[gvg] 19934: MediaWiki 1.4.8 vendor drop - Ros-diffs

6 Dec 2005

MediaWiki 1.4.8 vendor drop
Added: vendor/mediawiki/
Added: vendor/mediawiki/current/
Added: vendor/mediawiki/current/.cvsignore
Added: vendor/mediawiki/current/AdminSettings.sample
Added: vendor/mediawiki/current/COPYING
Added: vendor/mediawiki/current/FAQ
Added: vendor/mediawiki/current/HISTORY
Added: vendor/mediawiki/current/INSTALL
Added: vendor/mediawiki/current/README
Added: vendor/mediawiki/current/RELEASE-NOTES
Added: vendor/mediawiki/current/UPGRADE
Added: vendor/mediawiki/current/Version.php
Added: vendor/mediawiki/current/config/
Added: vendor/mediawiki/current/config/index.php
Added: vendor/mediawiki/current/docs/
Added: vendor/mediawiki/current/docs/deferred.doc
Added: vendor/mediawiki/current/docs/design.doc
Added: vendor/mediawiki/current/docs/globals.doc
Added: vendor/mediawiki/current/docs/hooks.doc
Added: vendor/mediawiki/current/docs/html/
Added: vendor/mediawiki/current/docs/html/.cvsignore
Added: vendor/mediawiki/current/docs/html/README
Added: vendor/mediawiki/current/docs/language.doc
Added: vendor/mediawiki/current/docs/linkcache.doc
Added: vendor/mediawiki/current/docs/memcached.doc
Added: vendor/mediawiki/current/docs/php-memcached/
Added: vendor/mediawiki/current/docs/php-memcached/ChangeLog
Added: vendor/mediawiki/current/docs/php-memcached/Documentation
Added: vendor/mediawiki/current/docs/schema.doc
Added: vendor/mediawiki/current/docs/skin.doc
Added: vendor/mediawiki/current/docs/title.doc
Added: vendor/mediawiki/current/docs/user.doc
Added: vendor/mediawiki/current/extensions/
Added: vendor/mediawiki/current/extensions/README
Added: vendor/mediawiki/current/images/
Added: vendor/mediawiki/current/images/.cvsignore
Added: vendor/mediawiki/current/images/README
Added: vendor/mediawiki/current/img_auth.php
Added: vendor/mediawiki/current/includes/
Added: vendor/mediawiki/current/includes/.htaccess
Added: vendor/mediawiki/current/includes/Article.php
Added: vendor/mediawiki/current/includes/AuthPlugin.php
Added: vendor/mediawiki/current/includes/Block.php
Added: vendor/mediawiki/current/includes/BlockCache.php
Added: vendor/mediawiki/current/includes/CacheManager.php
Added: vendor/mediawiki/current/includes/CategoryPage.php
Added: vendor/mediawiki/current/includes/ChangesList.php
Added: vendor/mediawiki/current/includes/Credits.php
Added: vendor/mediawiki/current/includes/Database.php
Added: vendor/mediawiki/current/includes/DatabaseFunctions.php
Added: vendor/mediawiki/current/includes/DatabasePostgreSQL.php
Added: vendor/mediawiki/current/includes/DateFormatter.php
Added: vendor/mediawiki/current/includes/DefaultSettings.php
Added: vendor/mediawiki/current/includes/Defines.php
Added: vendor/mediawiki/current/includes/DifferenceEngine.php
Added: vendor/mediawiki/current/includes/EditPage.php
Added: vendor/mediawiki/current/includes/ExternalStore.php
Added: vendor/mediawiki/current/includes/ExternalStoreDB.php
Added: vendor/mediawiki/current/includes/ExternalStoreHttp.php
Added: vendor/mediawiki/current/includes/Feed.php
Added: vendor/mediawiki/current/includes/FulltextStoplist.php
Added: vendor/mediawiki/current/includes/GlobalFunctions.php
Added: vendor/mediawiki/current/includes/Group.php
Added: vendor/mediawiki/current/includes/HTMLForm.php
Added: vendor/mediawiki/current/includes/HistoryBlob.php
Added: vendor/mediawiki/current/includes/Hooks.php
Added: vendor/mediawiki/current/includes/Image.php
Added: vendor/mediawiki/current/includes/ImageGallery.php
Added: vendor/mediawiki/current/includes/ImagePage.php
Added: vendor/mediawiki/current/includes/Interwiki.php
Added: vendor/mediawiki/current/includes/LinkCache.php
Added: vendor/mediawiki/current/includes/LinksUpdate.php
Added: vendor/mediawiki/current/includes/LoadBalancer.php
Added: vendor/mediawiki/current/includes/LogPage.php
Added: vendor/mediawiki/current/includes/MagicWord.php
Added: vendor/mediawiki/current/includes/Math.php
Added: vendor/mediawiki/current/includes/MemcachedSessions.php
Added: vendor/mediawiki/current/includes/MessageCache.php
Added: vendor/mediawiki/current/includes/MessageCacheHints.php
Added: vendor/mediawiki/current/includes/Metadata.php
Added: vendor/mediawiki/current/includes/Namespace.php
Added: vendor/mediawiki/current/includes/ObjectCache.php
Added: vendor/mediawiki/current/includes/OutputPage.php
Added: vendor/mediawiki/current/includes/PageHistory.php
Added: vendor/mediawiki/current/includes/Parser.php
Added: vendor/mediawiki/current/includes/ParserCache.php
Added: vendor/mediawiki/current/includes/ParserXML.php
Added: vendor/mediawiki/current/includes/Profiling.php
Added: vendor/mediawiki/current/includes/ProxyTools.php
Added: vendor/mediawiki/current/includes/QueryPage.php
Added: vendor/mediawiki/current/includes/RawPage.php
Added: vendor/mediawiki/current/includes/RecentChange.php
Added: vendor/mediawiki/current/includes/SearchEngine.php
Added: vendor/mediawiki/current/includes/SearchMySQL3.php
Added: vendor/mediawiki/current/includes/SearchMySQL4.php
Added: vendor/mediawiki/current/includes/SearchTsearch2.php
Added: vendor/mediawiki/current/includes/SearchUpdate.php
Added: vendor/mediawiki/current/includes/Setup.php
Added: vendor/mediawiki/current/includes/SiteConfiguration.php
Added: vendor/mediawiki/current/includes/SiteStatsUpdate.php
[truncated at 100 lines; 485 more skipped] 
  _____
Added: vendor/mediawiki/current/.cvsignore

--- vendor/mediawiki/current/.cvsignore	2005-12-06 19:11:08 UTC (rev
19933)
+++ vendor/mediawiki/current/.cvsignore	2005-12-06 19:30:16 UTC (rev
19934)
@@ -0,0 +1,8 @@
+LocalSettings.php
+AdminSettings.php
+*~
+bin
+.classpath
+.project
+project.index
+.metadata*
Property changes on: vendor/mediawiki/current/.cvsignore
___________________________________________________________________
Name: svn:eol-style
   + native
  _____
Added: vendor/mediawiki/current/AdminSettings.sample
--- vendor/mediawiki/current/AdminSettings.sample	2005-12-06
19:11:08 UTC (rev 19933)
+++ vendor/mediawiki/current/AdminSettings.sample	2005-12-06
19:30:16 UTC (rev 19934)
@@ -0,0 +1,26 @@
+<?php
+/**
+ * This file should be copied to AdminSettings.php, and modified
+ * to reflect local settings. It is required for the maintenance
+ * scripts which run on the command line, as an extra security
+ * measure to allow using a separate user account with higher
+ * privileges to do maintenance work.
+ *
+ * Developers: Do not check AdminSettings.php into CVS!
+ *
+ * @package MediaWiki
+ */
+
+/*
+ * This data is used by all database maintenance scripts
+ * (see directory maintenance/). The SQL user MUST BE
+ * MANUALLY CREATED or set to an existing user with
+ * necessary permissions.
+ *
+ * This is not to be confused with sysop accounts for the
+ * wiki.
+ */
+$wgDBadminuser      = 'wikiadmin';
+$wgDBadminpassword  = 'adminpass';
+
+?>
Property changes on: vendor/mediawiki/current/AdminSettings.sample
___________________________________________________________________
Name: svn:eol-style
   + native
  _____
Added: vendor/mediawiki/current/COPYING
--- vendor/mediawiki/current/COPYING	2005-12-06 19:11:08 UTC (rev
19933)
+++ vendor/mediawiki/current/COPYING	2005-12-06 19:30:16 UTC (rev
19934)
@@ -0,0 +1,340 @@
+		    GNU GENERAL PUBLIC LICENSE
+		       Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.
+                       59 Temple Place, Suite 330, Boston, MA
02111-1307  USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+			    Preamble
+
+  The licenses for most software are designed to take away your
+freedom to share and change it.  By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users.  This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it.  (Some other Free Software Foundation software is covered by
+the GNU Library General Public License instead.)  You can apply it to
+your programs, too.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+  To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+  For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have.  You must make sure that they, too, receive or can get the
+source code.  And you must show them these terms so they know their
+rights.
+
+  We protect your rights with two steps: (1) copyright the software,
and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+  Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software.  If the software is modified by someone else and passed on,
we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+  Finally, any free program is threatened constantly by software
+patents.  We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary.  To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+		    GNU GENERAL PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License.  The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language.  (Hereinafter, translation is included without limitation in
+the term "modification".)  Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope.  The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+  1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+  2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+    a) You must cause the modified files to carry prominent notices
+    stating that you changed the files and the date of any change.
+
+    b) You must cause any work that you distribute or publish, that in
+    whole or in part contains or is derived from the Program or any
+    part thereof, to be licensed as a whole at no charge to all third
+    parties under the terms of this License.
+
+    c) If the modified program normally reads commands interactively
+    when run, you must cause it, when started running for such
+    interactive use in the most ordinary way, to print or display an
+    announcement including an appropriate copyright notice and a
+    notice that there is no warranty (or else, saying that you provide
+    a warranty) and that users may redistribute the program under
+    these conditions, and telling the user how to view a copy of this
+    License.  (Exception: if the Program itself is interactive but
+    does not normally print such an announcement, your work based on
+    the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole.  If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works.  But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote
it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+  3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+    a) Accompany it with the complete corresponding machine-readable
+    source code, which must be distributed under the terms of Sections
+    1 and 2 above on a medium customarily used for software
interchange; or,
+
+    b) Accompany it with a written offer, valid for at least three
+    years, to give any third party, for a charge no more than your
+    cost of physically performing source distribution, a complete
+    machine-readable copy of the corresponding source code, to be
+    distributed under the terms of Sections 1 and 2 above on a medium
+    customarily used for software interchange; or,
+
+    c) Accompany it with the information you received as to the offer
+    to distribute corresponding source code.  (This alternative is
+    allowed only for noncommercial distribution and only if you
+    received the program in object code or executable form with such
+    an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it.  For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable.  However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+  4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License.  Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+  5. You are not required to accept this License, since you have not
+signed it.  However, nothing else grants you permission to modify or
+distribute the Program or its derivative works.  These actions are
+prohibited by law if you do not accept this License.  Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+  6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions.  You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+  7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all.  For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices.  Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+  8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded.  In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+  9. The Free Software Foundation may publish revised and/or new
versions
+of the General Public License from time to time.  Such new versions
will
+be similar in spirit to the present version, but may differ in detail
to
+address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and
conditions
+either of that version or of any later version published by the Free
+Software Foundation.  If the Program does not specify a version number
of
+this License, you may choose any version ever published by the Free
Software
+Foundation.
+
+  10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the
author
+to ask for permission.  For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we
sometimes
+make exceptions for this.  Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software
and
+of promoting the sharing and reuse of software generally.
+
+			    NO WARRANTY
+
+  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO
WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT
WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER
EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK
AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY
SERVICING,
+REPAIR OR CORRECTION.
+
+  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR
DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES
ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT
LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED
BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY
OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+		     END OF TERMS AND CONDITIONS
+
+	    How to Apply These Terms to Your New Programs
+
+  If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these
terms.
+
+  To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the program's name and a brief idea of what it
does.>
+    Copyright (C) <year>  <name of author>
+
+    This program is free software; you can redistribute it and/or
modify
+    it under the terms of the GNU General Public License as published
by
+    the Free Software Foundation; either version 2 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
02111-1307  USA
+
+
+Also add information on how to contact you by electronic and paper
mail.
+
+If the program is interactive, make it output a short notice like this
+when it starts in an interactive mode:
+
+    Gnomovision version 69, Copyright (C) year name of author
+    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type
`show w'.
+    This is free software, and you are welcome to redistribute it
+    under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the
appropriate
+parts of the General Public License.  Of course, the commands you use
may
+be called something other than `show w' and `show c'; they could even
be
+mouse-clicks or menu items--whatever suits your program.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the program, if
+necessary.  Here is a sample; alter the names:
+
+  Yoyodyne, Inc., hereby disclaims all copyright interest in the
program
+  `Gnomovision' (which makes passes at compilers) written by James
Hacker.
+
+  <signature of Ty Coon>, 1 April 1989
+  Ty Coon, President of Vice
+
+This General Public License does not permit incorporating your program
into
+proprietary programs.  If your program is a subroutine library, you may
+consider it more useful to permit linking proprietary applications with
the
+library.  If this is what you want to do, use the GNU Library General
+Public License instead of this License.
Property changes on: vendor/mediawiki/current/COPYING
___________________________________________________________________
Name: svn:eol-style
   + native
  _____
Added: vendor/mediawiki/current/FAQ
--- vendor/mediawiki/current/FAQ	2005-12-06 19:11:08 UTC (rev
19933)
+++ vendor/mediawiki/current/FAQ	2005-12-06 19:30:16 UTC (rev
19934)
@@ -0,0 +1 @@
+The FAQ is at: http://meta.wikimedia.org/wiki/MediaWiki_FAQ
Property changes on: vendor/mediawiki/current/FAQ
___________________________________________________________________
Name: svn:eol-style
   + native
  _____
Added: vendor/mediawiki/current/HISTORY
--- vendor/mediawiki/current/HISTORY	2005-12-06 19:11:08 UTC (rev
19933)
+++ vendor/mediawiki/current/HISTORY	2005-12-06 19:30:16 UTC (rev
19934)
@@ -0,0 +1,652 @@
+Change notes from older releases. For current info see RELEASE-NOTES.
+
+Security reminder: MediaWiki does not require PHP's register_globals
+setting since version 1.2.0. If you have it on, turn it *off* if you
can.
+
+== Version 1.3.11, 2005-02-20 ==
+
+MediaWiki 1.3.11 is a security release.
+
+A security audit found and fixed a number of problems. Users of
MediaWiki
+1.3.10 and earlier should upgrade to 1.3.11; users of 1.4 beta releases
+should upgrade to 1.4rc1.
+
+
+=== Cross-site scripting vulnerability ===
+
+XSS injection points can be used to hijack session and authentication
+cookies as well as more serious attacks.
+
+* Media: links output raw text into an attribute value, potentially
+  abusable for JavaScript injection. This has been corrected.
+* Additional checks added to file upload to protect against MSIE and
+  Safari MIME-type autodetection bugs.
+
+As of 1.3.10/1.4beta6, per-user customized CSS and JavaScript is
disabled
+by default as a general precaution. Sites which want this ability may
set
+$wgAllowUserCss and $wgAllowUserJs in LocalSettings.php.
+
+
+=== Cross-site request forgery ===
+
+An attacker could use JavaScript-submitted forms to perform various
+restricted actions by tricking an authenticated user into visiting
+a malicious web page. A fix for page editing in 1.3.10/1.4beta6 has
+been expanded in this release to other forms and functions.
+
+Authors of bot tools may need to update their code to include the
+additional fields.
+
+
+=== Directory traversal ===
+
+An unchecked parameter in image deletion could allow an authenticated
+administrator to delete arbitary files in directories writable by the
+web server, and confirm existence of files not deletable.
+
+
+== Version 1.3.10, 2005-02-03 ==
+
+MediaWiki 1.3.10 is a security release.
+
+An attacker could craft a URL which, when visited by a particular
+logged-in user, would execute arbitrary JavaScript code on the user's
+browser in the wiki's site context. This attack has been blocked, and
as
+an extra precaution the user CSS and JavaScript subpage support is now
+disabled by default. Sites which want this ability may set
$wgAllowUserCss
+and $wgAllowUserJs in LocalSettings.php.
+
+Additional protections have been added against off-site form
submissions
+hijacking user credentials. Authors of bot tools may need to update
their
+code to include additional fields.
+
+All wikis running 1.3.x are strongly urged to upgrade to 1.3.10.
+
+Changes from 1.3.9:
+* Logged-in edits and preview of user CSS/JS are now locked to a
session token.
+* Per-user CSS and JavaScript subpage customizations now disabled by
default.
+  They can be re-enabled via $wgAllowUserJs and $wgAllowUserCss.
+* Removed .ogg from the default uploads whitelist as an extra
precaution.
+  If your web server is configured to serve Ogg files with the correct
+  Content-Type header, you can re-add it in LocalSettings.php:
+    $wgFileExtensions[] = 'ogg';
+
+
+
+== Version 1.3.9, 2004-12-12 ==
+
+MediaWiki 1.3.9 is a security and bug fix release.
+
+A flaw in upload handling has been found which may allow upload and 
+execution of arbitrary scripts with the permissions of the web server.
+Only wikis that have enabled uploads and have a vulnerable Apache 
+configuration will be affected, but to be safe all wikis should
upgrade.
+
+Wikis with uploads available should either disable uploads or upgrade
to
+1.3.9 immediately; if other files are customized and require merging 
+changes, includes/SpecialUpload.php may be replaced individually to add
+the fix.
+
+(It is also recommended to configure your web server to disable script
+execution in the 'images' subdirectory where uploads are placed, which
+prevents most attacks even if the wiki fails.)
+
+Changes from 1.3.8:
+* Backported "Templates used in this page"-feature of EditPage
+* Allow "MySkin" as a default skin.
+* (bug 938) Parse namespaces correctly on self-interwiki links
+* (bug 1010) fix broken Commons image link on Classic & Cologne Blue
+* (bug 1004) Norsk language names for interwiki links changed,
+  Nauruan language name changed
+* Enhance upload extension blacklist to protect against vulnerable
+  Apache configurations
+
+
+== Version 1.3.8, 2004-11-15 ==
+
+MediaWiki 1.3.8 is a bugfix release. Those running wikis with uploads
+enabled are strongly recommended to upgrade as this fixes several
problems
+with overwriting previously-uploaded files.
+
+Changes from 1.3.7:
+* (bug 506) fix array_key_exists() warning for IIS servers using
+  ISAPI mode
+* (bug 718) fix bad charset in (file) cached pages
+* use local numerals in category page (for Hindi et al)
+* alias month abbreviations to month names in Hindi
+* add localized numerals for Gujarati and Kannada
+* fix Category and project namespaces for Hindi
+* Don't output bogus timestamp on Special:Recentchanges if no entries
+* Correct template include path which broke some but not all Windows
installs
+* Fix edit form submission problem with some PHP versions
+* Disallow unreachable titles with %XX hex codes
+* Allow page [[0]] to be renamed
+* (bug 774) when saving with section=new, return to the anchor as with
+  existing numbered section edits
+* Experimental shared upload overlay area (disabled by default)
+* (bug 806) Removed some "Wikipedia" hardcoding in German localization
+* User option localization fix for some extensions
+* (bug 809) now try to load the mysql php extension if it isn't loaded
+* (bug 848) fix error message in Special:Newpages RSS and Atom feeds
+* (bug 26) fix cache headers on anon talk page notification
+* (bug 874) added 'cgi' to wgFileBlacklist
+* (bug 862) localize date and time format for Finnish
+* (bug 548) Don't overwrite images until the user confirms it
+
+
+== Version 1.3.7, 2004-10-18 ==
+Changes from 1.3.6:
+* Fix protected-page related security issue.
+
+
+== Version 1.3.6, 2004-10-14 ==
+
+Changes from 1.3.5:
+* (bug 296) Variables in user interface messages are no longer
substituted
+  at install time, so changes to the site name etc should be easier to
make
+* (bug 149) Special:Recentchanges "changes from" link preserves limit
+* (bug 433) tooltip for "Undelete" tab now labeled correctly
+* (bug 439) unclickable "Move" tab no longer displays on protected
pages
+* (bug 484) graceful deletion of images where the actual file is
missing
+* (bug 686) fixed [[plural]]s in Catalan localization
+* Fixed potential HTML/JavaScript injection attack in the
UnicodeConverter
+  extension. (This extension is not enabled by default.)
+* Fixed potential HTML/JavaScript injection attack via raw page views
to
+  a maliciously crafted wiki page.
+* (bug 187, bug 669) Fixed centered thumbnails, using <div> instead of
+  <span>.
+* catch MySQL error 2000 during installation.
+* (bug 704) Removed misleading LocalSettings.sample
+* Fix cross site scripting bugs in SpecialIpblocklist, SpecialEmailuser
+* Fix SQL injection and cross site scripting bugs in SpecialMaintenance
+* Fix cross site scripting bugs and possible filename validation
vulnerability
+  in ImagePage.
+* and more of that sort
+
+
+== Version 1.3.5, 2004-09-30 ==
+
+Changes from 1.3.4:
+* Clean up input validation in 'raw' page output mode which was a
potential
+  cross-site scripting opportunity.
+
+
+== Version 1.3.4, 2004-09-28 ==
+
+************************** SECURITY NOTE!
******************************
+
+As of 1.3.4, MediaWiki performs some screening of newly uploaded files
for
+validity. (Some)  corrupt image files, and HTML files mistakenly or
+maliciously masquerading as images, should now be rejected.
+
+These checks protect against Internet Explorer security holes relating
+to type autodetection which are a potential cross-site scripting attack
+vector, and also rejects at least one known version of the "JPEG virus"
+which might attack unpatched clients.
+
+If you already have invalid files uploaded this will not protect
against
+them. If you have expanded the filetype whitelist or disabled the
strict
+type checking, other dangerous file types may still get through. You
should
+always be careful when allowing uploads!
+
+
+Changes from 1.3.3:
+* Fixed lots of template-related bugs, esp. for cases where template
+  variables are used for links, images, etc.
+* Fixed transformation of page messages when viewing
Special:Allmessages
+* Handle "ISBN ISBN 1234" correctly
+* Fixed warning on Category pages
+* Fixed some bad error messages on login page
+* Fixed history entry for initial main page on install
+* Removed problematic { and } from legal title characters
+* Strip leading blank from output in preformated text.
+* Fixed problem when moving pages to titles with '#' in
+* Optional $wgRawHtml for raw <html> sections. Use only on limited-
+  participation 'trusted' wikis, as it does not protect against
cross-site
+  scripting attacks. For security, this option can only be enabled if
in
+  $wgWhitelistEdit mode.
+* Fixed problem where pages which were created as a redirect following
+  a move never showed on Special:Randompage.
+* Fixed line spacing on printed table of contents
+* Allow links to pages with names of the form [[RFC 1234]]
+* Fixed broken edit links being shown for sections from included
templates
+* Verify that uploaded image files are of the claimed type.
+
+
+== Version 1.3.3, 2004-09-09 ==
+
+Changes from 1.3.2:
+* Fix for long numeric page titles
+* Fix Go search for "0", numeric almost-self-links
+* Avoid caching of pages with "You have new messages" headers
+* Fix for upgrades as non-root users from 1.2 command-line installs.
+* Fix for $wgDebugDumpSql debug mode.
+* $wgExtraNamespaces setting for configuring additional namespaces
+  (see note in DefaultSettings.php)
+* 'recache' on query pages now disabled when miser mode is on; special
case the
+  global settings in your LocalSettings.php to do automatic updates.
+* Don't block UTF-8 titles containing byte 0xA0 (bug added in 1.3.2)
+* Watch/unwatch tabs now shown on edit pages in MonoBook.
+* Fix default skin in Irish localization (ga)
+* Add Traditional Chinese localization (zh-tw)
+* Changed default sortkey of subcategories. Don't include
"Category:"-prefix
+  any longer
+* More helpful info on spam catcher.
+* Allow larger offsets for queries such as Special:Listusers
+* Semicolon (;) added to French non-break space rules
+* Possible fix for some install errors with path names permission
problems.
+* Removed [[Project:All system messages]], which has been superceded by
+  the much faster [[Special:Allmessages]]. This speeds up installation
+  considerably.
+
+== Version 1.3.2, 2004-08-30 ==
+
+Changes from 1.3.1:
+* Fix namespaced page creation links when no go match
+* When cookies are disabled, don't show login screen twice
+* Install should no longer die when PHP is pre-configured to compress
output
+* Fixed bug that caused long Japanese pages to time out with Tidy
active
+* When session.handler is set incorrectly, try automatic override to
'files'
+* Watch/Unwatch links back to the affected page instead of Main Page
+* Upload link no longer displayed on Monobook if uploading is disabled
+* Special:Allmessages faster, shows correct original text, works in
safe mode
+
+
+== Version 1.3.1, 2004-08-14 ==
+
+Changes from 1.3.0:
+* Watchlist parameters now work with register_globals off
+* Fixed parsing of ''italics'' and '''bold''' mark-up (again)
+* Special:Allpages display is more sensible on smaller wikis
+* Fixed XHTML parsing error in classic skins
+* Moved pages update watchlist correctly
+* Fixed rebuildall.php on case-sensitive Unix filesystems
+* Disabled file cache compression by default due to incompatibility
+  with output buffer compression (ob_gzhandler)
+* New magic word PAGENAMEE (URL-escaped version of PAGENAME)
+* Installation avoids blank username; better message on missing XML
module
+* $wgWhitelistAccount no longer breaks all logins.
+
+== Version 1.3.0, 2004-08-11 ==
+
+Look & layout:
+* New default layout 'MonoBook' (available on PHP4 only currently)
+* Print stylesheet now built-in to every page
+* More or less correct XHTML 1.0 (served as text/html by default)
+
+Wiki features:
+* Image captions can now include links and other basic formatting
+* Image bounding box can be specified instead of width, e.g. as
+  100x100px, making the image not wider than 100px and not higher
+  than 100px, keeping aspect ratio.
+* Templates have been expanded with parameters, and separated from
+  the MediaWiki: localization scheme.
+* Categories more or less work
+* added a special page for listing users with sysop rights.
+
+Editing:
+* Automatic merging of edit conflicts that don't directly interfere
+* Edit summaries can now include basic formatting and links
+
+Metadata and output:
+* Linked Creative Commons copyright metadata (optional)
+* RSS 2.0 & Atom 0.3 feeds for Recent Changes, New Pages
+
+Optional modules:
+* WikiHiero hieroglyphic module can be added (separate download)
+* Timeline module can be added (separate download).
+  Requires ploticus.
+* TeX now has an experimental MathML output mode (incomplete!)
+
+Installation and upgrading:
+* The old install.php and update.php have been removed. In-place
+  installation introduced in 1.2 is now the standard installation
+  and upgrade method, see INSTALL and UPGRADE for directions.
+
+Database:
+* The links table has been changed to use a cur_id for l_from.
+  The link tables must be converted on upgrade, which may entail
+  some downtime.
+
+Code and compatibility:
+* Should now run clean with error reporting set to E_ALL.
+* register_globals hack from 1.2 has been replaced with safer code
+* Bundled PHPTAL 0.7.0 from http://phptal.sourceforge.net/
+  (with some patches)
+* Most image-related code moved to Image.php
+* More fixes for PHP 4.1.2 (thanks to Asheesh Laroia)
+* URL encoding fix for anchors
+* All languages now available in UTF-8 mode
+* Various other fixes
+
+=== Caveats ===
+
+Some output, particularly involving user-supplied inline HTML, may not
+produce 100% valid or well-formed XHTML output. Testers are welcome to
+set $wgMimeType = "application/xhtml+xml"; to test for remaining
problem
+cases, but this is not recommended on live sites. (This must be set for
+MathML to display properly in Mozilla.)
+
+The new 'MonoBook' skin is not compatible with PHP 5 due to bugs in the
+underlying PHPTAL library. It will be automatically disabled when
running
+on PHP5; the older look and feel will be used instead.
+
+
+== Version 1.2.6, 2004-05-24 ==
+* Spam blocker ($wgSpamRegex - refuses to save edits that match)
+* Updated documentation about $wgWhitelistRead
+* Ensure that searchindex table is created as MyISAM
+* Interwiki cache timeout (memcached)
+* Fix uploads on Windows with magic_quotes_gpc
+* Some config fixes for Windows (slashes etc)
+* Local interwiki URL redirects
+* Fixed obscure deletion problem in squid mode on corrupt entries
+* Language files updated to remove more hard-coded "Wikipedia" strings
+
+== Version 1.2.5, 2004-05-01 ==
+* Fixed install problem with blank root password
+* Fixed Special:Emailuser/Username links
+* Fixed main-page edit links on fuzzy search results
+* Fixed wikipedia-interwiki.sql
+* Fixed install with apache2filter (ugly URLs)
+* IP in 'go' search brings up contributions
+* Switch from broken & to ? on top-level wiki URL hack
+
+== Version 1.2.4, 2004-04-13 ==
+
+* Fixed edit toolbar in Mozilla
+* Diff links in Contributions for 'top' edits
+* Fixed Nostalgia skin drop-down for register_globals off
+* Backported optional open proxy blocker
+* Backported $wgWhitelistRead
+* $wgCapitalLinks option to force full case sensitivity in titles
+* Cleaned up error handling when can't talk to database
+* Disabled unsafe command-line installer (remove the "die()" call to
use)
+
+== Version 1.2.3, 2004-04-02 ==
+
+* Fixed an in-place install bug with non-root MySQL user
+* Fixed history diff checkboxes bug on titles with ampersands
+* Fixed printable link bug on special pages with parameters
+* Fixed bug that broke IP blocking w/o memcached
+* Turns off E_NOTICE warnings if PHP settings have them on
+  (you can grope in and turn this off if you like to debug)
+
+== Version 1.2.2, 2004-03-28 ==
+
+* Fixed an upgrade bug introduced in 1.2.1.
+* Disabled $wgUseCategoryMagic, which feature is incomplete broken
+
+== Version 1.2.1, 2004-03-27 ==
+
+Installation, compatibility, security fixlets:
+* Detect use of PHP as CGI and disable index.php/Title URLs
+* Try to auto-create math tmp & output directories if not present
+* Disable Asksql in default install ($wgAllowSysopQueries)
+* Better handling of get_magic_quotes_gpc (apostrophe problems)
+* French localisation no longer hard-codes "Wikipedia" name
+
+== Version 1.2.0 ==
+
+New features in 1.2:
+* Image resizing/thumbnail generation
+* Stricter upload file extension blacklist and whitelist options
+* More flexible blocking system; time period may be set
+* Handier sysop account management. An account marked "bureaucrat"
+  may assign sysop access to other accounts via Special:Makesysop.
+  (The exact details of this may change in the future)
+* Support for a squid cache with explicit purging of cached anon pages
+* Optional compression of old revision text (requires zlib support)
+* Fuzzy title search (experimental, requires memcached)
+* Page rendering cache (experimental)
+* Editing toolbar to demonstrate wiki syntax to newbies
+  (off by default in user preferences)
+* Support for authenticated SMTP outgoing e-mail (experimental)
+* It's now possible to assign sysop accounts from within the wiki.
+  An account with this ability must be labeled with the "bureaucrat"
+  privilege, such as the 'Developer' account created by the install.
+
+Fixes and tweaks:
+* Now works with register_globals off!
+* Works with short tags disabled.
+* Should work out of the box on MySQL 3.2.x again. On 4.x set
+  $wgEnablePersistentLC = true; to turn on the link cache table
+  for a slight rendering speed boost.
+* rebuildMessages.php can now selectively update new messages, or
+  overwrite everything.
+* Various bug fixes.
+* Other stuff we forgot.
+* Documentation more out of date than ever before!
+
+=== Behavior changes ===
+
+* wiki.phtml and redirect.phtml are now renamed to index.php and
redirect.php
+  The old names are provided too for compatibility, but make sure they
don't
+  conflict if you've been putting other files in your wiki.
+* Uploaded filenames are more strictly checked than before. See bits in
+  DefaultSettings.php to tweak this behavior to your needs.
+* Database messages are now enabled by default, so the interface
messages can
+  be tweaked through the wiki with a sysop account. Disable this if you
+  don't want the performance hit.
+
+=== Database changes ===
+
+An index was added to recentchanges table to speed up Newpages
+(patch-rc-newindex.sql for manual updaters).
+
+Expiration date field has been added to ipblocks table
+(patch-ipb_expiry.sql for manual updaters).
+
+
+== Version 1.1.0, 2003-12-08 ==
+
+This is the new production release. Any following 1.1.x releases are
expected
+to contain only bug fixes; developments of new features will go towards
a 1.2.0
+release.
+
+New features in 1.1:
+* New wiki table syntax:
+  http://meta.wikipedia.org/wiki/MediaWiki_User%27s_Guide:_Using_tables
+* User-editable interface messages:
+  http://meta.wikipedia.org/wiki/MediaWiki_namespace
+* XML-wrapped page source export with optional history:
+  http://meta.wikipedia.org/wiki/XML_import_and_export
+  (There is not yet an import function!)
+* "Magic words"
+
+Fixes and tweaks:
+* linkscc table caches link data for rendering; faster rebuildlinks.php
+* Numerous bugs in Cologne Blue skin fixed
+* Login gives warning about missing cookies
+* Block log, protection log added; deletion log now includes
undeletions
+* Deletion & upload logs now escape comment text properly
+* Problems with <nowiki> segments in section titles etc mitigated
+* Contributions offset and minor edit bugs fixed
+* Whatlinkshere now sorted alphabetically
+* Various exciting new profiling options.
+* Debug log is off by default.
+* Various small bugs fixed.
+
+Internal changes:
+* wfQuery has had a second parameter inserted, DB_READ or DB_WRITE.
This value
+  is not actually used so far.
+* Partial code for categories and Smarty template-based skins is in the
tree
+  but disabled.
+* Parts of Article.php have been moved to EditPage.php and
ImagePage.php.
+
+New translations:
+* fi - Finnish
+* ia - Interlingua
+* no - Norwegian
+* sk - Slovak
+* ta - Tamil
+
+=== Database changes ===
+
+"linkscc" table added. If upgrading manually (rather than with
update.php),
+run maintenance/archives/patch-linkscc.sql to create the table.
+
+Older releases were dated snapshots from the old 'stable' branch:
+
+== mediawiki-20031118 ==
+
+* Image deletion fixed.
+* Deletion of image old revisions now restricted to sysops
+  (this is an irreversible action and not well logged)
+* Fixed maintenance scripts broken by last release's security fix
+* Many errors in rebuildlinks script fixed.
+
+== mediawiki-20031117 ==
+
+* SECURITY FIX: stricter checking of include path
+* Fixed user contributions next/prev bug
+* Login cookies now have the database name prefixed to allow wikis
+  to coexist in the same domain. This will invalidate any old saved
+  password cookies.
+* Update cache timestamp when talk pages are created
+* Saving the login form in Mozilla no longer blanks password in prefs.
+* Check existence of source page before performing a move.
+* Detect invalid titles in Special:Allpages
+* Q-encode headers on outgoing inter-user e-mail
+* Updates to some translations.
+* Added table of contents border/bg to Cologne Blue, Nostalgia skins
+* Protected pages no longer appear unprotected when visited via
redirect
+* Swapped old Wikipedia logo for the MediaWiki sunflower logo
+* install.php, update.php print warning on old PHP versions,
+  added compatibility functions that might or might not help
+
+No database changes since 20031107; upgrading should be clean.
+
+
+== mediawiki-20031107 ==
+
+* Fixed various bugs!
+* Some speed improvements from tweaks to the table indexes
+* Limited support for memcached (see below)
+* New translations (see below)
+* Interwiki link data now kept in database for flexibility
+* Friendlier read-only source view if asked to edit a page when
+  the db is locked or the page is protected.
+* Normal IP blocks auto-expire after 24 hours
+* Optional support for blocking usernames
+* Uploads disabled by default (see below)
+
+
+=== Security note ===
+
+Uploads are now disabled by default. If you've set up a secure
configuration
+you can reenable uploads by putting:
+
+  $wgDisableUploads = false;
+
+into LocalSettings.php.
+
+Earlier versions of MediaWiki included a bug that potentially allows
logged-
+in users to delete arbitrary files in directories writable by the web
server
+user by manually feeding false form data; this is now fixed.
+
+As a reminder, disable PHP script execution in the upload directory!
+You may also wish to serve HTML pages as plaintext to prevent cookie-
+stealing JavaScript attacks. Example Apache config fragment:
+
+  <Directory "/Library/MediaWiki/web/upload">
+     # Ignore .htaccess files
+     AllowOverride None
+     
+     # Serve HTML as plaintext
+     AddType text/plain .html .htm .shtml
+     
+     # Don't run arbitrary PHP code.
+     php_admin_flag engine off
+     
+     # If you've other scripting languages, disable them too.
+  </Directory>
+
+
+=== Database updates ===
+
+If you're using update.php, the necessary database changes should
+be made automatically.
+
+To manually upgrade your database from the 2003-08-29 release, run the
+following SQL scripts from the maintenance subdirectory:
+
+  archives/patch-ipblocks.sql
+  archives/patch-interwiki.sql
+  archives/patch-indexes.sql
+  interwiki.sql
+
+To copy in the Wikipedia language-prefix interwikis as well, add:
+
+  wikipedia-interwiki.sql
+
+
+=== Translations ===
[truncated at 1000 lines; 149963 more skipped]

    