MediaWiki 1.19.12 Update Released -

“MediaWiki 1.19.12 this release fix a number of security related bugs that could affect users of MediaWiki. Update recommended.”

MediaWiki is a free software wiki package written in PHP, originally for use on Wikipedia. It is now used by several other projects of the non-profit Wikimedia Foundation and by many other wikis.

MediaWiki is designed to be run on a large server farm for a website that gets millions of hits per day.

MediaWiki is an extremely powerful, scalable software and a feature-rich wiki implementation that uses PHP to process and display data stored in a database, such as MySQL.

Changes Detail

SECURITY: Disallow uploading SVG files using non-whitelisted namespaces. Also disallow iframe elements. User will get an error including the namespace name if they use a non- whitelisted namespace.
SECURITY: Make token comparison use constant time. It seems like our token comparison would be vulnerable to timing attacks. This will take constant time.
SECURITY: API: Don’t find links in the middle of api.php links.

[otw_is sidebar=otw-sidebar-8]

More Information

Try Online Demo
MediaWiki 1.19.12 Demo (Softaculous external link)
MediaWiki 1.19.12 Changelog (External link)
Official Website (External link)

Start MediaWiki 1.19.12
Run MediaWiki 1.19.12 from your domain and hosting service. Register a Domain Name if you don’t have one and choose one of our Hosting Plans to install MediaWiki 1.19.12

Hosted MediaWiki 1.19.12
Contact us if you don’t need a domain or hosting service, but want the MediaWiki 1.19.12

[otw_is sidebar=otw-sidebar-7]