On 14/04/11 17:29, Gordon Joly wrote:
> I see that this snippet is to be found in ".htaccess" file inside
> ./images/ (this appears to be new file 1.16.3)
>
> Could the ".htaccess" be placed at top level (that is one above ./images/)?
If you do that, then certain URLs that give harmless HTML res
On Thu, Apr 14, 2011 at 1:29 AM, Gordon Joly wrote:
> On 12/04/2011 04:23, Tim Starling wrote:
> >
> > To fix this issue, configure your web server to deny requests with
> > URLs that have a path part ending in a dot followed by a dangerous
> > file extension. For example, in Apache with mod_rewr
On 12/04/2011 04:23, Tim Starling wrote:
>
> To fix this issue, configure your web server to deny requests with
> URLs that have a path part ending in a dot followed by a dangerous
> file extension. For example, in Apache with mod_rewrite:
>
> RewriteEngine On
> RewriteCond %{QUERY_STRING
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I would like to announce the release of MediaWiki 1.16.3, which is a
security release. Three security issues were discovered.
Masato Kinugawa discovered a cross-site scripting (XSS) issue, which
affects Internet Explorer clients only, and only versio