Upstream has announced version 1.23.14 on May 20: https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-May/000188.html A bugfix release, 1.23.13, has also been released since our last update: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-December/000187.html I haven't yet seen any CVE requests. Updated packages uploaded for Mageia 5 and Cauldron. Advisory to come later. For now, see the upstream announcement. Testing procedure: https://wiki.mageia.org/en/QA_procedure:Mediawiki Updated packages in core/updates_testing: ======================== mediawiki-1.23.14-1.mga5 mediawiki-mysql-1.23.14-1.mga5 mediawiki-pgsql-1.23.14-1.mga5 mediawiki-sqlite-1.23.14-1.mga5 from mediawiki-1.23.14-1.mga5.src.rpm
Whiteboard: (none) => has_procedure
Working fine on our production wiki at work, Mageia 5 i586.
Whiteboard: has_procedure => has_procedure MGA5-32-OK
Assuming no CVEs come our way soon, here's a generic advisory we can use. Advisory: ======================== Updated mediawiki packages fix security vulnerabilities: The mediawiki package has been updated to version 1.23.14, which fixes multiple security issues and other bugs. See the release announcements for more details. References: https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-December/000187.html https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-May/000188.html
Wanting to test M5 x64 The mirror must be playing up. With Updates Testing repos enabled, MCC/Update System takes about 20m to show its list - and the MediaWiki entries are 1.23.13-1.mga5, not 1.23.14-1.mga5 as in Comment 0. Will re-try tomorrow.
CC: (none) => lewyssmith
There are some mirroring issues afoot. Apparently distrib-coffee is busted (and it's a Tier 1 mirror many others sync with), so you may need to try a different mirror.
Testing M5 x64 with PostgreSQL: OK Updated installed MediaWiki to: mediawiki-1.23.14-1.mga5 mediawiki-pgsql-1.23.14-1.mga5 mediawiki-mysql-1.23.14-1.mga5 Used it a little with Firefox, created/previewed/edited a new page. All seems OK. Validating; advisory in Comment 2 to upload.
Keywords: (none) => validated_updateWhiteboard: has_procedure MGA5-32-OK => has_procedure MGA5-32-OK MGA5-64-OKCC: (none) => sysadmin-bugs
CC: (none) => davidwhodginsWhiteboard: has_procedure MGA5-32-OK MGA5-64-OK => has_procedure MGA5-32-OK MGA5-64-OK advisory
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0210.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
URL: (none) => http://lwn.net/Vulnerabilities/689273/