Ticket #766 (closed maintenance: fixed)
MediaWiki Security and Maintenance Update 1.23.2
| Reported by: | chris | Owned by: | chris |
|---|---|---|---|
| Priority: | major | Milestone: | Maintenance |
| Component: | Mediawiki | Keywords: | |
| Cc: | ed | Estimated Number of Hours: | 0.0 |
| Add Hours to Ticket: | 0 | Billable?: | yes |
| Total Hours: | 0.35 |
Description (last modified by chris) (diff)
From the MediaWiki-announce list:
I would like to announce the release of MediaWiki 1.23.2, 1.22.9 and 1.19.18. This is a regular security and maintenance release. Download links are given at the end of this email.
Security
- (bug 68187) SECURITY: Prepend jsonp callback with comment.
- (bug 66608) SECURITY: Fix for XSS issue in bug 66608: Generate the URL used for loading a new page in Javascript,instead of relying on the URL in the link that has been clicked.
- (bug 65778) SECURITY: Copy prevent-clickjacking between OutputPage and ParserOutput.
Bugfixes in 1.23.2
- (bug 68313) Preferences: Turn stubthreshold back into a combo box.
- (bug 65214) Fix initSiteStats.php maintenance script.
- (bug 67594) Special:ActiveUsers: Fix to work with PostgreSQL.
Full release notes for 1.23.2:
https://www.mediawiki.org/wiki/Release_notes/1.23
Public keys:
<https://www.mediawiki.org/keys/keys.html>
1.23.2
Download:
https://releases.wikimedia.org/mediawiki/1.23/mediawiki-1.23.2.tar.gz
Patch to previous version (1.23.1):
https://releases.wikimedia.org/mediawiki/1.23/mediawiki-1.23.2.patch.gz
GPG signatures:
https://releases.wikimedia.org/mediawiki/1.23/mediawiki-core-1.23.2.tar.gz.sig
https://releases.wikimedia.org/mediawiki/1.23/mediawiki-1.23.2.tar.gz.sig
https://releases.wikimedia.org/mediawiki/1.23/mediawiki-1.23.2.patch.gz.sig
Note:
There is no i18n patch as there are no changes in translation.
Change History
comment:1 Changed 2 years ago by chris
- Description modified (diff)
- Summary changed from MediaWiki Security and Maintenance Update 1.23.1 to MediaWiki Security and Maintenance Update 1.23.2
comment:2 Changed 2 years ago by chris
- Add Hours to Ticket changed from 0.0 to 0.35
- Status changed from new to closed
- Resolution set to fixed
- Total Hours changed from 0.0 to 0.35
Following the MediaWiki#Updates notes:
sudo -i cd /web/wiki.transitionnetwork.org export MW="1.23.2" wget http://releases.wikimedia.org/mediawiki/1.23/mediawiki-$MW.tar.gz -O mediawiki-$MW.tar.gz wget http://releases.wikimedia.org/mediawiki/1.23/mediawiki-$MW.tar.gz.sig -O mediawiki-$MW.tar.gz.sig gpg --verify mediawiki-$MW.tar.gz.sig tar -zxvf mediawiki-$MW.tar.gz rsync -av mediawiki-$MW/ www/ chown root:root -R www/ chown -R www-data:www-data www/cache/ chown -R www-data:www-data www/images/ cd www/maintenance/ php update.php cd /web/wiki.transitionnetwork.org rm mediawiki-$MW.tar.gz mediawiki-$MW.tar.gz.sig rm -rf mediawiki-$MW
Tested the site using the https://wiki.transitionnetwork.org/Sandbox page and checked the https://wiki.transitionnetwork.org/Special:Version and everything seems fine.
Sorry pasted in the last email not the latest one.