diff options
author | Tim Starling <tstarling@users.mediawiki.org> | 2011-04-12 03:07:21 +0000 |
---|---|---|
committer | Tim Starling <tstarling@users.mediawiki.org> | 2011-04-12 03:07:21 +0000 |
commit | 674ff5526e52295fe8973d659184f4d4726fbaba (patch) | |
tree | eaf25829cbd998bd65b3848c7f01759b5b20c4c2 | |
parent | 52fca561d0be9c09f26152b8a98eb6c2b0e54a0e (diff) |
Release notes for r85858.1.16.3
Notes
http://mediawiki.org/wiki/Special:Code/MediaWiki/85860
-rw-r--r-- | RELEASE-NOTES | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES index ef1ac7bb7825..cf3f3a77efa5 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -45,12 +45,15 @@ you have the DBA extension for PHP installed, this will improve performance further. == Changes since 1.16.2 == + * (bug 28449) Fixed permissions checks in Special:Import which allowed users without the 'import' permission to import pages from the configured import sources. * (bug 28235) Fixed XSS affecting IE 6 and earlier clients only, due to those browsers looking for a file extension in the query string of the URL, and ignoring the Content-Type header if one is found. +* (bug 28450) Fixed a CSS validation issue involving escaped comments, which + led to XSS for Internet Explorer clients and privacy loss for other clients. == Changes since 1.16.1 == |