+* (bug 2885) More PHP 5.1 fixes: skin, search, log, undelete
+
+Code quality:
+* Use strval() to make sure we don't accidentally get null on bad revision
+ text loads or other fields mucking up XML export output
+* Clean up duplicate code for selection of changeslist style
+* Correct blob caching to reduce redundant blob loads on backups
+* (bug 3182) Clear link cache during import to prevent memory leak
+* Fixed possible infinite loop in formatComment
+* Wrap message page insertions in a transaction to speed up installation
+* Avoid notice warning on edit with no User-Agent header
+* (bug 3649) Remove obsolete, broken moveCustomMessages script
+* Avoid numerous redundant latest-revision lookups in history
+* Require PHP 4.3.2 or higher strictly now.
+* Tweak infinite-template-handling loop for PHP 5.1.1 string handling change
+* Remove unused OutputPage::addCookie()
+* Fix for short_open_tag off again; please don't break this, guys
+* (bug 4507) Adjust FULLPAGENAMEE escaping to standard form
+
+Database:
+* Finally dropped MySQL 3.23.x support
+* Oracle support
+* (bug 3056) MySQL 3 compatibility fix: USE INDEX instead of FORCE INDEX
+* Update all stats fields on recount.sql
+* (bug 3227) Fix SQL injection introduced in experimental code
+* Fix table prefix usage in Block::enumBlocks
+* (bug 3448) Set page_len on undelete
+* (bug 3506) Avoid MySQL error when Listusers returns no results
+* Skip update of disused 'rc_cur_time' field (todo: discard the field)
+* (bug 3735) Fix to run under MySQL 5's strict mode
+* (bug 3786) Experimental support for MySQL 4.1/5.0 utf8 charset mode
+ NOTE: Enabling this may break existing wikis, and still doesn't
+ work for all Unicode characters due to MySQL limitations.
+* MySQL 5.0 strict mode fix for moving unwatched pages
+* Ability to set the table name for external storage servers
+* Update ipblocks table in MySQL 5 table defs
+* Removed FulltextStoplist.php, no longer used (was for MySQL 3.x workaround)
+* Added templatelinks table, to track template inclusions. User-visible effects
+ will be:
+ * (inclusion) tag for inclusions in Special:Whatlinkshere
+ * More accurate list of used templates on the edit page
+ * More reliable cache invalidation when templates outside the template
+ namespace are changed
+
+Documentation:
+* (bug 3306) Document $wgLocalTZoffset
+
+Hooks:
+(list not complete)
+* Move ArticleSave hook execution into Article insert/update functions,
+ so they get called on non-EditPage actions that use these functions
+ to create or update pages.
+* Added EditFilter hook, and output callback on EditPage::showEditForm()
+ for a place to add in captcha-type extensions in the edit flow
+* (bug 3684) Fix typo in fatal error backtraces in Hooks.php
+* Fix for hook callbacks on objects containing no fields
+* Add a hook for additional user creation throttle / limiter extensions
+* Use $wgOut->parse() in wfGetSiteNotice() instead of creating a new parser
+ instance. This allows use of extension hooks if required.
+* Added AutoAuthenticate hook for external User object suppliers
+* Added 'PageRenderingHash' hook for changing the parser cache hash key
+ from an extension that changes rendering based on nonstandard options.
+* Add 'GetInternalURL' hook to match the GetFullURL and GetLocalURL ones
+* (bug 4456) Add hook for marking article patrolled
+
+Images:
+* Support SVG rendering with rsvg
+* Cap arbitrary SVG renders to given image size or $wgSVGMaxSize pixels wide
+* (bug 3127) Render large SVGs at image page size correctly
+* Fix scaling of non-integer SVG unit sizes
+* (bug 2800) Don't scale up small images on |thumb| without explicit size
+* Use the real file link instead of the default-size rasterized version for
+ large SVG images on image description page
+* Include the file name/type/size line for non-resized images
+* (bug 3489) PHP 5.1 compat problem with captioned images
+* (bug 3643) Fix image page display of large images with resizing disabled
+* Added a limit to the size of image files which can be thumbnailed
+* (bug 3806) Gracefully fall back to client-side scaling on |thumb| image
+ that passes $wgMaxImageArea
+* (bug 153) Adjust thumbnail size calculations to match consistently;
+ patch by David Benbennick
+* (bug 4162) Add $wgThumbnailEpoch timestamp to force old thumbs to
+ be rerendered on demand, sitewide
+* (bug 1850) Additional fixes so existing local and remote images
+ get a blue link even if there's no local description page
+* Avoid FATAL ERROR when creating thumbnail of non-existing image
+* (bug 4207) Wrong image size when using 100x200px syntax to scale image up
+ patch by David Benbennick
+* Don't delete thumbnails when refreshing exif metadata. This caused thumbs
+ to vanish mysteriously from time to time for files that didn't have metadata.
+* (bug 4426) Add link to user_talk page on image pages
+
+Installer:
+* (bug 3782) Throw fatal installation warning if mbstring.func_overload on.
+ Why do people invent these crazy options that change language semantics?
+* Fixed installer bugs 921 and 3914 (issues with using root and so forth)
+* (bug 4258) Use ugly urls for ISAPI by default
+ patch by Rob Church
+* Improve installer
+ * Use a superuser account (such as root), if specifed, to create tables
+ * Don't overwrite conservative permissions on the mySQL user with ALL
+ permissions, if said user exists
+ * Changes to some of the wording of explanations for fields
+
+i18n / Languages:
+* Partial support for Basque language (from wikipedia and meta)
+* (bug 3141) Partial support for Breton language (thanks Fulup).
+* Support for venitian language
+* (bug 1334) LanguageGa.php update
+* Finnish date format was hardcoded, now implemented properly
+* (bug 3190) Added some date format choices for language sr
+* (bug 2753) Some namespaces were not translated in LanguageTa.php (Tamil)
+* (bug 3204) Fix typo breaking special pages in fy localization
+* (bug 3177) Estonian date formats not implemented in LanguageEt.php
+* (bug 1020) Changing user interface language does not work immediately
+* (bug 3271) Updated LanguageNn.php for HEAD
+* Experimental feature to allow translation of block expiry times
+ Implementation only for Finnish currently
+* (bug 3304) Language file for Croatian (LanguageHr.php)
+* (bug 2143) Update Vietnamese interface
+* (bug 3063) Remove some hardcodings from Hebrew localisation
+* (bug 3408) Bulgarian formatNum corrected
+* (bug 1512) Disable x-code interp on Esperanto URLs for now, it does more
+ harm than good under current system by breaking incoming URLs with "ux".
+ (Editing is not affected, just URLs.)
+* (bug 1423) LanguageJa.php update
+* Fix language name for dv
+* (bug 3503) Update LanguageSq.php from sq.wikipedia.org messages
+* (bug 3629) Fix date & time format for Frisian
+* (bug 3334) Namespace changes for Polish
+* (bug 3580) Change default Dutch language file to more neutral
+* (bug 3656) LanguageHr.php - added convertPlural
+* (bug 3414) LanguageBe.php - added convertPlural
+* (bug 3163) Full translation of LanguageBr
+* (bug 3617) Update for portuguese language (pt)
+* Namespaces hacks on LanguagePl
+* (bug 3682) LanguageSr.php - added convertPlural
+* (bug 3694) LanguageTr.php update
+* (bug 3711) Removed invisible unicode characters from LanguageHu
+* (bug 2981) Linktrail for Tamil (ta)
+* (bug 3722) Update of Arabic language (ar) Namespace changes
+* Removed hardcoded Norwegian (no) project namespaces
+* (bug 2324) image for redirects should be without text and oriented according to content language
+* (bug 3666) Don't spew PHP warnings in prefs on unrecognized site language
+* (bug 3817) Use localized date formats in preferences; 'no preference' option
+ localizable as 'datedefault' message. Tweaked lots of languages files...
+* (bug 2721) Regression: Use European number separators for vi: wikis
+* (bug 3961) minor languageDe changes
+* (bug 1984) LanguageKo.php (Korean) update
+* (bug 3804) update of LanguageWa.php file
+* (bug 3886) Update for Portuguese language (pt)
+* (bug 4020) Update namespaces for ms
+* (bug 3922) bidi embedding overrides on category links
+* (bug 4061) Update of Slovene namespace names (LanguageSl.php)
+* (bug 4064) LanguageDe comma changes
+* (bug 3922) Further tweaks to bidi overrides in category list for old
+ versions of Safari and Konqueror
+* Fix custom namespaces on wikis set for Portuguese
+* (bug 4153) Fix block length localizations in Greek
+* (bug 3844) ab: av: ba: ce: & kv: now inherit from LanguageRu.php
+ ii: & za: now inherit from LanguageZn_cn.php
+* (bug 4165) Correct validation for user language selection (data taint)
+* (bug 4192) Remove silly 'The Free Encyclopedia' default sitesubtitle
+* Use content-lang for sitenotice
+* (bug 4233) Update LanguageJa.php
+* (bug 4279) Small correction to LanguageDa.php
+* (bug 4108, 4336) Remove trailing whitespace from various messages, which
+ mucks up message updating to create dupe entries
+* (bug 4389) Fix math options on zh-hk and zh-tw (but not localized)
+* (bug 4392) Update of LanguageSr.php
+* (bug 4382) Frisian numeric format
+* (bug 4424) Update for Spanish language (es) 100% messages translated
+* (bug 4425) Typos in Polish translation
+* (bug 4436) Update for Turkish language (tr)
+* (bug 4413) Update of Farsi language file (LanguageFa.php)
+* Update for LanguageSr (Serbian): magic words
+* (bug 137) MediaWiki:Copyrightwarning hardcoding
+* (bug 4457) Update for Portuguese language (pt)
+* convertPlural breakage fixed a little
+* (bug 4144) Support for Sudanese language (Basa Sunda)
+* Big cleanup:
+ - Removed obsolote, badly or untranslated messages
+ - Removed references to wikipedia/wikimedia etc in messages
+ - Other cleanup, like removing html and javascript and extension calls
+ - Removed hardcoded namespaces: Tt, Ms, Ia, Ga, Fo, Bn, Csb, He, Nv, Oc, Tlh
+ - Removed some useless backwards compatibility hacks
+ - Fixed formatnum on many languages
+* wgAmericanDates check produced incorrect results in languages that don't have
+ a such distinction
+* (bug 4548) Update for Portuguese language (pt): time format
+* (bug 4530) Use consistent name for Kurdish
+* Tweak default "upload disabled" text
+
+Parser:
+* (bug 2522) {{CURRENTDAY2}} now shows the current day number with two digits
+* (bug 3210) Fix Media: links with remote image URL path
+* (bug 3405) Don't use raw letters as aliases of MSGNW: and SUBST:
+* (bug 3412) Clean up date format handling so ~~~~-sigs work with default
+ format as designed. Documentation comments updated.
+* Fix Parser::unstrip on PHP 5.1.0RC4
+* (bug 3797) Don't expand variables and sigs in comments
+* Allow parser cache on redirect targets
+* Run wikitext-escaping on plaintext sigs (no wiki markup, just name)
+* Check for unbalanced HTML tags on raw sigs (markup allowed, but show
+ a warning in prefs and use default sig if not balanced)
+* Respect <noinclude> and <includeonly> during {{subst:}} expansion as well as
+ ordinary templates.
+* Support <includeonly> in templates loaded through preload= parameter
+* (bug 3979) Save correct {{REVISIONID}} into parser cache on edit
+* Substitute {{REVISIONID}} correctly in diff display
+* (bug 1850) Allow red-links on image pages linked with [[:image:foo]]
+* Fix XML validity checks in parser tests on PHP 5.1
+* (bug 4377) "[" is not valid in URLs
+* (bug 4453) fix for __TOC__ dollar-number breakage
+
+Upload:
+* (bug 2527) Always set destination filename when new file is selected
+* (bug 3076) Support MacBinary-encoded uploads from IE/Mac
+* (bug 2554) Tell users they are uploading too large file
+* Support for a license selection box on Special:Upload, configurable from MediaWiki:Licenses
+* Add 'reupload' and 'reupload-shared' permission keys to restrict new uploads
+ overwriting existing files; default is the old behavior (allowed).
+
+Security:
+* (bug 3244) Fix remote image loading hack, JavaScript injection on MSIE
+* (bug 3280) Respect 'move' group permission on page moves
+* (bug 2613) Clear saved passwords from the form
+* IP privacy fix for blocklist search on autoblocks
+* Security fix for <math>
+* Security fix for tables
+* Security fix for Special:Upload license selection list
+* Add UploadVerification hook for custom file upload validation/security checks
+* Blacklist additional MSIE CSS safety tricks
+* Fix meta robots tag on Special:Version again to avoid listing vulnerable
+ versions for convenient harvesting by automated worms
+* Sanitizer CSS comment processing order fix
+* Forbid usernames that can be interpreted as titles with namespaces, as that
+ leads to hard-to-manage names.
+* (bug 4071) Generate passwords long enough for $wgMinimalPasswordLength
+* Add createpage and createtalk permission keys, allowing a quick
+ switch to disable page creation for anonymous users.
+* (bug 675) Add page protection level for unregistered/new accounts
+* User::isNewbie now uses the registration date and $wgAutoconfirmAge
+* Add 'deletedhistory' permission key for ability to view deleted history
+ list via Special:Undelete. Default is off, replicating the 1.5 behavior,
+ but it can be turned back on for random users to replicate the previous
+ 1.6 dev behavior.
+* Set cookies to secure mode based on use of HTTPS or $wgCookieSecure
+* (bug 4371) Disallow tilde character in signatures
+* Removed broken wgAllowAnonymousMinor and added new group right minoredit
+* Added detection for WMF files (application/x-msmetafile), added this
+ MIME type to the default blacklist. Prevented inline display of images
+ which are not of known image types. This is in response to
+ http://en.wikipedia.org/wiki/Windows_Metafile_vulnerability
+* Blocked users can no longer roll back, change the protection of, or delete/undelete pages
+* Protect against spoofing of X-Forwarded-For header
+
+Special Pages: