Release Notes: Improved PostgreSQL and IPv6 support. New access control features: cascading protection, a list of protected pages, and new limited namespace-wide access control. Better error handling in the new image resizing backend. Numerous other bugfixes and enhancements.
Release Notes: An XSS injection vulnerability based on Microsoft Internet Explorer's UTF-7 charset autodetection was located in the AJAX support module, affecting MSIE users on MediaWiki 1.6.x and up when the optional setting $wgUseAjax is enabled. Minor compatibility fixes for IIS and PostgreSQL are also included.
Release Notes: Fixes were made for upgrading from older versions and for running under certain configurations with IIS. Shortcut key tooltips were corrected for Opera on Mac and Firefox on Linux. An optional DjVu metadata support security fix was made.
Release Notes: Compatibility fixes for Zend Optimizer and MySQL Strict Mode. safety checks for buggy 64-bit PHP installations. "Undo" edit patching mode. Password reset security has been improved. There are more flexible IP blocking options and many other improvements.
Release Notes: An XSS injection vulnerability was located in the Ajax support module, affecting MediaWiki 1.6.x and up when the optional $wgUseAjax setting is enabled. There is no danger in the default configuration, with $wgUseAjax off. If you are using an extension based on the optional Ajax module, either disable it or upgrade to a version containing the fix: 1.8.3, 1.7.2, 1.6.9, or 1.9.0rc2 release candidate.
Release Notes: This release adds fixes for localized namespaces on Windows and other systems with non-UTF-8 locales, and corrections to typos in German.
Release Notes: PostgreSQL support now works. IP blocking is now more flexible for shared/dynamic ranges. Optional support was added for DjVu metadata and inline rendering using external software. Fixes were made for Squid 2.6. The "+" character is allowed in titles by default for better compatibility with Wikipedia data. Many little fixes were made.
Release Notes: The code has been converted to PHP 5. Many internal and extension interfaces were cleaned up. Some installer fixes were made. A potential HTML injection in a debugging script was fixed.
Release Notes: An XSS injection vector in brace replacement has been fixed, as have some potential problems with table parsing. Upgrading is strongly recommended for all users of 1.6. MediaWiki versions 1.5 and earlier are not affected. Additionally, some localization and user interface updates are included.