diff options
| author | Brion Vibber <brion@users.mediawiki.org> | 2006-07-09 05:16:59 +0000 |
|---|---|---|
| committer | Brion Vibber <brion@users.mediawiki.org> | 2006-07-09 05:16:59 +0000 |
| commit | b1cc527ba267233cce4b76a756b4485e312adb4b (patch) | |
| tree | 09bd5c08a7f04cfd2ea61ef5038efcdb88dbc694 | |
| parent | 66f1530da4414ef18a6a857d957c67b43b29c362 (diff) | |
bump notes1.6.8
Notes
http://mediawiki.org/wiki/Special:Code/MediaWiki/15467
| -rw-r--r-- | RELEASE-NOTES | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES index aed4b843d1cd..e6510dd8d3ff 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -5,11 +5,23 @@ setting since version 1.2.0. If you have it on, turn it *off* if you can. == Mediawiki 1.6.8 == -plapla +July 8, 2006 + +MediaWiki 1.6.8 is a security and bugfix maintenance release of the +Spring 2006 snapshot: + +A potential HTML/JavaScript-injection vulnerability in a debugging script +has been fixed. Only versions and configurations of PHP vulnerable to the +$GLOBALS overwrite vulnerability are affected. + +As a workaround for existing installs, profileinfo.php may simply be deleted +if it's not being used. * (bug 5957) Updates to Hebrew translation (he) * Respect language directionality when displaying arrow in Special:Brokenredirects * (bug 6415) Typo in Parser.php +* Fixed potential XSS in profileinfo.php + == Mediawiki 1.6.7 == |