From 7bf2eb8ba09b54cec804446ea39a3e658773fac9 Mon Sep 17 00:00:00 2001
From: Pierre Schmitz <pierre@archlinux.de>
Date: Sat, 21 May 2016 08:33:14 +0200
Subject: Update to MediaWiki 1.26.3

---
 includes/DefaultSettings.php | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

(limited to 'includes/DefaultSettings.php')

diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index 61fec6e1..7498a021 100644
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -75,7 +75,7 @@ $wgConfigRegistry = array(
  * MediaWiki version number
  * @since 1.2
  */
-$wgVersion = '1.26.2';
+$wgVersion = '1.26.3';
 
 /**
  * Name of the site. It must be changed in LocalSettings.php
@@ -4188,7 +4188,13 @@ $wgDebugTidy = false;
 $wgRawHtml = false;
 
 /**
- * Set a default target for external links, e.g. _blank to pop up a new window
+ * Set a default target for external links, e.g. _blank to pop up a new window.
+ *
+ * This will also set the "noreferrer" and "noopener" link rel to prevent the
+ * attack described at https://mathiasbynens.github.io/rel-noopener/ .
+ * Some older browsers may not support these link attributes, hence
+ * setting $wgExternalLinkTarget to _blank may represent a security risk
+ * to some of your users.
  */
 $wgExternalLinkTarget = false;
 
@@ -4438,9 +4444,9 @@ $wgPasswordConfig = array(
 	),
 	'pbkdf2' => array(
 		'class' => 'Pbkdf2Password',
-		'algo' => 'sha256',
-		'cost' => '10000',
-		'length' => '128',
+		'algo' => 'sha512',
+		'cost' => '30000',
+		'length' => '64',
 	),
 );
 
-- 
cgit v1.2.2