jenkins-bot has submitted this change and it was merged. ( 
https://gerrit.wikimedia.org/r/365553 )

Change subject: Allow SVGs using an older proposed recommendation DTD
......................................................................


Allow SVGs using an older proposed recommendation DTD

Dia software seems to use this DTD (at least in some versions)

Bug: T168856
Change-Id: I51ad7ff4a935d4edb78e091142be9c58017dd3af
(cherry picked from commit 71df44bf9bf4f494f24c5f656115d03108ea7660)
---
M RELEASE-NOTES-1.27
M includes/upload/UploadBase.php
2 files changed, 20 insertions(+), 1 deletion(-)

Approvals:
  Brian Wolff: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/RELEASE-NOTES-1.27 b/RELEASE-NOTES-1.27
index 9f6982d..de888fd 100644
--- a/RELEASE-NOTES-1.27
+++ b/RELEASE-NOTES-1.27
@@ -1,3 +1,20 @@
+== MediaWiki 1.27.4 ==
+This not a release yet!
+
+=== Changes since 1.27.3 ===
+* (T168856) Allow SVGs created by Dia to be uploaded.
+
+== MediaWiki 1.27.3 ==
+Due to a packaging error, the wrong version of the SyntaxHighlight extension 
was
+included in the tarball version of MediaWiki 1.27.2. The version included had a
+serious security issue in it (T158689). There was also some minor code fixes in
+MediaWiki itself since 1.27.2, but none of them were security relevant.
+
+=== Changes since 1.27.2 ===
+* (T145664) Fix broken wincache merge() implementation
+* (T163434) Add wikimedia/testing-access-wrapper for forwards compatibility
+* (T153505) Fix php warnings on php 7.1 due to use of &$this
+
 == MediaWiki 1.27.2 ==
 This is a security and maintenance release of the MediaWiki 1.27 branch.
 
diff --git a/includes/upload/UploadBase.php b/includes/upload/UploadBase.php
index db9e699..ae1457a 100644
--- a/includes/upload/UploadBase.php
+++ b/includes/upload/UploadBase.php
@@ -1326,7 +1326,9 @@
                        'http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd',
                        
'http://www.w3.org/TR/2001/REC-SVG-20010904/DTD/svg10.dtd',
                        
'http://www.w3.org/Graphics/SVG/1.1/DTD/svg11-basic.dtd',
-                       'http://www.w3.org/Graphics/SVG/1.1/DTD/svg11-tiny.dtd'
+                       'http://www.w3.org/Graphics/SVG/1.1/DTD/svg11-tiny.dtd',
+                       // https://phabricator.wikimedia.org/T168856
+                       
'http://www.w3.org/TR/2001/PR-SVG-20010719/DTD/svg10.dtd',
                ];
                if ( $type !== 'PUBLIC'
                        || !in_array( $systemId, $allowedDTDs )

-- 
To view, visit https://gerrit.wikimedia.org/r/365553
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I51ad7ff4a935d4edb78e091142be9c58017dd3af
Gerrit-PatchSet: 2
Gerrit-Project: mediawiki/core
Gerrit-Branch: REL1_27
Gerrit-Owner: Brian Wolff <bawolff...@gmail.com>
Gerrit-Reviewer: Aaron Schulz <asch...@wikimedia.org>
Gerrit-Reviewer: Brian Wolff <bawolff...@gmail.com>
Gerrit-Reviewer: Matthias Mullie <mmul...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to