| Index: branches/REL1_3/phase3/includes/Article.php |
| — | — | @@ -258,6 +258,7 @@ |
| 259 | 259 | $striparray=array(); |
| 260 | 260 | $parser=new Parser(); |
| 261 | 261 | $parser->mOutputType=OT_WIKI; |
| | 262 | + $parser->mOptions = new ParserOptions(); |
| 262 | 263 | $striptext=$parser->strip($text, $striparray, true); |
| 263 | 264 | |
| 264 | 265 | # now that we can be sure that no pseudo-sections are in the source, |
| — | — | @@ -823,6 +824,7 @@ |
| 824 | 825 | $striparray=array(); |
| 825 | 826 | $parser=new Parser(); |
| 826 | 827 | $parser->mOutputType=OT_WIKI; |
| | 828 | + $parser->mOptions = new ParserOptions(); |
| 827 | 829 | $oldtext=$parser->strip($oldtext, $striparray, true); |
| 828 | 830 | |
| 829 | 831 | # now that we can be sure that no pseudo-sections are in the source, |
| Index: branches/REL1_3/phase3/includes/DefaultSettings.php |
| — | — | @@ -9,7 +9,7 @@ |
| 10 | 10 | # like $wgScriptPath, you must also localize everything that |
| 11 | 11 | # depends on it. |
| 12 | 12 | |
| 13 | | -$wgVersion = '1.3.14'; |
| | 13 | +$wgVersion = '1.3.15'; |
| 14 | 14 | |
| 15 | 15 | $wgSitename = 'MediaWiki'; # Please customize! |
| 16 | 16 | $wgMetaNamespace = FALSE; # will be same as you set $wgSitename |
| Index: branches/REL1_3/phase3/includes/Parser.php |
| — | — | @@ -221,16 +221,14 @@ |
| 222 | 222 | } |
| 223 | 223 | |
| 224 | 224 | # math |
| 225 | | - $text = Parser::extractTags('math', $text, $math_content, $uniq_prefix); |
| 226 | | - foreach( $math_content as $marker => $content ){ |
| 227 | | - if( $render ) { |
| 228 | | - if( $this->mOptions->getUseTeX() ) { |
| | 225 | + if( $this->mOptions->getUseTeX() ) { |
| | 226 | + $text = Parser::extractTags('math', $text, $math_content, $uniq_prefix); |
| | 227 | + foreach( $math_content as $marker => $content ){ |
| | 228 | + if( $render ) { |
| 229 | 229 | $math_content[$marker] = renderMath( $content ); |
| 230 | 230 | } else { |
| 231 | | - $math_content[$marker] = "<math>$content<math>"; |
| | 231 | + $math_content[$marker] = "<math>$content</math>"; |
| 232 | 232 | } |
| 233 | | - } else { |
| 234 | | - $math_content[$marker] = "<math>$content</math>"; |
| 235 | 233 | } |
| 236 | 234 | } |
| 237 | 235 | |
| Index: branches/REL1_3/phase3/RELEASE-NOTES |
| — | — | @@ -3,7 +3,20 @@ |
| 4 | 4 | Security reminder: MediaWiki does not require PHP's register_globals |
| 5 | 5 | setting since version 1.2.0. If you have it on, turn it *off* if you can. |
| 6 | 6 | |
| | 7 | +== MediaWiki 1.3.15, 2005-08-29 == |
| 7 | 8 | |
| | 9 | +MediaWiki 1.3.15 is a security maintenance release. It corrects across-site |
| | 10 | +scripting security bug: |
| | 11 | + |
| | 12 | +* <math> tags were handled incorrectly when TeX rendering support is off, |
| | 13 | + as in the default configuration. |
| | 14 | + |
| | 15 | +Wikis where the optional math support has been *enabled* are not vulnerable. |
| | 16 | + |
| | 17 | +The 1.3.x series is no longer maintained except for security fixes; |
| | 18 | +new users and those seeking bug fixes should upgrade to 1.4.9 or 1.5.0. |
| | 19 | + |
| | 20 | + |
| 8 | 21 | == Version 1.3.14, 2005-08-23 == |
| 9 | 22 | |
| 10 | 23 | MediaWiki 1.3.14 is a security maintenance release. |