Package mediawiki-mysql: Information
Binary package: mediawiki-mysql
Version: 1.40.1-alt2
Architecture: noarch
Build time: Jan 30, 2024, 07:13 PM in the task #338384
Source package: mediawiki
Category: Networking/WWW
Report package bugDownload: mediawiki-mysql-1.40.1-alt2.noarch.rpm
Home page: http://www.mediawiki.org/
License: GPLv2+
Summary: Virtual package for mysql requires for mediawiki
Description:
Install this package, if you wish to run mediawiki with MySQL database.
Maintainer: Vitaly Lipatov
Last changed
Oct. 21, 2023 Vitaly Lipatov 1.40.1-alt2
- fix descriptions of php subpackages - restore .htaccess to disable php execution in data only dirs
Oct. 16, 2023 Vitaly Lipatov 1.40.1-alt1
- new version 1.40.1 (with rpmrb script) - build with php8.2 by default (ALT bug 48033) - (T333050, CVE-2023-45363) SECURITY: Fix infinite loop for self-redirects with variants conversion. - (T340217, CVE-2023-45359) SECURITY: Vector 2022: Numerous unescaped messages leading to potential XSS. - (T340220, CVE-2023-45361) SECURITY: Vector 2022: vector-intro-page message is assumed to yield a valid title. - (T340221, CVE-2023-45360) SECURITY: XSS via 'youhavenewmessagesmanyusers' and 'youhavenewmessages' messages. - (T341529, CVE-2023-45362) SECURITY: diff-multi-sameuser ("X intermediate revisions by the same user not shown") ignores username suppression. - (T341565, CVE-2023-3550) SECURITY: Stored XSS when uploading crafted XML file to Special:Upload (non standard configuration).
Aug. 12, 2023 Vitaly Lipatov 1.40.0-alt1
- new version 1.40.0 (with rpmrb script) - disable AutoReq - (T335612, CVE-2023-36674) SECURITY: Move badFile lookup to Linker. - (T335203, CVE-2023-29197) Upgrade guzzlehttp/psr7 to >= 1.9.1/2.4.5. - (T335612, CVE-2023-36674) Manualthumb bypasses badFile lookup. - (T332889, CVE-2023-36675) XSS in BlockLogFormatter due to unsafe message use.