Bug 14008 - mediawiki new upstream version 1.23.3
Summary: mediawiki new upstream version 1.23.3
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: RPM Packages (show other bugs)
Version: 4
Hardware: i586 Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA3TOO has_procedure advisory MGA4-3...
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2014-08-28 22:24 CEST by David Walser
Modified: 2014-09-07 11:56 CEST (History)
2 users (show)

See Also:
Source RPM: mediawiki-1.23.2-1.mga4.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2014-08-28 22:24:36 CEST
Upstream has announced version 1.23.2 on August 27:
https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-August/000159.html

I haven't seen any CVE requests yet and don't even know which fixes are security bugs, so as usual I'll hold the advisory for later.

Updated packages uploaded for Mageia 3, Mageia 4, and Cauldron.

Updated packages in core/updates_testing:
========================
mediawiki-1.23.3-1.mga3
mediawiki-mysql-1.23.3-1.mga3
mediawiki-pgsql-1.23.3-1.mga3
mediawiki-sqlite-1.23.3-1.mga3
mediawiki-1.23.3-1.mga4
mediawiki-mysql-1.23.3-1.mga4
mediawiki-pgsql-1.23.3-1.mga4
mediawiki-sqlite-1.23.3-1.mga4

from SRPMS:
mediawiki-1.23.3-1.mga3.src.rpm
mediawiki-1.23.3-1.mga4.src.rpm

Reproducible: 

Steps to Reproduce:
Comment 1 David Walser 2014-08-28 22:25:04 CEST
Testing Procedure: https://wiki.mageia.org/en/QA_procedure:Mediawiki

Whiteboard: (none) => MGA3TOO has_procedure

Comment 2 David Walser 2014-09-03 01:12:24 CEST
Working fine on our production wiki server at work.

Whiteboard: MGA3TOO has_procedure => MGA3TOO has_procedure MGA4-32-OK

Comment 3 William Murphy 2014-09-04 04:00:56 CEST
Tested on Mageia 3 & 4 for both i586 & x86_64 archs with instances for mysql, postgresql and sqlite.

The mediawiki-ldapauthentication extension doesn't support sqlite, so tested that without ldap authentication. Mysql and postgresql are both supported by it, so tested them using ldap with both tls and ssl.

Updated existing wikis, then cleared databases and installed fresh for each instance. Uploaded images, created new pages and accounts. No problems found.

Testing complete.

------------------------------------------
Update validated.
Thanks.

Advisories: Maybe at a later date.

SRPMS:
mediawiki-1.23.3-1.mga3.src.rpm
mediawiki-1.23.3-1.mga4.src.rpm

Could sysadmin please push from core/updates_testing to core/updates.

Thank you!
------------------------------------------

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs, warrendiogenese
Whiteboard: MGA3TOO has_procedure MGA4-32-OK => MGA3TOO has_procedure MGA4-32-OK MGA3-64-OK MGA3-32-OK MGA4-64-OK

Comment 4 David Walser 2014-09-04 04:13:23 CEST
Thanks William!

That's right, we didn't have an advisory.  Well I still haven't seen any CVE requests.  So this will be very generic.

Actually, now that I look more closely at the release announcement, I think the reference to "Security" in the e-mail subject was a mistake.  The body of the message says "This is a regular maintenance release."

Let's make this a MGAA non-security update then.

Advisory:
--------

This update provides MediaWiki 1.23.3, which fixes several bugs.

References:
https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-August/000159.html

Component: Security => RPM Packages
Summary: mediawiki new security issues fixed upstream in 1.23.3 => mediawiki new upstream version 1.23.3

Comment 5 claire robinson 2014-09-05 18:36:02 CEST
Advisory uploaded.

Whiteboard: MGA3TOO has_procedure MGA4-32-OK MGA3-64-OK MGA3-32-OK MGA4-64-OK => MGA3TOO has_procedure advisory MGA4-32-OK MGA3-64-OK MGA3-32-OK MGA4-64-OK

Comment 6 Mageia Robot 2014-09-07 11:56:49 CEST
An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGAA-2014-0170.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.