This is a security and maintenance release of the MediaWiki 1.38 branch.
Changes since MediaWiki 1.38.1
Localisation updates.
(T309426) Repair language selector for SVGs.
(T310013) Fix default value for $wgShowEXIF and $wgUsePathInfo.
(T308471) SECURITY: Escape welcomeuser message passed to showSuccessPage().
(T308473) SECURITY: Escape contributions-title msg for use within page title.
(T311272) Call parent constructor of AddSite maintenance script first.
MediaWiki: Don’t eagerly initialize action name.
(T311384, CVE-2022-27776) Updated guzzlehttp/guzzle from 7.4.1 to 7.4.5.
(T289926) Avoid passing null to trim() in SkinTemplate.
(T289879) Address deprecations for PHP 8.1.
(T311473) rollbackEdits: Pass user identity to RollbackPage.
Upgrade wikimedia/remex-html from 3.0.1 to 3.0.2.
(T311551) ShellboxClientFactory::getUrl(): Check if $this->key is null.
(T311552) ChangesListSpecialPage: Don’t pass null to FormatJson::decode().
(T311569) FileBackend::isStoragePath() Handle being passed null.
(T311544) Pass int to ApiUsageException::newWithMessage()’s $httpCode param.
(T311678) SpecialEditWatchlist: Prevent passing null to strtolower().
(T311554) ChangeTags: Return early in formatSummaryRow() if $tags === null.
Upgrade wikimedia/common-passwords from 0.3.0 to 0.4.0.
A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl() printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises because it had been freed by gprinter_free().
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.
In LibRaw, there is an out-of-bounds write vulnerability within the “new_node()” function (librawsrcx3fx3f_utils_patched.cpp) that can be triggered via a crafted X3F file.
In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function (librawsrcx3fx3f_utils_patched.cpp) when reading data from an image file.