![]() Fixed a register_globals arbitrary inclusion vulnerability in MediaWikiParserTest.php, introduced in 1.16 beta 1.Fixed a minor header parsing issue when $wgUseXVO = true. Fixed a case where an X-Vary-Options header was sent despite $wgUseXVO being false.Fixed an XSS vulnerability in profileinfo.php for installations with $wgEnableProfileInfo = true (false by default).( bug 24565) Fixed Cache-Control headers sent from API modules, to protect user privacy in the case where an attacker can access the wiki through the same HTTP proxy as a logged-in user.In SQLite full-text search feature: fixed "move page" feature, was non-functional.( bug 23465) Don't ignore the predefined destination filename on Special:Upload after following a red link to a file. ![]() Disabled $wgHitcounterUpdateFreq >1 feature on SQLite, does not work yet.Renamed head, panel, head-base and page-base. ( bug 23597) Fixed conflicts between ID attributes in the Vector skin and parser-generated heading IDs.Fixed plural function for Northern Sami (se).( bug 23767) Fixed PHP warning when REQUEST_URI is blank (IIS issue).For Oracle DB backend: fixed parser tests and table prefix feature.Fixed parser tests broken in 1.16 beta 3.Fixed HTTP client functionality with safe_mode=On.( bug 23264) Fixed breakage of various command line scripts due to extra line endings being inserted by Maintenance::output(). ![]()
0 Comments
Leave a Reply. |