Upstream has announced version 1.23.2 on August 27: https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-August/000159.html I haven't seen any CVE requests yet and don't even know which fixes are security bugs, so as usual I'll hold the advisory for later. Updated packages uploaded for Mageia 3, Mageia 4, and Cauldron. Updated packages in core/updates_testing: ======================== mediawiki-1.23.3-1.mga3 mediawiki-mysql-1.23.3-1.mga3 mediawiki-pgsql-1.23.3-1.mga3 mediawiki-sqlite-1.23.3-1.mga3 mediawiki-1.23.3-1.mga4 mediawiki-mysql-1.23.3-1.mga4 mediawiki-pgsql-1.23.3-1.mga4 mediawiki-sqlite-1.23.3-1.mga4 from SRPMS: mediawiki-1.23.3-1.mga3.src.rpm mediawiki-1.23.3-1.mga4.src.rpm Reproducible: Steps to Reproduce:
Testing Procedure: https://wiki.mageia.org/en/QA_procedure:Mediawiki
Whiteboard: (none) => MGA3TOO has_procedure
Working fine on our production wiki server at work.
Whiteboard: MGA3TOO has_procedure => MGA3TOO has_procedure MGA4-32-OK
Tested on Mageia 3 & 4 for both i586 & x86_64 archs with instances for mysql, postgresql and sqlite. The mediawiki-ldapauthentication extension doesn't support sqlite, so tested that without ldap authentication. Mysql and postgresql are both supported by it, so tested them using ldap with both tls and ssl. Updated existing wikis, then cleared databases and installed fresh for each instance. Uploaded images, created new pages and accounts. No problems found. Testing complete. ------------------------------------------ Update validated. Thanks. Advisories: Maybe at a later date. SRPMS: mediawiki-1.23.3-1.mga3.src.rpm mediawiki-1.23.3-1.mga4.src.rpm Could sysadmin please push from core/updates_testing to core/updates. Thank you! ------------------------------------------
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs, warrendiogeneseWhiteboard: MGA3TOO has_procedure MGA4-32-OK => MGA3TOO has_procedure MGA4-32-OK MGA3-64-OK MGA3-32-OK MGA4-64-OK
Thanks William! That's right, we didn't have an advisory. Well I still haven't seen any CVE requests. So this will be very generic. Actually, now that I look more closely at the release announcement, I think the reference to "Security" in the e-mail subject was a mistake. The body of the message says "This is a regular maintenance release." Let's make this a MGAA non-security update then. Advisory: -------- This update provides MediaWiki 1.23.3, which fixes several bugs. References: https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-August/000159.html
Component: Security => RPM PackagesSummary: mediawiki new security issues fixed upstream in 1.23.3 => mediawiki new upstream version 1.23.3
Advisory uploaded.
Whiteboard: MGA3TOO has_procedure MGA4-32-OK MGA3-64-OK MGA3-32-OK MGA4-64-OK => MGA3TOO has_procedure advisory MGA4-32-OK MGA3-64-OK MGA3-32-OK MGA4-64-OK
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGAA-2014-0170.html
Status: NEW => RESOLVEDResolution: (none) => FIXED