= MediaWiki 1.31 =
+== MediaWiki 1.31.1 ==
+
+This is a security and maintenance release of the MediaWiki 1.31 branch.
+
+=== Changes since MediaWiki 1.31.0 ===
+* (T169545, CVE-2018-0503) SECURITY: $wgRateLimits entry for 'user' overrides
+ 'newbie'.
+* (T194605, CVE-2018-0505) SECURITY: BotPasswords can bypass CentralAuth's
+ account lock.
+* (T199029, CVE-2018-13258) SECURITY: Tarball was missing .htaccess files.
+* (T197229) Bundle Nuke extension, it was accidentally omitted.
+* (T193995) Fix undefined patchPath() method call in parser tests.
+* (T198687) Fix various selectFields methods to use the string 'NULL', not null.
+* Special:BotPasswords now requires reauthentication.
+* (T191608, T187638) Add 'logid' parameter to Special:Log.
+* (T193829) Indicate when a Bot Password needs reset.
+* (T198037) GitInfo: Don't try shelling out if it's disabled.
+* (T151415) Log email changes.
+* (T197206) Fix performance regression when multiple DB used without caching.
+* (T197030) PHPSessionHandler: Suppress headers warnings in initialize().
+* (T182377, T196793) Exif: Guard against uncountable tag values.
+* (T200861) Fix total breakage of SQLite web upgrade.
+* (T200864) Fix pingback over-reporting on non-MySQL databases
+* (T202550) Unbreak SpecialListusersHeaderForm and SpecialListusersHeader
+ hooks.
+
== MediaWiki 1.31.0 ==
=== Changes since MediaWiki 1.31.0-rc.2 ===
= MediaWiki 1.30 =
+== MediaWiki 1.30.1 ==
+
+This is a security and maintenance release of the MediaWiki 1.30 branch.
+
+=== Changes since MediaWiki 1.30.0 ===
+* (T169545, CVE-2018-0503) SECURITY: $wgRateLimits entry for 'user' overrides
+ 'newbie'.
+* (T194605, CVE-2018-0505) SECURITY: BotPasswords can bypass CentralAuth's
+ account lock.
+* (T87572) Make FormatMetadata::flattenArrayReal() work for an associative array.
+* Updated composer/spdx-licenses from 1.1.4 to 1.3.0 (development dependency).
+* (T189567) the CLI installer (maintenance/install.php) learned to detect and
+ include extensions. Pass --with-extensions to enable that feature.
+* (T190503) Let built-in web server (maintenance/dev) handle .php requests.
+* (T167507) selenium: Run Chrome headlessly.
+* selenium: Pass -no-sandbox to Chrome under Docker.
+* (T179190) selenium: Move logic for running tests from package.json to selenium.sh
+* (T192584) Stop incorrectly passing USE INDEX to RecentChange::newFromConds().
+* Add default edit rate limit of 90 edits/minute for all users.
+* (T186565) Fix PHP Notice from `ob_end_flush()` in `FileRepo::streamFile()`.
+* oojs/oojs-ui updated to remove an unnecessary dependancy.
+* (T196125) php-memcached 3.0 (provided with PHP 7.0) is now supported.
+* (T118683) Fix exception from &$user deref on HHVM in the TitleMoveComplete hook.
+* (T196672) The mtime of extension.json files is now able to be zero
+* (T180403) Validate $length in padleft/padright parser functions.
+* (T143790) Make $wgEmailConfirmToEdit only affect edit actions.
+* (T193995) Fix undefined patchPath() method call in parser tests.
+* Special:BotPasswords now requires reauthentication.
+* (T191608, T187638) Add 'logid' parameter to Special:Log.
+* (T193829) Indicate when a Bot Password needs reset.
+* (T151415) Log email changes.
+* (T200861) Fix total breakage of SQLite web upgrade.
+* (T202550) Unbreak SpecialListusersHeaderForm and SpecialListusersHeader
+ hooks.
+* (T190539) Explicitly require Postgres 9.1.
+* (T118420) Unbreak Oracle installer.
+
== MediaWiki 1.30.0 ==
=== Changes since MediaWiki 1.30.0-rc.0 ===
= MediaWiki 1.29 =
+== MediaWiki 1.29.3 ==
+
+This is a security and maintenance release of the MediaWiki 1.29 branch.
+
+=== Changes since 1.29.2 ===
+* (T169545, CVE-2018-0503) SECURITY: $wgRateLimits entry for 'user' overrides
+ 'newbie'.
+* (T194605, CVE-2018-0505) SECURITY: BotPasswords can bypass CentralAuth's
+ account lock.
+* (T180551) Fix LanguageSrTest for language converter
+* (T180552) Fix langauge converter parser test with self-close tags
+* (T180537) Remove $wgAuth usage from wrapOldPasswords.php
+* (T180485) InputBox: Have inputbox langconvert certain attributes
+* (T161732, T181547) Upgraded Moment.js from v2.15.0 to v2.19.3.
+* (T172927) Drop vendor from MW release branch
+* (T87572) Make FormatMetadata::flattenArrayReal() work for an associative array
+* Updated composer/spdx-licenses from 1.1.4 to 1.3.0 (development dependency).
+* (T189567) the CLI installer (maintenance/install.php) learned to detect and
+ include extensions. Pass --with-extensions to enable that feature.
+* (T182381) Mask deprecated call in WatchedItemUnitTest
+* (T190503) Let built-in web server (maintenance/dev) handle .php requests.
+* The karma qunit tests would fail on some configuration due to headers already
+ sent. Check headers_sent() before sending cpPosTime headers
+* (T167507) selenium: Run Chrome headlessly.
+* selenium: Pass -no-sandbox to Chrome under Docker
+* (T191247) Use MediaWiki\SuppressWarnings around trigger_error('') instead @
+* (T75174, T161041) Unit test ChangesListSpecialPageTest::testFilterUserExpLevel
+ fails under SQLite.
+* (T192584) Stop incorrectly passing USE INDEX to RecentChange::newFromConds().
+* (T179190) selenium: Move test running logic from package.json to selenium.sh.
+* (T117839, T193200) PDFHandler: Fix for pdfinfo changes in poppler-utils 0.48.
+* Add default edit rate limit of 90 edits/minute for all users.
+* (T196125) php-memcached 3.0 (provided with PHP 7.0) is now supported.
+* (T196672) The mtime of extension.json files is now able to be zero
+* (T180403) Validate $length in padleft/padright parser functions.
+* (T143790) Make $wgEmailConfirmToEdit only affect edit actions.
+* (T194237) Special:BotPasswords now requires reauthentication.
+* (T191608, T187638) Add 'logid' parameter to Special:Log.
+* (T176097) resourceloader: Disable a flaky MessageBlobStoreTest case
+* (T193829) Indicate when a Bot Password needs reset.
+* (T151415) Log email changes.
+* (T118420) Unbreak Oracle installer.
+
== MediaWiki 1.29.2 ==
This is a security and maintenance release of the MediaWiki 1.29 branch.
= MediaWiki 1.27 =
+== MediaWiki 1.27.5 ==
+
+This is a security and maintenance release of the MediaWiki 1.27 branch.
+
+=== Changes since 1.27.4 ===
+* (T169545, CVE-2018-0503) SECURITY: $wgRateLimits entry for 'user' overrides
+ 'newbie'.
+* (T194605, CVE-2018-0505) SECURITY: BotPasswords can bypass CentralAuth's
+ account lock.
+* Upgraded Moment.js from v2.8.4 to v2.19.3.
+* (T160298) Fixed Special:ActiveUsers due to bad backport.
+* (T87572) Make FormatMetadata::flattenArrayReal() work for an associative array.
+* Updated list of SPDX licenses for extensions.
+* (T189567) the CLI installer (maintenance/install.php) learned to detect and
+ include extensions. Pass --with-extensions to enable that feature.
+* (T192584) Stop incorrectly passing USE INDEX to RecentChange::newFromConds().
+* Add default edit rate limit of 90 edits/minute for all users.
+* (T196125) php-memcached 3.0 (provided with PHP 7.0) is now supported.
+* (T196672) The mtime of extension.json files is now able to be zero.
+* (T118683) Fix exception from &$user deref on HHVM in the TitleMoveComplete hook.
+* (T180403) Validate $length in padleft/padright parser functions.
+* (T143790) Make $wgEmailConfirmToEdit only affect edit actions.
+* Special:BotPasswords now requires reauthentication.
+* (T191608, T187638) Add 'logid' parameter to Special:Log.
+* (T193829) Indicate when a Bot Password needs reset.
+* (T151415) Log email changes.
+* (T118420) Unbreak Oracle installer.
+
== MediaWiki 1.27.4 ==
This is a security and maintenance release of the MediaWiki 1.27 branch.
=== Changes since 1.22.9 ===
* (bug 64970) Fix support for blobs on DatabaseOracle::update
-* (bug 60719) In MediaWiki 1.22, the job queue execution on each page request was changed (Gerrit change 59797) so, instead of executing the job inside the same PHP process that's rendering the page, a new PHP cli command is spawned to execute runJobs.php in the background. It will only work if $wgPhpCli is set to an actual path or safe mode is off, otherwise, the old method will be used. https://www.mediawiki.org/wiki/Manual:Job_queue#Changes_introduced_in_MediaWiki_1.22 for more infomation. This change was in earlier releases of 1.22 but was not noted here until now.
+* (bug 60719) In MediaWiki 1.22, the job queue execution on each page request was changed (Gerrit change 59797) so, instead of executing the job inside the same PHP process that's rendering the page, a new PHP cli command is spawned to execute runJobs.php in the background. It will only work if $wgPhpCli is set to an actual path or safe mode is off, otherwise, the old method will be used. https://www.mediawiki.org/wiki/Manual:Job_queue#Changes_introduced_in_MediaWiki_1.22 for more information. This change was in earlier releases of 1.22 but was not noted here until now.
== MediaWiki 1.22.9 ==
This is a security and maintenance release of the MediaWiki 1.22 branch.
* Localisation updates from http://translatewiki.net.
* mwdocgen.php: Implement --version option.
* Remove svnstat stuff used in Doxygen generation
-* (bug 43594) Correctly supress warnings that were missed after the upstream
+* (bug 43594) Correctly suppress warnings that were missed after the upstream
* PHP change to E_STRICT being included in E_ALL.
== MediaWiki 1.20.4 ==
* (bug 11082) Fix check for fully-specced table names in Database::tableName
* (bug 11067) Fix regression in upload conflict thumbnail display
* (bug 10985) Resolved cached entries on Special:DoubleRedirects were being
- supressed, breaking paging - now strikes out "fixed" results
+ suppressed, breaking paging - now strikes out "fixed" results
* (bug 8393) <sup> and <sub> need to be preserved (without attributes) for
entries in the table of contents
* (bug 11114) Fix regression in read-only mode error display during editing
* (bug 1241) Don't show 'cont.' for first entry of the category list
* (bug 1240) Special:Preferences was broken in Slovenian locale when
$wgUseDynamicDates is enabled
-* Added magic word MAG_NOCONTENTCONVERT to supress the conversion of the
+* Added magic word MAG_NOCONTENTCONVERT to suppress the conversion of the
content of an article. Useful in zh:
* write-lock for updating the zh conversion tables in memcache
* recursively parse subpages of MediaWiki:Zhconversiontable
dépôts / lhc / web / wiklou.git / blobdiff