MediaWiki 1.5.5 and 1.4.13 are a security and bugfix maintenance releases.
Detection for uploads of Windows Metafile (.wmf) images has been added to help
protect against a client-side vulnerability in unpatched Microsoft Windows
Sites which have enabled uploads and added non-standard file types (such as
.ogg, .doc, or .pdf) should upgrade to this release to ensure that malicious
.wmf files can't be uploaded with a fake extension; such files could put
visitors to the site at risk.
For more details on this, see:
Additionally, a maintenance script removeUnusedAccounts.php has been added in
1.5.5; this replaces an older Perl script which had not been updated for the new
schema in 1.5.
Full release announcement and downloads:
Log in to post a comment.