Thu, 12 Dec 2019 00:21:58 UTC

Information for build mediawiki-1.25.2-2.fc23

ID678529
Package Namemediawiki
Version1.25.2
Release2.fc23
Epoch
SummaryA wiki engine
DescriptionMediaWiki is the software used for Wikipedia and the other Wikimedia Foundation websites. Compared to other wikis, it has an excellent range of features and support for high-traffic websites using multiple servers This package supports wiki farms. Read the instructions for creating wiki instances under /usr/share/doc/mediawiki/README.RPM. Remember to remove the config dir after completing the configuration.
Built bymooninite
State complete
Volume fedora_koji_archive01
StartedThu, 20 Aug 2015 01:38:30 UTC
CompletedThu, 20 Aug 2015 01:45:33 UTC
Taskbuild (f23-candidate, /mediawiki:7de6a3e97ade71b0713fef2de5b8285d2b88101d)
Tags
f23
f23_Beta
RPMs
src
mediawiki-1.25.2-2.fc23.src.rpm (info) (download)
noarch
mediawiki-1.25.2-2.fc23.noarch.rpm (info) (download)
Logs
noarch
root.log
build.log
state.log
Changelog * Wed Aug 19 2015 Michael Cronenworth <mike@cchtml.com> - 1.25.2-2 - Rename shared library directories to not confict with old bundled names * Tue Aug 18 2015 Michael Cronenworth <mike@cchtml.com> - 1.25.2-1 - Update to 1.25.2 - https://www.mediawiki.org/wiki/Release_notes/1.25#MediaWiki_1.25.2 * Wed Jun 24 2015 Michael Cronenworth <mike@cchtml.com> - 1.25.1-3 - Temp workaround for RHBZ#1230630 - Enable tests * Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.25.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Tue May 26 2015 Michael Cronenworth <mike@cchtml.com> - 1.25.1-1 - Update to 1.25.1 - http://www.mediawiki.org/wiki/MediaWiki_1.25 * Thu May 21 2015 Michael Cronenworth <mike@cchtml.com> - 1.24.2-2 - Less restrictive requires on webserver and php engine (rhbz#1223712) * Wed Apr 01 2015 Michael Cronenworth <mike@cchtml.com> - 1.24.2-1 - Update to 1.24.2 - (bug T85848, bug T71210) SECURITY: Don't parse XMP blocks that contain XML entities, to prevent various DoS attacks. - (bug T85848) SECURITY: Don't allow directly calling Xml::isWellFormed, to reduce likelihood of DoS. - (bug T88310) SECURITY: Always expand xml entities when checking SVG's. - (bug T73394) SECURITY: Escape > in Html::expandAttributes to prevent XSS. - (bug T85855) SECURITY: Don't execute another user's CSS or JS on preview. - (bug T64685) SECURITY: Allow setting maximal password length to prevent DoS when using PBKDF2. - (bug T85349, bug T85850, bug T86711) SECURITY: Multiple issues fixed in SVG filtering to prevent XSS and protect viewer's privacy. - Fix case of SpecialAllPages/SpecialAllMessages in SpecialPageFactory to fix loading these special pages when $wgAutoloadAttemptLowercase is false. - (bug T70087) Fix Special:ActiveUsers page for installations using PostgreSQL. - (bug T76254) Fix deleting of pages with PostgreSQL. Requires a schema change and running update.php to fix. * Thu Dec 18 2014 Michael Cronenworth <mike@cchtml.com> - 1.24.1-1 - Update to 1.24.1 - (bug T76686) [SECURITY] thumb.php outputs wikitext message as raw HTML, which could lead to xss. Permission to edit MediaWiki namespace is required to exploit this. - (bug T77028) [SECURITY] Malicious site can bypass CORS restrictions in $wgCrossSiteAJAXdomains in API calls if it only included an allowed domain as part of its name. - (bug T74222) The original patch for T74222 was reverted as unnecessary. - Fixed a couple of entries in RELEASE-NOTES-1.24. - (bug T76168) OutputPage: Add accessors for some protected properties. - (bug T74834) Make 1.24 branch directly installable under PostgreSQL. * Fri Nov 28 2014 Michael Cronenworth <mike@cchtml.com> - 1.24.0-1 - Update to 1.24.0 - Release notes: http://www.mediawiki.org/wiki/Release_notes/1.24 * Mon Nov 03 2014 Michael Cronenworth <mike@cchtml.com> - 1.23.6-1 - Update to 1.23.6 - (bug 67440) Allow classes to be registered properly from installer - (bug 72274) Job queue not running (HTTP 411) due to missing Content-Length: header * Thu Oct 02 2014 Michael Cronenworth <mike@cchtml.com> - 1.23.5-1 - Update to 1.23.5 - CVE-2014-7295 (bug 70672) SECURITY: OutputPage: Remove separation of css and js module allowance. * Fri Sep 26 2014 Michael Cronenworth <mike@cchtml.com> - 1.23.4-1 - Update to 1.23.4 - (bug 69008) SECURITY: Enhance CSS filtering in SVG files. Filter <style> elements; normalize style elements and attributes before filtering; add checks for attributes that contain css; add unit tests for html5sec and reported bugs. - (bug 65998) Make MySQLi work with non-standard socket. - (bug 66986) GlobalVarConfig shouldn't throw exceptions for null-valued config settings. * Thu Aug 28 2014 Michael Cronenworth <mike@cchtml.com> - 1.23.3-1 - Update to 1.23.3 - (bug 68501) Correctly handle incorrect namespace in cleanupTitles.php. - (bug 64970) Fix support for blobs on DatabaseOracle::update. - (bug 66574) Display MediaWiki:Loginprompt on the login page. - (bug 67870) wfShellExec() cuts off stdout at multiples of 8192 bytes. - (bug 60629) Handle invalid language code gracefully in Language::fetchLanguageNames. - (bug 62017) Restore the number of rows shown on Special:Watchlist. - Check for boolean false result from database query in SqlBagOStuff. * Thu Jul 31 2014 Michael Cronenworth <mike@cchtml.com> - 1.23.2-1 - Update to 1.23.2 - (bug 68187) SECURITY: Prepend jsonp callback with comment. - (bug 66608) SECURITY: Fix for XSS issue in bug 66608: Generate the URL used for loading a new page in Javascript,instead of relying on the URL in the link that has been clicked. - (bug 65778) SECURITY: Copy prevent-clickjacking between OutputPage and ParserOutput. - (bug 68313) Preferences: Turn stubthreshold back into a combo box. - (bug 65214) Fix initSiteStats.php maintenance script. - (bug 67594) Special:ActiveUsers: Fix to work with PostgreSQL. * Wed Jun 25 2014 Michael Cronenworth <mike@cchtml.com> - 1.23.1-1 - Update to 1.23.1 - (bug 65839) SECURITY: Prevent external resources in SVG files. - (bug 67025) Special:Watchlist: Don't try to render empty row. - (bug 66922) Don't allow some E_NOTICE messages to end up in the LocalSettings.php. - (bug 66467) FileBackend: Avoid using popen() when "parallelize" is disabled. - (bug 66428) MimeMagic: Don't seek before BOF. This has weird side effects like only extracting the tail of the file partially or not at all. - (bug 66182) Removed -x flag on some php files. * Tue Jun 10 2014 Michael Cronenworth <mike@cchtml.com> - 1.23.0-1 - Update to 1.23.0 * Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.22.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sat May 31 2014 Michael Cronenworth <mike@cchtml.com> - 1.22.7-1 - Update to 1.22.7 - (bug 65501) SECURITY: Don't parse usernames as wikitext on Special:PasswordReset. - (bug 36356) Add space between two feed links. - (bug 63269) Email notifications were not correctly handling the [[MediaWiki:Helppage]] message being set to a full URL. This is a regression from the 1.22.5 point release, which made the default value for it a URL. If you customized [[MediaWiki:Enotif body]] (the text of email notifications), you'll need to edit it locally to include the URL via the new variable $HELPPAGE instead of the parser functions fullurl and canonicalurl; otherwise you don't have to do anything. - Add missing uploadstash.us_props for PostgreSQL. - (bug 56047) Fixed stream wrapper in PhpHttpRequest. * Fri Apr 25 2014 Michael Cronenworth <mike@cchtml.com> - 1.22.6-1 - Update to 1.22.6 - (bug 63251) (CVE-2014-2853) SECURITY: Escape sortKey in pageInfo. * Fri Mar 28 2014 Michael Cronenworth <mike@cchtml.com> - 1.22.5-1 - Update to 1.22.5 - (bug 62497) SECURITY: Add CSRF token on Special:ChangePassword. - (bug 62467) Set a title for the context during import on the cli. - Fix custom local MediaWiki:Helppage values. - mediawiki.js: Fix documentation breakage. - (bug 58153) Make MySQLi work with non standard port. - (bug 53887) Reintroduced a link to help pages in the default sidebar, that any sysop can customize by editing MediaWiki:Sidebar locally. - (bug 53888) Corrected a regression in 1.22 which introduced red links on the login page. If you previously installed 1.22.x and have created a local page to make the red link blue, write its title as in MediaWiki:helplogin-url if you didn't already. Otherwise, you don't need to do anything, but you can translate the help page at https://www.mediawiki.org/wiki/Help:Logging_in . * Sat Mar 15 2014 Michael Cronenworth <mike@cchtml.com> - 1.22.4-1 - Update to 1.22.4 - 1.22 branch now requires php-pecl-jsonc * Sat Mar 01 2014 Michael Cronenworth <mike@cchtml.com> - 1.22.3-1 - Update to 1.22.3 - (bug 60771) SECURITY: Disallow uploading SVG files using non-whitelisted namespaces. Also disallow iframe elements. User will get an error including the namespace name if they use a non- whitelisted namespace. - (bug 61346) SECURITY: Make token comparison use constant time. It seems like our token comparison would be vulnerable to timing attacks. This will take constant time. - (bug 61362) SECURITY: API: Don't find links in the middle of api.php links. - (bug 53710) Add sequence support for upsert in DatabaseOracle in the same way as in selectInsert - (bug 60231, bug 58719) Various fixes to job running code in Wiki.php: Make it async on Windows. Fixed possible "invalid filename" errors on Windows. Redirect output to dev/null to avoid hanging PHP. - (bug 60083) Correct sequence name for fresh Postgres installation. Spotted by gebhkla - (bug 60531) Avoid variable naming conflicts in DatabasePostgres::selectSQLText. Spotted by gebhkla - (bug 60094) Fix rebuildall.php fatal error with PostgreSQL. - (bug 43817) Add error handling if descriptionmsg isn't defined for extension. - (bug 60543) Special:PrefixIndex omits stripprefix=1 for "Next page" link. * Tue Jan 28 2014 Patrick Uiterwijk <puiterwijk@redhat.com> - 1.22.2-1 - Update to 1.22.2 - (bug 60339) (CVE-2014-1610) SECURITY: Reported RCE in djvu thumbnailing - (bug 58253) Check for very old PCRE versions in installer and updater - (bug 60054) Make WikiPage::$mPreparedEdit public * Tue Jan 14 2014 Patrick Uiterwijk <puiterwijk@redhat.com> - 1.22.1-1 - Update to 1.22.1 - (bug 57550) (CVE-2013-6452) SECURITY: Disallow stylesheets in SVG Uploads - (bug 58088) (CVE-2013-6451) SECURITY: Don't normalize U+FF3C to \ in CSS Checks - (bug 58472) (CVE-2013-6454) SECURITY: Disallow -o-link in styles - (bug 58553) (CVE-2013-6453) SECURITY: Return error on invalid XML for SVG Uploads - (bug 58699) (CVE-2013-6472) SECURITY: Fix RevDel log entry information leaks - (bug 58178) Restore compatibility with curl < 7.16.2. - (bug 56931) Updated the plural rules to CLDR 24. They are in new format which is detailed in UTS 35 Rev 33. The PHP parser and evaluator as well as the JavaScript evaluator were updated to support the new format. Plural rules for some languages have changed, most notably Russian. Affected software messages have been updated and marked for review at translatewiki.net. This change is backported from the development branch of MediaWiki 1.23. - (bug 58434) The broken installer for database backend Oracle was fixed. - (bug 58167) The web installer no longer throws an exception when PHP is compiled without support for MySQL yet with support for another DBMS. - (bug 58640) Fixed a compatibility issue with PCRE 8.34 that caused pages to appear blank or with missing text. - (bug 47055) Changed FOR UPDATE handling in Postgresql - (bug 57026) Avoid extra parsing in prepareContentForEdit() * Mon Dec 09 2013 Michael Cronenworth <mike@cchtml.com> - 1.22.0-1 - New upstream release. * Tue Nov 19 2013 Michael Cronenworth <mike@cchtml.com> - 1.21.3-1 - New upstream release. * Sat Oct 05 2013 Michael Cronenworth <mike@cchtml.com> - 1.21.2-2 - Packaging fixes. (#1006110, #1007377) * Thu Sep 05 2013 Michael Cronenworth <mike@cchtml.com> - 1.21.2-1 - New upstream release. * Sat Aug 03 2013 Petr Pisar <ppisar@redhat.com> - 1.21.1-6 - Perl 5.18 rebuild * Sat Jul 27 2013 Michael Cronenworth <mike@cchtml.com> - 1.21.1-5 - Update mw-createinstance - Support for UnversionedDocdirs * Wed Jul 17 2013 Petr Pisar <ppisar@redhat.com> - 1.21.1-4 - Perl 5.18 rebuild * Wed Jul 10 2013 Michael Cronenworth <mike@cchtml.com> - 1.21.1-3 - Fix Obsoletes * Tue Jul 09 2013 Michael Cronenworth <mike@cchtml.com> - 1.21.1-2 - Provide/Obsolete now included extensions (#967811) * Mon Jun 03 2013 Michael Cronenworth <mike@cchtml.com> - 1.21.1-1 - New upstream release. * Tue May 28 2013 Michael Cronenworth <mike@cchtml.com> - 1.21.0-1 - New upstream release. * Tue May 07 2013 Michael Cronenworth <mike@cchtml.com> - 1.20.5-1 - New upstream release. - Obsolete mediawiki116 package. * Wed Apr 17 2013 Michael Cronenworth <mike@cchtml.com> - 1.20.4-1 - New upstream release. * Thu Apr 11 2013 Michael Cronenworth <mike@cchtml.com> - 1.20.3-3 - Update mw-* scripts. (#926899) * Tue Mar 12 2013 Michael Cronenworth <mike@cchtml.com> - 1.20.3-2 - Update mw-createinstance for new access points. * Mon Mar 04 2013 Michael Cronenworth <mike@cchtml.com> - 1.20.3-1 - New upstream release. * Thu Feb 28 2013 Michael Cronenworth <mike@cchtml.com> - 1.20.2-2 - Fix upgrade path. * Wed Feb 27 2013 Michael Cronenworth <mike@cchtml.com> - 1.20.2-1 - New upstream release. * Wed Feb 27 2013 Michael Cronenworth <mike@cchtml.com> - 1.19.3-1 - New upstream release. * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.16.5-62 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.16.5-61 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.16.5-60 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Sun May 08 2011 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.16.5-59 - Update to 1.16.5. * Fri Apr 22 2011 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.16.4-58 - texvc was being accidentially wiped out before packaging it. * Sat Apr 16 2011 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.16.4-57 - Update to 1.16.4. * Sun Apr 03 2011 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.16.2-56 - Update to 1.16.2. - Fixes RH bugs #614065, #644325, #682281, #662402 - Enable suggestions while typing in search boxes by default. - Add some basic mediawiki management scripts. * Fri Sep 10 2010 Nick Bebout <nb@fedoraproject.org> - 1.15.4-55 - Mark mediawiki.conf as config(noreplace) (RH bug #614396). * Mon Jul 05 2010 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.15.4-54 - Update to 1.5.14 (Fixes CVE-2010-1647 CVE-2010-1648). - Change BR php to php-common (RH bug #549822). * Wed Apr 07 2010 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.15.3-53 - Update to 1.15.3 (Fixes login CSRF vulnerability). * Wed Mar 31 2010 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.15.2-51 - Update to 1.15.2 (Fixes CSS validation issue and data leakage vulnerability). * Fri Jul 24 2009 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.15.1-50 - Add a README.RPM and a sample apache mediawiki.conf file. * Thu Jul 23 2009 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.15.1-49 - All (runtime) dependencies from mediawiki need to move to mediawiki-nomath. * Mon Jul 13 2009 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.15.1-48 - Update to 1.15.1 (Fixes XSS vulnerability). * Sat Jul 11 2009 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.15.0-47 - Fix api.php breakage. * Sat Jun 13 2009 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.15.0-46 - Update to 1.15.0. * Thu Apr 16 2009 S390x secondary arch maintainer <fedora-s390x@lists.fedoraproject.org> - ExcludeArch sparc64, s390, s390x as we don't have OCaml on those archs (added sparc64 per request from the sparc maintainer) * Sat Feb 28 2009 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.14.0-45 - Update to 1.14.0. * Sun Feb 22 2009 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.13.4-44 - Split package up, so some users can decide to not install math support (results in smaller installs), see RH bug #485447. * Wed Feb 18 2009 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.13.4-43 - Update to 1.13.4, closes RH bug #485728. * Tue Dec 23 2008 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.13.3-42 - Update to 1.13.3, closes RH bug #476621 (CVE-2008-5249, CVE-2008-5250, CVE-2008-5252 and CVE-2008-5687, CVE-2008-5688) * Sun Oct 05 2008 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.13.2-41 - Update to 1.13.2. * Sun Aug 24 2008 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.13.0-40 - Use consistently Patch0 and %patch0. * Sat Aug 16 2008 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.13.0-39 - Update to 1.13.0. * Wed May 21 2008 Tom "spot" Callaway <tcallawa@redhat.com> 1.10.4-40 - fix license tag * Tue Mar 04 2008 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.10.4-38 - Update to 1.10.4. * Sun Feb 17 2008 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.10.3-37 - Update to 1.10.3. - Fixes CVE-2008-0460 (bug #430286). * Wed May 09 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.10.0-35 - Update to 1.10.0. * Thu Feb 22 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.9.3-34 - Update to 1.9.4. * Mon Feb 05 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.9.2-33 - Update to 1.9.2. * Fri Feb 02 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.9.1-32 - Fix permissions. - Remove some parts not needed at runtime anymore. * Thu Feb 01 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.9.1-31 - Update to 1.9.1. * Sat Oct 14 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.8.2-28 - Update to 1.8.2. * Wed Oct 11 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.8.1-27 - Update to 1.8.1. - Update to 1.8.0. * Mon Jul 10 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - Update to 1.7.1. * Wed Jun 07 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - Update to 1.6.7. * Fri May 26 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - Update to 1.6.6. * Thu Apr 13 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - Update to 1.6.3. * Sat Apr 08 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - Update to 1.6.2. * Fri Apr 07 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - Update to 1.6.1. * Mon Apr 03 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - Update to 1.5.8. * Thu Mar 02 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - Update to 1.5.7. * Thu Jan 19 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - Update to 1.5.6. * Fri Jan 06 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - Update to 1.5.5. * Sun Dec 04 2005 Axel Thimm <Axel.Thimm@ATrpms.net> - Update to 1.5.3. * Fri Nov 04 2005 Axel Thimm <Axel.Thimm@ATrpms.net> - Update to 1.5.2. * Mon Oct 31 2005 Axel Thimm <Axel.Thimm@ATrpms.net> - Update to 1.5.1. * Thu Oct 06 2005 Axel Thimm <Axel.Thimm@ATrpms.net> - Update to 1.5.0. * Fri Sep 02 2005 Axel Thimm <Axel.Thimm@ATrpms.net> - Update to 1.5rc4. * Sun Jul 31 2005 Axel Thimm <Axel.Thimm@ATrpms.net> - Update to 1.5beta4. * Fri Jul 08 2005 Axel Thimm <Axel.Thimm@ATrpms.net> - Update to 1.5beta3. * Tue Jul 05 2005 Axel Thimm <Axel.Thimm@ATrpms.net> - Update to 1.5beta2. * Sun Jul 03 2005 Axel Thimm <Axel.Thimm@ATrpms.net> - Initial build.