Wiki update

In diesem Board könnt Ihr alle "allgemeinen" Fragen zum Thema MyOOS stellen.
Antworten
r23
Beiträge: 2625
Registriert: 18.09.2008, 05:56
Wohnort: Hagen
Kontaktdaten:

Wiki update

Beitrag von r23 »

Hallo,

ich habe heute das update veröffentlicht

http://wiki.myoos.de/index.php?title=Hauptseite

Wer Media Wiki für sein Unternehmen verwendet, empfehle
ich das security and bugfix release zu installieren
This is a security and bugfix release of MediaWiki 1.16.0 and
MediaWiki 1.15.5. Download links are given at the end of this email.

A data leakage vulnerability was discovered, affecting MediaWiki 1.8
and later. Public caching headers were incorrectly set on API
responses containing private data. By means of a CSRF-style attack,
this can lead to the disclosure of various types of private data
stored on a wiki. All users are advised to upgrade. Full details can
be found at:

https://bugzilla.wikimedia.org/show_bug.cgi?id=24565

A cross-site scripting (XSS) vulnerability was discovered in
profileinfo.php. The vulnerability is only exposed when the script is
explicitly enabled in LocalSettings.php, with $wgEnableProfileInfo = true.

A register_globals arbitrary inclusion vulnerability was discovered in
the 1.16 beta release series, in MediaWikiParserTest.php. This
vulnerability does not affect any stable MediaWiki release. It only
affects wikis which have PHP's register_globals feature enabled,
despite our strong advice to the contrary. Apache installations with
AllowOverride enabled may be protected against this vulnerability,
since there is a .htaccess file with "Deny from all" in the relevant path.

In both releases, the interface text was updated with new translations
from translatewiki.net.

Full release notes for 1.15.5:
<http://svn.wikimedia.org/svnroot/mediaw ... EASE-NOTES>

Full release notes for 1.16.0:
<http://svn.wikimedia.org/svnroot/mediaw ... EASE-NOTES>

Upgrade FAQ:
http://www.mediawiki.org/wiki/Manual:FAQ#Upgrading
Das MyOOS Projekt ist Unternehmen behilflich, die Media Wiki für ihr Unternehmen
selber nutzen möchten.

Beste Grüße

Ralf
Antworten