling of any page
       (bug T122807) [tracking] Check php crypto primatives
       (bug T98313) Graphs can leak tokens, leading to CSRF
       (bug T130947) Diff generation should use PoolCounter
       (bug T133507) Careless use of $wgExternalLinkTarget is insecure
       (bug T132874) API action=move is not rate limited
       (bug T110143) strip markers can be used to get around html
   attribute escaping in (bug many?) parser tags
       (bug T116030) Increase pbkdf2 parameter strengths
       (bug T127420) Pbkdf2Password does not check if hash_pbkdf2(bug ) succeeded
       (bug T126685) Globally throttle password attempts