diff options
author | Chad Horohoe <chadh@wikimedia.org> | 2016-08-22 12:17:02 -0700 |
---|---|---|
committer | Chad <chadh@wikimedia.org> | 2016-08-23 03:06:22 +0000 |
commit | 49aff6403bb75ab69baaa369ce87920333ba59d6 (patch) | |
tree | 3a90d31b20fd8e0d1871556ab2ab6c221bc82df4 | |
parent | 4a7fbe8fa040d3bdfd3ed2c0ac1a27d59ae1f7c0 (diff) |
1.23.15: Release notes and bump version number1.23.15
Change-Id: I1135455897919db0894d859692679e072a6b1aa4
-rw-r--r-- | RELEASE-NOTES-1.23 | 11 | ||||
-rw-r--r-- | includes/DefaultSettings.php | 2 |
2 files changed, 12 insertions, 1 deletions
diff --git a/RELEASE-NOTES-1.23 b/RELEASE-NOTES-1.23 index fea66d31c1f6..031249d30a58 100644 --- a/RELEASE-NOTES-1.23 +++ b/RELEASE-NOTES-1.23 @@ -9,6 +9,17 @@ This is a maintenance release of the MediaWiki 1.23 branch. * BREAKING CHANGE: $wgHTTPProxy is now *required* for all external requests made by MediaWiki via a proxy. Relying on the http_proxy environment variable is no longer supported. +* (T139565) SECURITY: API: Generate head items in the context of the given title +* (T137264) SECURITY: XSS in unclosed internal links +* (T133147) SECURITY: Escape '<' and ']]>' in inline <style> blocks +* (T133147) SECURITY: Require login to preview user CSS pages +* (T132926) SECURITY: Do not allow undeleting a revision deleted file if it is + the top file +* (T129738) SECURITY: Make $wgBlockDisablesLogin also restrict logged in + permissions +* (T129738) SECURITY: Make blocks log users out if $wgBlockDisablesLogin is true +* (T115333) SECURITY: Check read permission when loading page content in ApiParse +* Remove support for $wgWellFormedXml = false, all output is now well formed == MediaWiki 1.23.13 == diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php index b2d653a4c486..0179603f0a33 100644 --- a/includes/DefaultSettings.php +++ b/includes/DefaultSettings.php @@ -73,7 +73,7 @@ $wgConfigRegistry = array( * MediaWiki version number * @since 1.2 */ -$wgVersion = '1.23.14'; +$wgVersion = '1.23.15'; /** * Name of the site. It must be changed in LocalSettings.php |