MediaWiki 1.22.1
14 January 2014
MediaWiki version 1.22.1 is now available (security release).
Upgrading to MediaWiki 1.22.1
MediaWiki 1.22.1 can be upgraded to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply MediaWiki updates as new versions are released, or use Installatron's Clone feature to duplicate an existing MediaWiki install to test the 1.22.1 upgrade prior to applying it live. Get started managing your MediaWiki installations with Installatron
What's New in MediaWiki 1.22.1
- (bug 57550) SECURITY: Disallow stylesheets in SVG Uploads
- (bug 58088) SECURITY: Don't normalize U+FF3C to \ in CSS Checks
- (bug 58472) SECURITY: Disallow -o-link in styles
- (bug 58553) SECURITY: Return error on invalid XML for SVG Uploads
- (bug 58699) SECURITY: Fix RevDel log entry information leaks
- (bug 58178) Restore compatibility with curl < 7.16.2.
- (bug 56931) Updated the plural rules to CLDR 24. They are in new format which is detailed in UTS 35 Rev 33. The PHP parser and evaluator as well as the JavaScript evaluator were updated to support the new format. Plural rules for some languages have changed, most notably Russian. Affected software messages have been updated and marked for review at translatewiki.net. This change is backported from the development branch of MediaWiki 1.23.
- (bug 58434) The broken installer for database backend Oracle was fixed.
- (bug 58167) The web installer no longer throws an exception when PHP is compiled without support for MySQL yet with support for another DBMS.
- (bug 58640) Fixed a compatibility issue with PCRE 8.34 that caused pages to appear blank or with missing text.
- (bug 47055) Changed FOR UPDATE handling in Postgresql
- (bug 57026) Avoid extra parsing in prepareContentForEdit()