MediaWiki

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Tim Starling wrote: Unfortunately the 1.12.2 download and patch files are corrupt, missing a large number of files and will not work properly. Until a fixed release is issued, please either pull 1.12.2 ... [More] updates direct from SVN or update directly to 1.13. - -- brion vibber (brion < at > wikimedia.org) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAklH cMACgkQwRnhpk1wk44YzACfQPSphs3pZwLHhGdX78Oxlf1f C00AoKBwwE6XK nJnDAPUOjULwKtl5eC =bZBl -----END PGP SIGNATURE----- _______________________________________________ MediaWiki announcements mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-announce [Less]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This is a security release of MediaWiki 1.13.3, 1.12.1 and 1.6.11. Some of the security issues affect *all* versions of MediaWiki except the versions released today, so all site administrators are ... [More] encouraged to upgrade. Users of the development (trunk) branch should upgrade to r44506 or later. David Remahl of Apple's Product Security team has identified a number of security issues in MediaWiki. Subsequent analysis by the MediaWiki development team led to further discoveries. The issues with a significant impact are as follows: * An XSS vulnerability affecting all MediaWiki installations between 1.13.0 and 1.13.2. [CVE-2008-5249] * A local script injection vulnerability affecting Internet Explorer clients for all MediaWiki installations with uploads enabled. [CVE-2008-5250] * A local script injection vulnerability affecting clients with SVG scripting capability (such as Firefox 1.5 ), for all MediaWiki installations with SVG uploads enabled. [CVE-2008-5250] * A CSRF vulnerability affecting the Special:Import feature, for all MediaWiki installations since the feature was introduced in 1.3.0. [CVE-2008-5252] These four vulnerabilities are all fixed in these releases. XSS (cross-site scripting) vulnerabilities allow an attacker to steal an authorised user's login session, and to act as that user on the wiki. The authorised user must visit a web page controlled by the attacker in order to activate the attack. Intranet wikis are vulnerable if the attacker can determine the intranet URL. Local script injection vulnerabilities are like XSS vulnerabilities, except that the attacker must have an account on the local wiki, and there is no external site involved. The attacker uploads a script to the wiki, which another user is tricked into executing, with the effect that the attacker is able to act as the privileged user. CSRF vulnerabilities allow an attacker to act as an authorised user on the wiki, but unlike an XSS vulnerability, the attacker can only act as the user in a specific and restricted way. The present CSRF vulnerability allows pages to be edited, with forged revision histories. Like an XSS vulnerability, the authorised user must visit the malicious web page to activate the attack. David Remahl also reminded us of some security-related configuration issues: * Since 1.11, by default, MediaWiki stores a backup of deleted images in the images/deleted directory. If you do not want these images to be publically accessible, make sure this directory is not accessible from the web. MediaWiki takes some steps to avoid leaking these images, but these measures are not perfect. * Set display_errors=off in your php.ini to avoid path disclosure via PHP fatal errors. This is the default on most shared web hosts. * Enabling MediaWiki's debugging features, such as $wgShowExceptionDetails, may lead to path disclosure. Users of MediaWiki 1.6.x (the last branch which supported PHP 4) are strongly recommended to upgrade to PHP 5 and MediaWiki 1.13.3. It is not necessary to upgrade to 1.6.11 first, just upgrade directly to the latest version. Upgrade FAQ: http://www.mediawiki.org/wiki/Manual:FAQ#Upgrading Full release notes: http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_13_3/phase3/RELEASE-NOTES http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_12_2/phase3/RELEASE-NOTES http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_6_11/phase3/RELEASE-NOTES ********************************************************************** MEDIAWIKI 1.13.3 ********************************************************************** Download: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.3.tar.gz Patch to previous version (1.13.2), without interface text: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.3.patch.gz Interface text changes: http://download.wikimedia.org/mediawiki/1.13/mediawiki-i18n-1.13.3.patch.gz GPG signatures: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.3.tar.gz.sig http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.3.patch.gz.sig http://download.wikimedia.org/mediawiki/1.13/mediawiki-i18n-1.13.3.patch.gz.sig Public keys: https://secure.wikimedia.org/keys.html ********************************************************************** MEDIAWIKI 1.12.2 ********************************************************************** Download: http://download.wikimedia.org/mediawiki/1.12/mediawiki-1.12.2.tar.gz Patch to previous version (1.12.1), without interface text: http://download.wikimedia.org/mediawiki/1.12/mediawiki-1.12.2.patch.gz Interface text changes: http://download.wikimedia.org/mediawiki/1.12/mediawiki-i18n-1.12.2.patch.gz GPG signatures: http://download.wikimedia.org/mediawiki/1.12/mediawiki-1.12.2.tar.gz.sig http://download.wikimedia.org/mediawiki/1.12/mediawiki-1.12.2.patch.gz.sig http://download.wikimedia.org/mediawiki/1.12/mediawiki-i18n-1.12.2.patch.gz.sig Public keys: https://secure.wikimedia.org/keys.html ********************************************************************** MEDIAWIKI 1.6.11 ********************************************************************** Download: http://download.wikimedia.org/mediawiki/1.6/mediawiki-1.6.11.tar.gz Patch to previous version (1.6.10): http://download.wikimedia.org/mediawiki/1.6/mediawiki-1.6.11.patch.gz GPG signatures: http://download.wikimedia.org/mediawiki/1.6/mediawiki-1.6.11.tar.gz.sig http://download.wikimedia.org/mediawiki/1.6/mediawiki-1.6.11.patch.gz.sig Public keys: https://secure.wikimedia.org/keys.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJRjrodWgrCOij/sQRArfRAKCB2hGPDi0ykHUXndIA0kAgUdW9yACeLZm/ tRkFhqQOG7EWVcpvWDMVjLY= =zgL1 -----END PGP SIGNATURE----- _______________________________________________ MediaWiki announcements mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-announce [Less]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This is a security release of MediaWiki 1.13.3, 1.12.1 and 1.6.11. Some of the security issues affect *all* versions of MediaWiki except the versions released today, so all site administrators are ... [More] encouraged to upgrade. Users of the development (trunk) branch should upgrade to r44506 or later. David Remahl of Apple's Product Security team has identified a number of security issues in MediaWiki. Subsequent analysis by the MediaWiki development team led to further discoveries. The issues with a significant impact are as follows: * An XSS vulnerability affecting all MediaWiki installations between 1.13.0 and 1.13.2. [CVE-2008-5249] * A local script injection vulnerability affecting Internet Explorer clients for all MediaWiki installations with uploads enabled. [CVE-2008-5250] * A local script injection vulnerability affecting clients with SVG scripting capability (such as Firefox 1.5+), for all MediaWiki installations with SVG uploads enabled. [CVE-2008-5250] * A CSRF vulnerability affecting the Special:Import feature, for all MediaWiki installations since the feature was introduced in 1.3.0. [CVE-2008-5252] These four vulnerabilities are all fixed in these releases. XSS (cross-site scripting) vulnerabilities allow an attacker to steal an authorised user's login session, and to act as that user on the wiki. The authorised user must visit a web page controlled by the attacker in order to activate the attack. Intranet wikis are vulnerable if the attacker can determine the intranet URL. Local script injection vulnerabilities are like XSS vulnerabilities, except that the attacker must have an account on the local wiki, and there is no external site involved. The attacker uploads a script to the wiki, which another user is tricked into executing, with the effect that the attacker is able to act as the privileged user. CSRF vulnerabilities allow an attacker to act as an authorised user on the wiki, but unlike an XSS vulnerability, the attacker can only act as the user in a specific and restricted way. The present CSRF vulnerability allows pages to be edited, with forged revision histories. Like an XSS vulnerability, the authorised user must visit the malicious web page to activate the attack. David Remahl also reminded us of some security-related configuration issues: * Since 1.11, by default, MediaWiki stores a backup of deleted images in the images/deleted directory. If you do not want these images to be publically accessible, make sure this directory is not accessible from the web. MediaWiki takes some steps to avoid leaking these images, but these measures are not perfect. * Set display_errors=off in your php.ini to avoid path disclosure via PHP fatal errors. This is the default on most shared web hosts. * Enabling MediaWiki's debugging features, such as $wgShowExceptionDetails, may lead to path disclosure. Users of MediaWiki 1.6.x (the last branch which supported PHP 4) are strongly recommended to upgrade to PHP 5 and MediaWiki 1.13.3. It is not necessary to upgrade to 1.6.11 first, just upgrade directly to the latest version. Upgrade FAQ: http://www.mediawiki.org/wiki/Manual:FAQ#Upgrading Full release notes: http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_13_3/phase3/RELEASE-NOTES http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_12_2/phase3/RELEASE-NOTES http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_6_11/phase3/RELEASE-NOTES ********************************************************************** MEDIAWIKI 1.13.3 ********************************************************************** Download: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.3.tar.gz Patch to previous version (1.13.2), without interface text: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.3.patch.gz Interface text changes: http://download.wikimedia.org/mediawiki/1.13/mediawiki-i18n-1.13.3.patch.gz GPG signatures: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.3.tar.gz.sig http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.3.patch.gz.sig http://download.wikimedia.org/mediawiki/1.13/mediawiki-i18n-1.13.3.patch.gz.sig Public keys: https://secure.wikimedia.org/keys.html ********************************************************************** MEDIAWIKI 1.12.2 ********************************************************************** Download: http://download.wikimedia.org/mediawiki/1.12/mediawiki-1.12.2.tar.gz Patch to previous version (1.12.1), without interface text: http://download.wikimedia.org/mediawiki/1.12/mediawiki-1.12.2.patch.gz Interface text changes: http://download.wikimedia.org/mediawiki/1.12/mediawiki-i18n-1.12.2.patch.gz GPG signatures: http://download.wikimedia.org/mediawiki/1.12/mediawiki-1.12.2.tar.gz.sig http://download.wikimedia.org/mediawiki/1.12/mediawiki-1.12.2.patch.gz.sig http://download.wikimedia.org/mediawiki/1.12/mediawiki-i18n-1.12.2.patch.gz.sig Public keys: https://secure.wikimedia.org/keys.html ********************************************************************** MEDIAWIKI 1.6.11 ********************************************************************** Download: http://download.wikimedia.org/mediawiki/1.6/mediawiki-1.6.11.tar.gz Patch to previous version (1.6.10): http://download.wikimedia.org/mediawiki/1.6/mediawiki-1.6.11.patch.gz GPG signatures: http://download.wikimedia.org/mediawiki/1.6/mediawiki-1.6.11.tar.gz.sig http://download.wikimedia.org/mediawiki/1.6/mediawiki-1.6.11.patch.gz.sig Public keys: https://secure.wikimedia.org/keys.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJRjrodWgrCOij/sQRArfRAKCB2hGPDi0ykHUXndIA0kAgUdW9yACeLZm/ tRkFhqQOG7EWVcpvWDMVjLY= =zgL1 -----END PGP SIGNATURE----- _______________________________________________ MediaWiki announcements mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-announce [Less]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The MediaWiki version number, $wgVersion in includes/DefaultSettings.php, wasn't updated in the release of 1.12.1 and 1.13.2. So these releases will report themselves as being 1.12.0 and 1.13.1 ... [More] respectively, in [[Special:Version]] and other places. A new, corrected tarball has been uploaded. New SHA-1 checksums: c6f6e404ee9152deeec63cdc3278a2a57d556efe mediawiki-1.13.2.tar.gz 046206b342904cb729fd076ddd101534e23b6c07 mediawiki-1.13.2.patch.gz 4500cde3e60351ae2fc0382b8e91654f4cb6a0ff mediawiki-i18n-1.13.2.patch.gz 6f315f88a481daa1a92b1a409e92e036aaca610b mediawiki-1.12.1.tar.gz 1aed1e8083ebe98e884c924dad174c2fb1537d8b mediawiki-1.12.1.patch.gz 71fb3d06c1fe331fecf25cca92ea50bb07ce7465 mediawiki-i18n-1.12.1.patch.gz New MD5 checksums: e10f791ba9ecd02dd751a5676cc84405 mediawiki-1.13.2.tar.gz 2e33ed21c5e889f546556066a2b53806 mediawiki-1.13.2.patch.gz db1e3b46e04a2608ea5429d73465ad03 mediawiki-i18n-1.13.2.patch.gz 00229272c5e1881ff36a07ca95891ca2 mediawiki-1.12.1.tar.gz 885c6dc5bce177563c3d7a14e5167411 mediawiki-1.12.1.patch.gz 82f874b72a65e71e41f4dadf410e0eec mediawiki-i18n-1.12.1.patch.gz - -- Tim Starling -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFI5QTtdWgrCOij/sQRArsGAJ9LxmlBwMVhnj2oPaE3WydOGEFi0wCeO5dL ZudvdYX82fMDt1Gkdyv5wwI= =J5XS -----END PGP SIGNATURE----- [Less]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This is a security and bugfix release of MediaWiki 1.12 and MediaWiki 1.13. A vulnerability has been discovered which allows arbitrary HTML injection and thus possible user account compromise. The ... [More] vulnerability is only present when $wgUseSiteCss is turned on, which is the default. Versions 1.11 and earlier are NOT vulnerable, nor is development branch later than July 28, 2008. Also, there was the potential for a subtle user error while editing $wgGroupPermissions in LocalSettings.php to cause all restrictions to be disabled. This has been rectified. Full release notes: http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_13_2/phase3/RELEASE-NOTES http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_12_1/phase3/RELEASE-NOTES See below for downloads. ********************************************************************** MEDIAWIKI 1.13.2 ********************************************************************** Download: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.2.tar.gz Patch to previous version (1.13.1), without interface text: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.2.patch.gz Interface text changes: http://download.wikimedia.org/mediawiki/1.13/mediawiki-i18n-1.13.2.patch.gz GPG signatures: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.2.tar.gz.sig http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.2.patch.gz.sig http://download.wikimedia.org/mediawiki/1.13/mediawiki-i18n-1.13.2.patch.gz.sig Public keys: https://secure.wikimedia.org/keys.html SHA-1 checksums: b05bc48d3d0959f2954c0f1f8a17c2d28bbf2f30 mediawiki-1.13.2.tar.gz a0c49a51190c129fc47d226352cb4fa720151921 mediawiki-1.13.2.patch.gz 837c7d26e9957ee4e8cd952777809cb8dbe2aea8 mediawiki-i18n-1.13.2.patch.gz MD5 checksums: 74f1877802b663ade2b25ae9e35eef94 mediawiki-1.13.2.tar.gz f3fb6f268f82b9a2287a64d739cdf76f mediawiki-1.13.2.patch.gz c9593580018eb54f5bd5cf6b1f88331e mediawiki-i18n-1.13.2.patch.gz ********************************************************************** MEDIAWIKI 1.12.1 ********************************************************************** Download: http://download.wikimedia.org/mediawiki/1.12/mediawiki-1.12.1.tar.gz Patch to previous version (1.12.0), without interface text: http://download.wikimedia.org/mediawiki/1.12/mediawiki-1.12.1.patch.gz Interface text changes: http://download.wikimedia.org/mediawiki/1.12/mediawiki-i18n-1.12.1.patch.gz GPG signatures: http://download.wikimedia.org/mediawiki/1.12/mediawiki-1.12.1.tar.gz.sig http://download.wikimedia.org/mediawiki/1.12/mediawiki-1.12.1.patch.gz.sig http://download.wikimedia.org/mediawiki/1.12/mediawiki-i18n-1.12.1.patch.gz.sig Public keys: https://secure.wikimedia.org/keys.html SHA-1 checksums: 652e4de6be737d26938041e406fb523713104724 mediawiki-1.12.1.tar.gz 402dd9161bd8d12871210aacc5080a9c775b44b4 mediawiki-1.12.1.patch.gz 1cd7f13cfa1d33ba38fdbd5ba390b78b742cad78 mediawiki-i18n-1.12.1.patch.gz MD5 checksums: 032cce49559e406ce8890608484cc610 mediawiki-1.12.1.tar.gz c35ab55de943287bb9d81bd2f47e65a7 mediawiki-1.12.1.patch.gz e674e4f3e096a14c56273d715d895be5 mediawiki-i18n-1.12.1.patch.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFI5PDMdWgrCOij/sQRArC8AJ9DWwmViFF645RJmSJww6EWlmVhVQCgq3vz 3GLLAXxRjUw3lJiTJzxWf7U= =F/Zo -----END PGP SIGNATURE----- [Less]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MediaWiki 1.13.1 is now available. This is a bugfix release. Changes since 1.13.0: * (bug 15460) Fixed intermittent deadlock errors and poor concurrent performance for installations without ... [More] memcached. * (bug 13770) Fixed DOM module detection for installations with both dom and domxml. * (bug 15148) Fixed Special:BlockIP for PostgreSQL * Fixed SQLite support for installations without memcached. * Localisation updates, Achinese (ace) added. Full release notes: http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_13_1/phase3/RELEASE-NOTES ********************************************************************** Download: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.1.tar.gz Patch to previous version (1.13.0), without interface text: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.1.patch.gz Interface text changes: http://download.wikimedia.org/mediawiki/1.13/mediawiki-i18n-1.13.1.patch.gz GPG signatures: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.1.tar.gz.sig http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.1.patch.gz.sig http://download.wikimedia.org/mediawiki/1.13/mediawiki-i18n-1.13.1.patch.gz.sig Public keys: https://secure.wikimedia.org/keys.html SHA-1 checksums: 41ef2be8939aa27778d93923ba7005165b15876a mediawiki-1.13.1.tar.gz c07136dba374401da8a11c07f8221271b1354138 mediawiki-1.13.1.patch.gz b2876fb00c34e93915a480927798f26e211e679a mediawiki-i18n-1.13.1.patch.gz MD5 checksums: 8e640a5fdad027bd16cd305732f42e77 mediawiki-1.13.1.tar.gz 6afe4884065a3bd404d5ca8938723a63 mediawiki-1.13.1.patch.gz 265c5fa863ddc30524f436d1c67ae7bc mediawiki-i18n-1.13.1.patch.gz - -- Tim Starling -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIwrXVdWgrCOij/sQRAiYUAJ9+V/GfDQZLeLOYNtL/0ZbVY9RYYACdEcZh XvEmCUq2ttM8tytQ3gV11a8= =4KwM -----END PGP SIGNATURE----- [Less]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MediaWiki 1.13.1 is now available. This is a bugfix release. Changes since 1.13.0: * (bug 15460) Fixed intermittent deadlock errors and poor concurrent performance for installations without ... [More] memcached. * (bug 13770) Fixed DOM module detection for installations with both dom and domxml. * (bug 15148) Fixed Special:BlockIP for PostgreSQL * Fixed SQLite support for installations without memcached. * Localisation updates, Achinese (ace) added. Full release notes: http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_13_1/phase3/RELEASE-NOTES ********************************************************************** Download: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.1.tar.gz Patch to previous version (1.13.0), without interface text: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.1.patch.gz Interface text changes: http://download.wikimedia.org/mediawiki/1.13/mediawiki-i18n-1.13.1.patch.gz GPG signatures: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.1.tar.gz.sig http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.1.patch.gz.sig http://download.wikimedia.org/mediawiki/1.13/mediawiki-i18n-1.13.1.patch.gz.sig Public keys: https://secure.wikimedia.org/keys.html SHA-1 checksums: 41ef2be8939aa27778d93923ba7005165b15876a mediawiki-1.13.1.tar.gz c07136dba374401da8a11c07f8221271b1354138 mediawiki-1.13.1.patch.gz b2876fb00c34e93915a480927798f26e211e679a mediawiki-i18n-1.13.1.patch.gz MD5 checksums: 8e640a5fdad027bd16cd305732f42e77 mediawiki-1.13.1.tar.gz 6afe4884065a3bd404d5ca8938723a63 mediawiki-1.13.1.patch.gz 265c5fa863ddc30524f436d1c67ae7bc mediawiki-i18n-1.13.1.patch.gz - -- Tim Starling -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIwrXVdWgrCOij/sQRAiYUAJ9 V/GfDQZLeLOYNtL/0ZbVY9RYYACdEcZh XvEmCUq2ttM8tytQ3gV11a8= =4KwM -----END PGP SIGNATURE----- [Less]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MediaWiki 1.13.0 is now available. MediaWiki is now using a "continuous integration" development model with quarterly snapshot releases. The latest development code is always kept "ready to run", and in ... [More] fact runs our own sites on Wikipedia. MediaWiki 1.13.0 is our latest snapshot release, based on the development code from three weeks ago, with several bugfixes applied. Selected changes since MediaWiki 1.12.0: * 59,000 new localised text messages have been added, taking the total to 266,000, spread across 281 languages * New special pages: FileDuplicateSearch, ListGroupRights * Special:UserRights and Special:SpecialPages have been redesigned * More options on Special:Recentchangeslinked and Special:WhatLinksHere * New parser functions: PAGESINCATEGORY, PAGESIZE * Can hide categories with __HIDDENCAT__ * Friendlier behaviour for users who click a red link but can't edit * Image redirects are now enabled by default * Drop-down AJAX search suggestions ($wgEnableMWSuggest) * Search results show image thumbnails * The search box in the MonoBook sidebar can be moved up by editing [[MediaWiki:Sidebar]] * Double redirects created by a page move can be fixed automatically Changes since release candidate MediaWiki 1.13.0rc2: * (bug 13770) Fixed incorrect detection of PHP's DOM module * Fix regression from r37834: accesskey tooltip hint should be given for the minor edit and watch labels on the edit page. * Updated Chinese simplified/traditional conversion tables Full release notes: http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_13_0/phase3/RELEASE-NOTES ********************************************************************** Download: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.0.tar.gz Patch to previous version (1.13.0rc2) http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.0.patch.gz GPG signatures: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.0.tar.gz.sig http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.0.patch.gz.sig Public keys: https://secure.wikimedia.org/keys.html SHA-1 checksums: f53f7548510a39fd9f365d3097e8a581fdb14353 mediawiki-1.13.0.tar.gz 7243a2b50edb78b6f1882ff09c0882e771502539 mediawiki-1.13.0.patch.gz MD5 checksums: 6e51cb81fd57d90b870e984688734db6 mediawiki-1.13.0.tar.gz a4880023b196238cb0a77af717b4fd8b mediawiki-1.13.0.patch.gz - -- Tim Starling -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIpE7CdWgrCOij/sQRAthwAKC9agD3P0CMjXeWTaaHGsmfXvWEfgCfYxSo nKl2tvJq+BT8u16CjPrG3tI= =Jk7Q -----END PGP SIGNATURE----- [Less]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MediaWiki 1.13.0 is now available. MediaWiki is now using a "continuous integration" development model with quarterly snapshot releases. The latest development code is always kept "ready to run", and in ... [More] fact runs our own sites on Wikipedia. MediaWiki 1.13.0 is our latest snapshot release, based on the development code from three weeks ago, with several bugfixes applied. Selected changes since MediaWiki 1.12.0: * 59,000 new localised text messages have been added, taking the total to 266,000, spread across 281 languages * New special pages: FileDuplicateSearch, ListGroupRights * Special:UserRights and Special:SpecialPages have been redesigned * More options on Special:Recentchangeslinked and Special:WhatLinksHere * New parser functions: PAGESINCATEGORY, PAGESIZE * Can hide categories with __HIDDENCAT__ * Friendlier behaviour for users who click a red link but can't edit * Image redirects are now enabled by default * Drop-down AJAX search suggestions ($wgEnableMWSuggest) * Search results show image thumbnails * The search box in the MonoBook sidebar can be moved up by editing [[MediaWiki:Sidebar]] * Double redirects created by a page move can be fixed automatically Changes since release candidate MediaWiki 1.13.0rc2: * (bug 13770) Fixed incorrect detection of PHP's DOM module * Fix regression from r37834: accesskey tooltip hint should be given for the minor edit and watch labels on the edit page. * Updated Chinese simplified/traditional conversion tables Full release notes: http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_13_0/phase3/RELEASE-NOTES ********************************************************************** Download: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.0.tar.gz Patch to previous version (1.13.0rc2) http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.0.patch.gz GPG signatures: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.0.tar.gz.sig http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.0.patch.gz.sig Public keys: https://secure.wikimedia.org/keys.html SHA-1 checksums: f53f7548510a39fd9f365d3097e8a581fdb14353 mediawiki-1.13.0.tar.gz 7243a2b50edb78b6f1882ff09c0882e771502539 mediawiki-1.13.0.patch.gz MD5 checksums: 6e51cb81fd57d90b870e984688734db6 mediawiki-1.13.0.tar.gz a4880023b196238cb0a77af717b4fd8b mediawiki-1.13.0.patch.gz - -- Tim Starling -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIpE7CdWgrCOij/sQRAthwAKC9agD3P0CMjXeWTaaHGsmfXvWEfgCfYxSo nKl2tvJq BT8u16CjPrG3tI= =Jk7Q -----END PGP SIGNATURE----- [Less]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 A second release candidate for MediaWiki 1.13 is now available. Please try it out and tell us if it works for you. This is a beta release and should be used with care. Selected changes since MediaWiki ... [More] 1.13.0rc1: * Removed $wgForwardSearchUrl * Added magic word __STATICREDIRECT__ to suppress the redirect fixer * Fixed bugs 14907, 14966, 14987, 13376, 14904, 15035 and 14944. Selected changes since MediaWiki 1.12.0: * New special pages: FileDuplicateSearch, ListGroupRights * Special:UserRights and Special:SpecialPages have been redesigned * More options on Special:Recentchangeslinked and Special:WhatLinksHere * New parser functions: PAGESINCATEGORY, PAGESIZE * Can hide categories with __HIDDENCAT__ * Friendlier behaviour for users who click a red link but can't edit * Image redirects are now enabled by default * Drop-down AJAX search suggestions ($wgEnableMWSuggest) * Search results show image thumbnails * The search box in the MonoBook sidebar can be moved up by editing [[MediaWiki:Sidebar]] * Double redirects created by a page move can be fixed automatically Full release notes: http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_13_0RC2/phase3/RELEASE-NOTES Download: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.0rc2.tar.gz GPG signatures: http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.0rc2.tar.gz.sig Public keys: https://secure.wikimedia.org/keys.html SHA-1 checksums: 20fa379f70f85b3f2bd72cb1d7eb06dd4cbd2846 mediawiki-1.13.0rc2.tar.gz MD-5 checksums: 82c24570ace0a90c4192b9225b3b019f mediawiki-1.13.0rc2.tar.gz - -- Tim Starling -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIn8aDdWgrCOij/sQRAueAAJsEO UrhY7W7 wjM/TN125R3pUp0QCfUon2 jUoK8hqfZ0sIXtf/4G9cA2Q= =roc2 -----END PGP SIGNATURE----- [Less]