Security reminder: MediaWiki does not require PHP's register_globals
setting since version 1.2.0. If you have it on, turn it *off* if you can.
+== MediaWiki 1.5 beta 3 ==
+
+July 7, 2005
+
+MediaWiki 1.5 beta 3 is a preview release of the new 1.5 release
+series, with a security update over beta 2.
+
+Incorrect escaping of a parameter in the page move template could
+be used to inject JavaScript code by getting a victim to visit a
+maliciously constructed URL. Users of vulnerable releases are
+recommended to upgrade to this release.
+
+Vulnerable versions:
+* 1.5 preview series: n <= 1.5beta2 vulnerable, fixed in 1.5beta3
+* 1.4 stable series: 1.4beta6 <= n <= 1.4.5 vulnerable, fixed in 1.4.6
+* 1.3 legacy series: not vulnerable
+
+This release also includes several bug fixes and localization updates.
+See the changelog at the end of this file for a detailed list.
+
+
+
+== MediaWiki 1.5 beta 2 ==
+
+July 5, 2005
+
+MediaWiki 1.5 beta 2 is a preview release of the new 1.5 release series.
+While most exciting new bugs should have been ironed out at this point,
+third-party wiki operators should probably not run this beta release
+on a public site without closely following additional development.
+
+Anyone who _has_ been running beta 1 is very very strongly advised to
+upgrade to beta 2, as it fixes many bugs from the previous beta including
+a couple of HTML and SQL injections.
+
+This release should be followed by one or two release candidates and
+a 1.5.0 final within the next few weeks.
+
+Beta upgraders, note there are some minor database changes. For upgrades
+from 1.4, see the file UPGRADE for details on significant database and
+configuration file changes.
+
+Beta 2 includes a preliminary command-line XML wiki dump importer tool,
+maintenance/importDump.php, paired with maintenance/dumpBackup.php.
+These use the same format as Special:Export and Special:Import, able
+to package a wiki's entire page set independent of the backend database
+and compression format.
+
== MediaWiki 1.5 beta 1 ==
* Add support for &preload=Page_name (load text of an existing page into
edit area) and &editintro=Page_name (load text of an existing page instead
of MediaWiki:Newpagetext) to &action=edit, if page is new.
-* (bugs 2633, 2672, 2685) Fix Estonian, Portuguese, Italian and Finnish numeric formatting
+* (bugs 2633, 2672, 2685, 2695) Fix Estonian, Portuguese, Italian, Finnish and
+ Spanish numeric formatting
+* Fixed Swedish numeric formatting
* (bug 2658) Fix signature time, localtime to match timezone offset again
* Files from shared repositories (e.g. commons) now display with their
image description pages when viewed on local wikis.
* (bug 923) Fix title and subtitle for rclinked special page
* (bug 2642) watchdetails message in several languages used <a></a> instead of [ ]
* (bug 2181) basic CSB language localisation by Tomasz G. Sienicki (thanks for the patch)
-* (bug 2632) also adjust height when zooming an image by giving only width
* Fix correct use of escaping in edit toolbar bits
+* Removed language conversion support from Icelandic
+* (bug 2616) Fix proportional image scaling, giving correct height
+* (bug 2640) Include width and height attributes on unscaled images
+* Workaround for mysterious problem with bogus epoch If-Last-Modified reqs
+* (bug 1109) Suppress compressed output on 304 responses
+* (bug 2674) Include some site configuration info in export data:
+ namespaces definitions, case-sensitivity, site name, version.
+* Use xml:space="preserve" hint on export <text> elements
+* Make language variant selection work again for zh
+
+== Changes since 1.5beta2 ==
+
+* Escaped & correctly in Special:Contributions
+* (bug 2534) Hide edit sections with CSS to make right click to edit section work
+* (bug 2708) Avoid undefined notice on cookieless login attempt
+* (bug 2188) Correct template namespace for Greek localization
+* Fixed number formatting for Dutch
+* (bug 1355) add class noprint to commonPrint.css
+* (bug 2350) Massive update for Limburgish (li) language using Wikipédia
+* Massive update for Arab (ar) language using Wikipédia
+* (bug 1560) Massive update for Kurdish (ku) language using Wikipédia
+* (bug 2709) Some messages were not read from database
+* (bug 2416) Don't allow search engine robots to index or follow nonexisting articles
+* Fix escaping in page move template.
=== Caveats ===
dépôts / lhc / web / wiklou.git / blobdiff