Software update: MediaWiki 1.4.2

MediaWiki is an open source wiki engine that can be used to create and manage content for the Wikimedia Foundation websites, such as WikipediaWiktionaryWikisourceWikibooks and Wikiquote† For more information, we recommend that you this one Read extensive documentation. Since a few days, MediaWiki 1.4.2 is available via Sourceforge with the following announcement:

MediaWiki 1.4.2 is a security and bug fix release for the 1.4 stable release series. A cross-site scripting injection vulnerability was discovered, which affects only MSIE clients and is only open if MediaWiki has been manually configured to run output through HTML Tidy ($wgUseTidy).

Several other bugs are also fixed in 1.4.2.

Changes since last release: (full release notes

  • Fix math options in Finnish localization
  • Use in-process Tidy extension if available when $wgUseTidy is on
  • bug 1933) Fix PATH_INFO usage under IIS with PHP ISAPI module
  • bug 1188) in ” rel=”external”>” rel=”external”>subst: includes fixed
  • bug 1936) in ” rel=”external”>” rel=”external”>subst: includes fixed
  • Fix a potential MSIE JavaScript injection vector in Tidy mode

Version number 1.4.2
Operating systems Linux
Website sourceforge
File size


License type GPL