path: root/RELEASE-NOTES
diff options
Diffstat (limited to 'RELEASE-NOTES')
1 files changed, 19 insertions, 3 deletions
index 903d0d81..d041b9c3 100644
@@ -3,11 +3,11 @@
Security reminder: MediaWiki does not require PHP's register_globals
setting since version 1.2.0. If you have it on, turn it *off* if you can.
-== MediaWiki 1.15.1 ==
+== MediaWiki 1.15.2 ==
-July 14, 2009
+March 8, 2010
-This is a security and bugfix release of the the 2009 Q2 branch of MediaWiki.
+This is a security and maintenance release.
MediaWiki is now using a "continuous integration" development model with
quarterly snapshot releases. The latest development code is always kept
@@ -20,6 +20,22 @@ will be made on the development trunk and appear in the next quarterly release.
Those wishing to use the latest code instead of a branch release can obtain
it from source control:
+=== Changes since 1.15.1 ===
+* The installer now includes a check for a data corruption issue with certain
+ versions of libxml2 2.7 and PHP earlier than 5.2.9, and also for a PHP bug
+ present in the official release of PHP 5.3.1.
+* (bug 20239) MediaWiki:Imagemaxsize does not contain anymore a <br /> tag which
+ was displayed to the user
+* (bug 21150) SQLite no longer raise an error when deleting files
+* (bug 20880) Fixed updater failure on SQLite backend
+* upgrade1_5.php now requires to be run --update option to prevent confusion
+* Fixed a CSS validation issue which allowed external images to be included
+ into wikis where that is disallowed by configuration.
+* Fixed a data leakage vulnerability for private wikis using img_auth.php or
+ similar image access authentication schemes. Check user permissions before
+ streaming out scaled images from thumb.php.
=== Changes since 1.15.0 ===
* Fixed fatal errors for unusual file repository configurations, such as