diff options
| author | csteipp <csteipp@wikimedia.org> | 2014-01-13 20:58:28 -0800 |
|---|---|---|
| committer | csteipp <csteipp@wikimedia.org> | 2014-01-13 20:58:28 -0800 |
| commit | 11ceb4239c37ea0b0604055d39a954786136e935 (patch) | |
| tree | a7f15b3e036dae37fd75cbb96541ddaffb577c86 | |
| parent | 53237453563466cfd6860ec9cc7f09446f86ad12 (diff) | |
Update Release Notes1.22.1
Change-Id: Icc4757e167bce1c466ba3f39be65b5d2eba4482b
| -rw-r--r-- | RELEASE-NOTES-1.22 | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/RELEASE-NOTES-1.22 b/RELEASE-NOTES-1.22 index d3d74bcddd11..ff858e91e32c 100644 --- a/RELEASE-NOTES-1.22 +++ b/RELEASE-NOTES-1.22 @@ -9,6 +9,11 @@ This is a security and maintenance release of the MediaWiki 1.22 branch. === Changes since 1.22.0 === +* (bug 57550) SECURITY: Disallow stylesheets in SVG Uploads +* (bug 58088) SECURITY: Don't normalize U+FF3C to \ in CSS Checks +* (bug 58472) SECURITY: Disallow -o-link in styles +* (bug 58553) SECURITY: Return error on invalid XML for SVG Uploads +* (bug 58699) SECURITY: Fix RevDel log entry information leaks * (bug 58178) Restore compatibility with curl < 7.16.2. * (bug 56931) Updated the plural rules to CLDR 24. They are in new format which is detailed in UTS 35 Rev 33. The PHP parser and evaluator as well as |