Release notes/1.10/ja

Security reminder
MediaWiki does not require PHP's register_globals setting since version 1.2.0. If you have it on, turn it *off* if you can.

MediaWiki 1.10.4
2008年3月2日


 * Correction for API path fix, broken in 1.10.3

MediaWiki 1.10.3
2008年1月23日

This is a security update to the Winter 2007 quarterly release. A potential XSS injection vector affecting api.php only for Microsoft Internet Explorer users has been closed.

To work around the vulnerability without upgrading, you may disable the API if you don't need it:


 * $wgEnableAPI = false;

Not vulnerable versions:
 * 1.12 以降
 * 1.11 系の 1.11.1 以降
 * 1.10 系の 1.10.3 以降
 * 1.9 系の 1.9.5 以降
 * 1.8 系のすべてのバージョン ($wgEnableAPI が off の場合)

Vulnerable versions:
 * 1.11 系の 1.11.0rc1 以前
 * 1.10 系の 1.10.2 以前
 * 1.9 系の 1.9.4 以前
 * 1.8 系のすべてのバージョン ($wgEnableAPI を on に変更した場合)

MediaWiki 1.7 and below are not affected as they do not include the API functionality, however the BotQuery extension is similarly vulnerable unless updated to the latest SVN version.

MediaWiki 1.10.2
2007年9月10日

This is a security fix update to the Spring 2007 quarterly release snapshot. A possible HTML/XSS injection vector in the API pretty-printing mode has been found and fixed.

The vulnerability may be worked around in an unfixed version by simply disabling the API interface if it is not in use, by adding this to LocalSettings.php:
 * $wgEnableAPI = false;

Not vulnerable versions:
 * 1.11 系の 1.11.0 以降
 * 1.10 系の 1.10.2 以降
 * 1.9 系の 1.9.4 以降
 * 1.8 系の 1.8.5 以降

Vulnerable versions:
 * 1.11 系の 1.11.0rc1 以前
 * 1.10 系の 1.10.1 以前
 * 1.9 系の 1.9.3 以前
 * 1.8 系の 1.8.4 以前 ($wgEnableAPI を on に変更した場合)

MediaWiki 1.7 and below are not affected as they do not include the faulty function, however the BotQuery extension is similarly vulnerable unless updated to the latest SVN version.

MediaWiki 1.10.1
2007年7月13日

This is a bugfix update to the Spring 2007 quarterly release snapshot. A number of fixes to improve compatibility with PostgreSQL, some versions of MySQL, and some PHP configurations are included.

Changes since 1.10.0:


 * (bug 9417) Uploading new versions of images when using Postgres no longer throws warnings.
 * (bug 9908) Using tsearch2 with Postgres 8.1 no longer gives an error.
 * (bug 9973) Changed size was shown in advanced recentchanges collapsible items with $wgRCShowChangedSized = false.
 * Fixed installation on MyISAM or old InnoDB with charset=utf8, was giving overlong key errors.
 * Fixed zero-padding issues with MySQL 5 binary schema
 * (bug 9820) session.save_path check no longer halts installation, but warns of possible bad values
 * (bug 9978) Fixed session.save_path validation when using extended configuration format, e.g. "5;/tmp"

MediaWiki 1.10.0
2007年5月9日

This is the quarterly release snapshot for Spring 2007. See below for a full list of changes since the 1.9.x series.

Changes since 1.10.0rc2:


 * (bug 9808) Fix regression that ignored user 'rclimit' option for Special:Contributions

MediaWiki 1.10.0rc2
2007年5月4日

THIS IS A RELEASE CANDIDATE MADE AVAILABLE FOR TESTING! A FINAL 1.10.0 RELEASE WILL APPEAR WITHIN A FEW DAYS.

Changes since 1.10.0rc1:
 * Various l10n fixes and updates
 * Fix for upgrade of page_restrictions table
 * (bug 9780) Fix normalization of titles with initial colon followed by whitespace
 * Fix for regression in upload: wrong size info saved into image table
 * Avoid cyclic stub problems when authorization hooks do funny things with the user and the database at load time

MediaWiki 1.10.0rc1
2007年4月30日

THIS IS A RELEASE CANDIDATE MADE AVAILABLE FOR TESTING! A FINAL 1.10.0 RELEASE WILL APPEAR WITHIN A FEW DAYS.

MediaWiki is now using a "continuous integration" development model with quarterly snapshot releases. The latest development code is always kept "ready to run", and in fact runs our own sites on Wikipedia.

Release branches will continue to receive security updates for about a year from first release, but nonessential bugfixes and feature developments will be made on the development trunk and appear in the next quarterly release.

Those wishing to use the latest code instead of a branch release can obtain it from source control: Download from SVN

構成の変更

 * メンテナンススクリプト(parserTests.php)によって使われる新しいスイッチである$wgCommandLineDarkBg. ターミナルが暗い背景色を使う場合、色つきの出力によって読みやすくなります.
 * それぞれの名前空間のページを編集するために必要な最小のパーミッションは $wgNamespaceProtection配列を通してカスタマイズできます. デフォルトでは、MediaWiki名前空間のページを編集するためには、以前と同じ"editinterface"のパーミッションが必要です.
 * 編集回数で自動認証されたパーミッションの制限を可能にする. 新しいグローバルな$wgAutoConfirmCount設定(当然ながら、デフォルトは0).
 * Special:Emailuserに対してレートリミッタを追加
 * $wgLogRestrictionsを使ってプライベートログを作ることができる
 * (bug 8590) 制限されたHTMLが常に有効になる($wgUserHtml = true).
 * $wgUseImageResizeを廃止、サムネイリングは無条件で有効になります.

1.9以降の新しい機能

 * (bug 6937) "statistics-footer"メッセージの導入、Special:Statisticsに追加
 * (bug 6638) ブロックログエントリでブロックのフラグを一覧表示する
 * (bugs 5051, 5376) ツールチップとアクセスキーはJavaScriptを必要としなくなりました
 * SkinTemplate::outputPageがページ出力を始める前に SkinTemplateOutputPageBeforeExecフックを追加wikitech-l/2007-January/028554.html
 * "cascading protection"(カスケーディング保護)を導入 -- このオプションを有効にすることで保護されたページにトランスクルードされたページ上の明確な保護
 * (bug 8567) action=rawでテキストがblow outされる直前にRawPageViewBeforeOutputフックを追加、拡張機能が出力に影響を与える可能性があります
 * (bug 3446) 差分の下のページ内容を隠すユーザプリファレンスを追加. これはdiffonly=1もしくはdiffonly=0を差分ページのURLに追加することで上書きできます.
 * action=purgeがGET経由で行うことができることを決定するログインステータスの決め打ちのチェックを置き換える'purge'権限を追加. 匿名利用者に対してパーミッションのスイッチをオンにすることでベンチマークに役立ちます.
 * (bug 7842) 削除されたリビジョンのプレビューから削除されたリビジョンの一覧に戻るリンク
 * (bug 8619) user-awareな"unblock"リンクを Special:Blockipに追加
 * (bug 8522) 適切なパーミッションを持つユーザに対してSpecial:Brokenredirects上で"delete"リンクを提供する
 * (bug 8628) ユーザがわかるブロックリストのリンクをSpecial:Blockipに追加
 * (bug 8621) ログリビジョンはパトロール済みとしてマークされる
 * "BookInformation"フックを導入; 詳細に関してはdocs/hooks.txtを参照
 * Special:Undeleteに対してタイトルの接頭辞検索を追加した
 * Special:Undeleteからフルアーカイブリストを除去した
 * (bug 8136) 'ArticleUndelete'フックを導入; 詳細は docs/hooks.txtを参照
 * (bug 8712) JavaScriptグローバルとしてユーザグループを露出する
 * 'CustomEditor'フックを導入; 詳細に関してはdocs/hooks.txtを参照
 * 新しい特別ページであるSpecial:Protectedpagesはすべての保護されたページとそれらの保護ステータスを表示します. パフォーマンスを配慮するために、保護ステータスはすべて表示されません. ですので"full protected"もしくは"semi protected"を表示するだけです.
 * (bug 4133) ブロックの期限と同じフォーマットでページの保護に期限をつけることができるようになります. 既存の保護期間は無期限であることが前提とされています. as are protections made with the new field left blank.
 * (bug 8535) 画像のキーワードとして使うことができるいくつかのvertical alignment(縦の配置)属性を可能にする
 * (bug 6987) に対して、perrow、widths、とheights属性を許可する
 * (bug 3678) と同じ方法でを無効できるようにしました; これは("-"に設定することで)フッターがwikiのデフォルト言語で無効される場合、それらは別の言語でも無効にされることも意味します(例えばユーザuselang=frを指定する場合).
 * Special:Logでログタイプをソートする
 * クラス名("mw-toolbar-editbutton")とユニークIDを編集ツールバーボタンに追加した
 * IPアドレス/ユーザ名が一覧表示されるかに基づいて重要ではないSpecial:Blockipでブロックオプションを隠す. (JSを使って動的に)
 * (bug 9032) Special:Allmessagesを通してquickbarSetingsをローカライズする
 * (bug 7782) 画像の説明ページでファイル情報の標準化.
 * (bug 1035) IPの範囲に対して投稿/最近の変更を閲覧する
 * (bug 8747) Special:Watchlist/editからウォッチを解除するとき、確認メッセージをCSSクラスとidを持つ適切なリストに置く
 * (bug 9118) 削除確認ページ上で関連したログフラグメントを表示する
 * (bug 9009) ユーザ名エントリフィールドをSpecial:Contributionsに追加
 * (bug 1723) 履歴の記事サイズ
 * (bug 9223) ページタイトルとユーザ名でマジックの波線記号のシーケンスを不許可
 * (bug 6997) Special:log/blockからunblock formにリンク
 * (bug 9117) Special:log/deleteからundelete formにリンク
 * Special:log/protectからchange protection formにリンク
 * (bug 1196) ブロックに追加されたIPv6サポートを追加した. IPv6の投稿に対してより一致する
 * (bug 3984) title%でログを検索する
 * 画像が既存のファイル名で存在する場合、既存の画像のサムネイルを表示する
 * (bug 5546) ウォッチリストは移動、保護、復元のような記録されたアクションを反映する
 * LinkFilterのHTTP以外のプロトコルをサポート. $wgUrlProtocolsを使います
 * (bug 3069) 縮小された画像のアップロードを警告する
 * 小文字の拡張子を持つ画像が存在する場合、大文字の拡張子を持つ画像のアップロード上で警告する
 * (bug 4624) Special:Whatlinkshereに対して名前空間の選択
 * PageHistoryBeforeListとPageHistoryLineEndingフックを導入; 詳細な情報に関してはdocs/hooks.txtを参照
 * (bug 9397) "sp-contributions-footer"と "sp-contributions-footer-anon"メッセージを導入、ターゲットに対して適切なものとしてSpecial:Contributionsの終わりで表示されます
 * (bug 8421) ('wgAction'として)JavaScriptグローバルで現在のアクションを露出します
 * (bug 9069) 画像専用のクエリページでギャラリを使う
 * (bug 9177) インストーラはセッションストレージを壊すことにつながる可能性のあるsession.save_pathに影響を与える様々な条件に対して警告を発します.
 * (bug 9046) 言語リンク無しのページを一覧表示する特別ページ
 * (bug 9508) 最も少ないリビジョン数を持つ記事を一覧表示する特別ページ
 * 'FileUpload'フックを導入; 詳細な情報に関してはdocs/hooks.txtを参照
 * 'SearchUpdate'フックを導入; 詳細な情報に関してはdocs/hooks.txtを参照
 * 'mywatchlist'メッセージを導入; ウォッチリストページにリンクするためにパーソナルメニュー上で使われています
 * マジックワードを導入
 * file-type specific operationsに対してメディアハンドラを導入した
 * thumbnailing画像のサムネイリングに対してエラーの表示を改善
 * ImageMagickのサムネイリングに対してsharpeningオプションを追加
 * (bug 9656) 500文字より長いページの削除に対して自動要約が生成されます
 * 予め定義されたブロックの理由をSpecial:Blockipに追加
 * (bug 9196) インストーラはzend.ze1_compatibility_modeがoffであるかチェックします.
 * (bug 9697) 'InternalParseBeforeLinks'フックを導入; 詳細な情報に関してはdocs/hooks.txtを参照
 * 'contribsub'メッセージは'contribsub2'に変更されました. よりベターなローカライゼーションを認める2つのパラメータが加わりました. 変更はChange is reverse-compatibleで大抵のwikiで無視できます
 * 'reason'フィールドをSpecial:Userrightsに追加

1.9 でのバグ修正

 * (bug 7292) Fix site statistics when moving pages in/out of content namespaces
 * (bug 8531) Correct local name of Lingála
 * Made the PLURAL: parser function return singular on -1 per default
 * Fixed up the AjaxSearch
 * Fix SpecialVersion->formatCredits input. Version and Url parameters should be null to be treated properly with isset.
 * Page restrictions moved into a new, dedicated table
 * Correct tooltip accesskey hint for Opera on the Macintosh (uses Shift-Esc-, not Ctrl-).
 * (bug 8002) Math should render left-to-right even in right-to-left wikis
 * Pass e-mail and real name fields to AuthPlugin::addUser, as additional optional fields, which may be considered useful at registration time.
 * PostgreSQL upgrade scripts fixed and updated
 * (bug 8613) Fix error when viewing "Recent Changes" and using Postgres.
 * Initialise site_stats table at upgrade time if data was missing
 * (bug 7250) Updated Unicode normalization tables to Unicode 5.0
 * Unmaintained Oracle support files have been removed.
 * Use browser default for printing size, don't force to 11pt
 * (bug 8632) Fix regression in page protection null edit update
 * (bug 8407) Disallow indexing of "printable" versions
 * (bug 8643) Correctly escape the page-specific CSS class for non-Monobook skins
 * (bug 8629) Document $wgFilterCallback
 * (bug 1000) Clarify warning about memory_limit in installer
 * Suppress PHP warning about set_time_limit in installer when safe mode is on
 * (bug 3000) Fall back to SCRIPT_NAME plus QUERY_STRING when REQUEST_URI is not available, as on IIS with PHP-CGI
 * Missing interwiki row for English Wikipedia restored (as "wikipedia:")
 * use configured cache servers for mctest.php
 * bucket details in mcc.php
 * fix input validation and remove debugging code in compressOld
 * full ID range for moveToExternal
 * fix resolveStubs.php for compatibility with older serialized data
 * maximum line length for bar graphs in getLagTimes.php
 * recognize specieswiki in rebuildInterwiki.inc
 * profile unicode cleanup in Xml
 * log slow parses in Article.php
 * profile wfMsgReal
 * log mkdir failures
 * profile AutoLoader
 * rebuild empty DjVu metadata containing ''
 * security fix for DjVu metadata retrieval
 * Undelete page list can use plural marker
 * (bug 8638) Fix update from 1.4 and earlier
 * (bug 8641) Fix order of updates to ipblocks table
 * (bug 8678) Fix detection of self-links for numeric titles in Parser
 * (bug 6171) Magically close tags in tables when not using Tidy.
 * Sanitizer now correctly escapes lonely '>' occurring before the first wikitag.
 * Ignore self closing on closing tags ( ' ' now gives ' ')
 * (bug 8673) Minor fix for web service API content-type header
 * Fix API revision list on PHP 5.2.1; bad reference assignment
 * (bug 8688) Handle underscores/spaces in Special:Blockip and Special:Ipblocklist in a consistent manner
 * (bug 8701) Check database lock status when blocking/unblocking users
 * ParserOptions and ParserOutput classes are now in their own files
 * (bug 8708) Namespace translations for Zealandic language
 * Renamed constructor methods to PHP 5 __construct reserved name
 * (bug 8715) Warn users when editing an interface message whether or not the message page exists
 * ar: fix the 'create a new page' on search page when no exact match found
 * (bug 8703) Corrected talk and image namespace name for Limburgish (li)
 * (bug 8671) Expose "wpDestFile" as a parameter to "uploadtext"
 * (bug 8403) Respect bad image list exceptions in galleries on wiki pages
 * Allow sending per-user contribution requests to "contributions" query group
 * (bug 3717) Update user count for AuthPlugin account autocreation
 * (bug 8719) Firefox release notes lie! Fix tooltips for Firefox 2 on x11; accesskeys default settings appear to be same as Windows.
 * Added an option to make Linker::userToolLinks show the contribs link red when the user has no edits. Linker::userToolLinksRedContribs is an alias to that which should be used to make it more self documentating.
 * (bug 8749) Bring MySQL 5 table defs back into sync
 * (bug 8751) Set session cookies to HTTPS-only to match other cookies
 * (bug 8652) Catch exceptions generated by malformed XML in multipage media
 * (bug 8782) Help text in Makefile
 * (bug 8777) Suppress 'previous' link on Special:Allpages when at first page
 * (bug 8774) Fix path for GNU FDL rights icon on new installs
 * Fix multipage selector drop-down for DjVu images to work when title is passed as a query string parameter; we have to pass the title as a form parameter or it gets dropped from the form submission URL
 * (bug 8819) Fix full path disclosure in with skins dependencies
 * Fixed bug [[bugzilla:affecting HTML formatting in sortable table column titles
 * Merged table sorting code into wikibits.js
 * (bug 8711) Stop floats in previews from spilling into edit area
 * (bug 8858) Safer handling when $wgImageLimits is changed. Added a note in DefaultSettings to make it clear.
 * (bug 4268) Fixed data-loss bug in compressOld batch text compression affecting pages which had null edits (move, protect, etc) as second edit in a batch group. Isolated and patched by Travis Derouin.
 * Fix for paths in 1.4->1.5 special-case updater script
 * (bug 8789) AJAX search: IE users can now use the return key
 * (bug 6844) Use and tags to emphase the differences
 * (bug 6684) Fix improper javascript array iteration
 * (bug 4347) use MailAddress object for reply-to
 * Add AlphabeticPager abstract class
 * Use faster AlphabeticPager for Special:Categories
 * (bug 8875) Show printable link in MonoBook sidebar for locally nonexistent pages; perhaps useful for categories and shared images
 * Clean up session checks to better handle the case where the session was opened during the current request. May help with some caching corner cases.
 * (bug 8897) Fix whitespace removal for interlanguage links with link prefix
 * Add 'ParserTestTables' hook to expand the list of temporary tables copied by the parser test harness; use for extensions which require the presence of other tables while they work.
 * Message names changed for AlphabeticPager introduced with r19758 for better localisations.
 * (bug 8944) The deprecated is_a function is used in StubObjects.php
 * (bug 8992) Fix a remaining raw use of REQUEST_URI in history
 * (bug 8999) User.php gives "undefined user editcount" PHP notice.
 * (bug 8984) Fix a database error in Special:Recentchangeslinked when using the Postgres database.
 * Moved the main ob_start from the default LocalSettings.php to WebStart.php. The ob_start section should preferably be removed from older LocalSettings.php files.
 * Give Content-Length header for HTTP/1.0 clients.
 * Partial support for Flash cross-domain-policy filtering.
 * Lazy-initialize site_stats row on load when empty. Somewhat kinder to dump-based installations, avoiding PHP warnings when NUMBEROFARTICLES and such are used.
 * Add 'charset' to Content-Type headers on various HTTP error responses to forestall additional UTF-7-autodetect XSS issues. PHP sends only 'text/html' by default when the script didn't specify more details, which some inconsiderate browsers consider a license to autodetect the deadly, hard-to-escape UTF-7. This fixes an issue with the Ajax interface error message on MSIE when $wgUseAjax is enabled (not default configuration); this UTF-7 variant on a previously fixed attack vector was discovered by Moshe BA from BugSec: http://www.bugsec.com/articles.php?Security=24
 * Trackback responses now specify XML content type
 * (bug 9044) Send a comment with action=raw pages in CSS/JS output mode to work around IE/Mac bug where empty pages time out verrrrryyyyy slowly, particularly with new keepalive-friendly HTTP on Wikipedia
 * (bug 8919) Suppress paging links and related messages where there are no rows to list for query pages
 * (bug 9057) Standardize MediaWiki: namespace for oc
 * (bug 8132) Suppress "Pages in this category" heading in categories when there are none
 * (bug 8958) Handle search operators better when using tsearch2 (Postgres)
 * (bug 8799) Use redirect table for Special:BrokenRedirects and Special:DoubleRedirects
 * (bug 8918) Enable PLURAL option for and * (bug 9122) Fix minor display issue in RTL with section edit link margin
 * (bug 5805) Enable PLURAL option for some messages of watchlist and statistic
 * (bug 3953) Work around poor display of parenthesis in the in other languages section of MonoBook skin
 * (bug 8539) Enable PLURAL option for another message of recentchanges.
 * (bug 8728) MediaWiki:Badfiletype splitted into 3 messages
 * (bug 9131) Allow SpecialContributions to work with Postgres
 * (bug 9155) Allow footer info to wrap in Monobook
 * (bug 8847) Strip spurious #fragments from request URI to fix redirect loops on some server configurations
 * (bug 9097) column "pr_pagetype" does not exist
 * (bug 9217) Balance wfProfile calls in Skin::outputPage
 * (bug 9222) PostgreSQL updater should not be version-specific
 * Fix fallback implementation of mb_strlen so it works and isn't insanely slow for large strings, since it's used for page edit lengths
 * (bug 8815) Setting password in initUser breaks LdapAuthentication plugin
 * (bug 9256) Add a quick note to index.php header comments
 * Make Special:Listusers caseinsensitive for first letter
 * Default tidy.conf has been moved from extensions module into includes.
 * Ignore lonely '
 * (bug 9244) When calling edit page for nonexistent section, generate error inside of just discarding edits, since edit links sometimes go to the wrong place.
 * (bug 9019) No warning during upload if image description page exists, but no image
 * (bug 8582) Allow thumbnailing when imagesize has a space.
 * (bug 8716) Change math_inputhash and math_outputhash to byte for Postgres
 * (bug 9343) Correct internal name for Wolof language
 * (bug 9363) Fix Postgres error on Recentchangeslinked
 * (bug 5142) Fixed call of hook ArticleViewHeader
 * (bug 4777) Separate prev/next messages for Special:Whatlinkshere
 * Merge approx 15 missing Wikipedia language codes into wikipedia-interwiki.sql based on Jeff Merkey's mediawiki-1.9.3.WG-20070316.tar.gz.bz2 archive.
 * (bug 9411) Fix for shared image descriptions using query-string titles
 * (bug 4756) Add user tool links for self created accounts at special:log instead of sometimes broken block links from newuserlog extension
 * (bug 5817) Special:Recentchangeslinked now shows red link for nonexistent target page instead of silently redirecting
 * (bug 8914) Don't transform colons in
 * (bug 9241) Handle edit section links and include size links for cached templates the same as the first transclusion.
 * (bug 9466) "Rollback failed" page doesn't format edit comment
 * (bug 9472) Invalid XHTML on cached special pages
 * (bug 9472) Invalid XHTML on Special:Newpages
 * (bug 4764) "My contributions" not bold when viewing own contributions
 * (bug 9194) Add NaN undefineds to navigation bar of Special:Whatlinkshere
 * (bug 9033) Use a more specific error message when users are not able/allowed to edit page protection levels due to a block, database lock or permissions
 * Fixed $wgFeedLimit
 * (bug 9270) Corrected help namespace name for Dutch Lower Saxon (nds-nl)
 * (bug 929, 4215) Expose "rcdays" user preference in Special:Preferences
 * (bug 9554) Extension-provided group name messages not used
 * (bug 9565) Translate template namespace name for Hindi (hi)
 * (bug 8599) Correct localized names of zh-variants
 * (bug 3366) Require skins based on SkinTemplate to override the skinname property.
 * (bug 9220) Removed obsoletes functions in install-utils.inc.
 * Removed obsoletes Title::getRelatedCache and Title:touchArray
 * (bug 7285) Check MySQL username length during install
 * (bug 6910) Correct date/time formats in Vietnamese (vi)
 * (bug 9608) Correctly use ORDER BY in dumpLinks.php
 * (bug 9609) Correctly use ORDER BY in SpecialWhatlinkshere.php
 * Special:Random and Special:Randomredirect now try harder to send the user to a random page, and will give an error message if none really can be found instead of sending the user to the main page like they used to
 * Fix object variable used for displaying "not-patrolled" CSS class on list
 * Fixed interaction of page parameter to ImagePage with the HTML file cache
 * Fixed MIME type for SVG files, will be silently changed from image/svg to image/svg+xml after loading from the database.
 * Workaround for djvutoxml bug #1704049 (poor performance). Use djvudump instead.
 * Fixed odd behaviour in ImagePage on DjVu thumbnailing errors
 * (bug 5439) "Go" title search will now jump to shared/foreign Image: and MediaWiki: pages that have not been locally edited.
 * (bug 9630) Limits links in Whatlinkshere forgot about namespace filter
 * Fixed upgrade for the non-standard MySQL schemas
 * Disable MySQL's strict mode at session start for MySQL 4.1+, to avoid the various problems that occur when it is on.
 * (bug 9585) Fix regression in tidy usage in Special:Undelete previews
 * (bug 3826) Normalize some invalid cookie name characters when setting up $wgCookiePrefix. Completes application of patch by Anders Kaseorg.
 * (bug 9649) Fix RTL form alignment for Special:Movepage
 * (bug 9582) Members of bot group now mark edits patrolled by default
 * (bug 9669) Fix limit ordering for rebuildrecentchanges; broken since converted from 1.4 to 1.5 schema
 * (bug 9682) Revert PHP 5.1 dependency on warning suppression for SVN info
 * (bug 5959) Anchors dropped from stub links
 * (bug 3348) Some additional weak password checks: password which is same as username will now be rejected.
 * (bug 8602) Converted Special:Contributions to use an IndexPager. The interpretation of the offset parameter has changed, and the go parameter has been removed.
 * (bug 7629) Fix $wgBrowserBlackList to avoid false positive on MSIE when certain plugins are present which alter the user agent

メンテナンス

 * extensionリポジトリでi18nの進行をチェックするために新しいmaintenance/language/checkExtensioni18n.phpスクリプト.
 * maintenance/parserTests.phpを'--record'オプションで実行すると、求められたテーブルを自動的に作ることが試みられます
 * 追加のパーサキャッシュのパージングを行うためにpurgeList.phpに対して--purgeオプションを追加
 * parserTests.phpの決め打ちの背景色を修正
 * parserTests.php : --color管理対して'light'オプションを削除、代わりにグローバルスイッチに置き換えた : $wgCommandLineDarkBg
 * (bug 8780) LocalSettings.phpが存在するが読み込みできない場合、コマンドラインスクリプト用のメッセージを明瞭化
 * dumpBackup / importDumpはPostgreSQLで機能する
 * (bug 8975) importImages.phpとimportTextFile.phpスクリプトに対して"Maintenance script"をデフォルトのユーザ名として使う
 * (bug 8933) maintenance/reassignEdits.phpスクリプトを修正
 * (bug 9440) MediaWiki.orgへの"mediawikiwiki"インターウィキの接頭辞を追加
 * (bug 2979) インポートは警告付きで無効なタイトルをgracefullyにスキップする
 * maintenance/importTextFile.phpに対する'--norc'オプションをリストア
 * maintenance/importTextFile.phpのヘルプ情報がコンソール上で読みやすくなりました
 * Doxygenドキュメントはそれぞれのファイルのリビジョン番号を表示し、dotを使ってグラフを生成し、検索エンジンを含みます.

更新された言語

 * Arabic (ar)
 * Aramaic (arc)
 * Aymara (ay)
 * Belarusian normative (be)
 * Belarusian alternative (be-x-old)
 * Bulgarian (bg)
 * Bihara (bh)
 * Breton (br)
 * Catalan (ca)
 * Czech (cs)
 * Danish (da)
 * German (de)
 * Greek (el)
 * Esperanto (eo)
 * Spanish (es)
 * Estonian (et)
 * Basque (eu)
 * Finnish (fi)
 * Võro (fiu-vro)
 * French (fr)
 * Hebrew (he)
 * Hindi (hi)
 * Upper Sorbian (hsb)
 * Hungarian (hu)
 * Armenian (hy)
 * Indonesian (id)
 * Italian (it)
 * 日本語 (ja)
 * Javanese (jv)
 * Georgian (ka)
 * Kabyle (kab)
 * Kazakh (kk)
 * Korean (ko)
 * Kashmiri (ks)
 * Ripuarian (ksh)
 * Latin (la)
 * Luganda (lg)
 * Limburgish (li)
 * Lithuanian (lt)
 * Latvian (lv)
 * Marathi (mr)
 * Low Saxon (nds)
 * Dutch Lower Saxon (nds-nl)
 * Nepali (ne)
 * Nepal Bhasa (new)
 * Dutch (nl)
 * Occitan (oc)
 * Pali (pi)
 * Polish (pl)
 * Romanian (ro)
 * Russian (ru)
 * Sanskrit (sa)
 * Sicilian (scn)
 * Slovak (sk)
 * Sundanese (su)
 * Swedish (sv)
 * Tahitian (ty)
 * Ukrainian (uk)
 * Urdu (ur)
 * Uzbek (uz)
 * Vietnamese (vi)
 * Zealandic (zea)
 * Old Chinese / Late Middle Chinese (zh-classical)
 * Chinese (PRC) (zh-cn)
 * Chinese (Taiwan) (zh-tw)
 * Cantonese (zh-yue)

Compatibility
MediaWiki 1.10 requires PHP 5 (5.1 recommended). PHP 4 is no longer supported.

PHP 5.0.x fails on 64-bit systems due to serious bugs with array processing: http://bugs.php.net/bug.php?id=34879 Upgrade affected systems to PHP 5.1 or higher.

MySQL 3.23.x is no longer supported; some older hosts may need to upgrade. At this time we still recommend 4.0, but 4.1/5.0 will work fine in most cases.

Upgrading
1.10 has several database changes since 1.9, and will not work without schema updates.

If upgrading from before 1.7, you may want to run refreshLinks.php to ensure new database fields are filled with data.

If you are upgrading from MediaWiki 1.4.x or earlier, some major database changes are made, and there is a slightly higher chance that things could break. Don't forget to always back up your database before upgrading!

See the file UPGRADE for more detailed upgrade instructions.

Caveats
Some output, particularly involving user-supplied inline HTML, may not produce 100% valid or well-formed XHTML output. Testers are welcome to set $wgMimeType = "application/xhtml+xml"; to test for remaining problem cases, but this is not recommended on live sites. (This must be set for MathML to display properly in Mozilla.)

For notes on 1.9.x and older releases, see HISTORY.

オンライン説明文書
Documentation for both end-users and site administrators is currently being built up on MediaWiki.org, and is covered under the GNU Free Documentation License (except for pages that explicitly state that their contents are in the public domain) :
 * Documentation/ja

メーリング リスト
A MediaWiki-l mailing list has been set up distinct from the Wikipedia wikitech-l list: A low-traffic announcements-only list is also available: It's highly recommended that you sign up for one of these lists if you're going to run a public MediaWiki, so you can be notified of security fixes.
 * mediawiki-l
 * mediawiki-announce

IRC ヘルプ
There's usually someone online in #mediawiki on irc.freenode.net