Update Releasenotes and version number for 1.21.41.21.4

Change-Id: I941730963b7546ddc8cf0d2a9ca4c2c4aa939b8c
author: csteipp <csteipp@wikimedia.org> 2014-01-13 17:34:17 -0800
committer: csteipp <csteipp@wikimedia.org> 2014-01-13 17:34:17 -0800
commit: 2c9a9bb041ac4419b69941e02cb99ddfcf4b926d (patch)
tree: 72bea035d9efafcb840816d955c858b7d5a5c92b
parent: 9158487e292bb6f4b2134bd0ae97640569b1df1f (diff)
2 files changed, 13 insertions, 1 deletions
diff --git a/RELEASE-NOTES-1.21 b/RELEASE-NOTES-1.21
index 9e18fa6bef5f..12111aaa3e6a 100644
--- a/RELEASE-NOTES-1.21
+++ b/RELEASE-NOTES-1.21
@@ -3,6 +3,18 @@
 Security reminder: MediaWiki does not require PHP's register_globals. If you
 have it on, turn it '''off''' if you can.
 
+== MediaWiki 1.21.4 ==
+
+This is a security release of the MediaWiki 1.21 branch.
+
+=== Changes since 1.21.3 ===
+
+* (bug 57550) SECURITY: Disallow stylesheets in SVG Uploads
+* (bug 58088) SECURITY: Don't normalize U+FF3C to \ in CSS Checks
+* (bug 58472) SECURITY: Disallow -o-link in styles
+* (bug 58553) SECURITY: Return error on invalid XML for SVG Uploads
+* (bug 58699) SECURITY: Fix RevDel log entry information leaks
+
 == MediaWiki 1.21.3 ==
 
 This is a security and maintenance release of the MediaWiki 1.21 branch.
diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index a56ef8491bb1..a6172f09d518 100644
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -63,7 +63,7 @@ $wgConf = new SiteConfiguration;
  * MediaWiki version number
  * @since 1.2
  */
-$wgVersion = '1.21.3';
+$wgVersion = '1.21.4';
 
 /**
  * Name of the site. It must be changed in LocalSettings.php
author	csteipp <csteipp@wikimedia.org>	2014-01-13 17:34:17 -0800
committer	csteipp <csteipp@wikimedia.org>	2014-01-13 17:34:17 -0800
commit	2c9a9bb041ac4419b69941e02cb99ddfcf4b926d (patch)
tree	72bea035d9efafcb840816d955c858b7d5a5c92b
parent	9158487e292bb6f4b2134bd0ae97640569b1df1f (diff)