bebe5be3d5
Upstream changes: MediaWiki 1.24.1 This is a security and maintenance release of the MediaWiki 1.24 branch. Changes since 1.24.0 (bug T76686) [SECURITY] thumb.php outputs wikitext message as raw HTML, which could lead to xss. Permission to edit MediaWiki namespace is required to exploit this. (bug T77028) [SECURITY] Malicious site can bypass CORS restrictions in $wgCrossSiteAJAXdomains in API calls if it only included an allowed domain as part of its name. (bug T74222) The original patch for T74222 was reverted as unnecessary. Fixed a couple of entries in RELEASE-NOTES-1.24. (bug T76168) OutputPage: Add accessors for some protected properties. (bug T74834) Make 1.24 branch directly installable under PostgreSQL. |
||
|---|---|---|
| .. | ||
| files | ||
| DESCR | ||
| distinfo | ||
| Makefile | ||
| MESSAGE | ||
| options.mk | ||
| PLIST | ||