DokuWiki 2025-05-14 "Librarian" is now available. https://github.com/dokuwiki/dokuwiki/releases/tag/release-2025-05-14 The version currently in Rawhide is DokuWiki 2024-02-06b "Kaos" (dokuwiki-20240206b-1.fc43).
DokuWiki 2025-05-14a "Librarian" is now available. https://github.com/dokuwiki/dokuwiki/releases/tag/release-2025-05-14a
Dokuwiki 2025-05-14b "Librarian" has been released on 2025-09-09. https://github.com/dokuwiki/dokuwiki/releases/tag/release-2025-05-14b
FEDORA-2025-e6ce056923 (dokuwiki-20250514b-1.fc43 and php-php81_bc-strftime-0.7.6-1.fc43) has been submitted as an update to Fedora 43. https://bodhi.fedoraproject.org/updates/FEDORA-2025-e6ce056923
FEDORA-2025-5c621a5a8a (dokuwiki-20250514b-1.fc44 and php-php81_bc-strftime-0.7.6-1.fc44) has been submitted as an update to Fedora 44. https://bodhi.fedoraproject.org/updates/FEDORA-2025-5c621a5a8a
FEDORA-2025-5c621a5a8a (dokuwiki-20250514b-1.fc44 and php-php81_bc-strftime-0.7.6-1.fc44) has been pushed to the Fedora 44 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2025-e6ce056923 has been pushed to the Fedora 43 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-e6ce056923` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-e6ce056923 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Proposed as a Freeze Exception for 43-final by Fedora user suve using the blocker tracking app because: DokuWiki has recently had an XSS (cross-site scripting) vulnerability found in it [0]. While the original vulnerability report mentions only version 2025-05-14a as affected [1], it's possible older versions are vulnerable, as well. The version currently in Fedora 43 stable is Dokuwiki 2024-02-06b. Keeping this version and providing 2025-05-14b as a zero-day update has two downsides: 1. Shipping a known potentially-vulnerable package 2. Violating the "avoid major version upgrades" point of the Updates Policy [0] https://github.com/advisories/GHSA-pp4p-g4w7-gvp7 [1] https://github.com/MarioTesoro/vulnerability-research/tree/main/CVE-2025-61224
Discussed at the blocker review meeting on 20th Oct. 2025 AGREED AcceptedFinalFreezeException This is accepted based on the justification in the bug, to get the vulnerability addressed ASAP and avoid a post-release version bump. https://meetbot.fedoraproject.org/blocker-review_matrix_fedoraproject-org/2025-10-20/f43-blocker-review.2025-10-20-16.02.html
FEDORA-2025-e6ce056923 (dokuwiki-20250514b-1.fc43 and php-php81_bc-strftime-0.7.6-1.fc43) has been pushed to the Fedora 43 stable repository. If problem still persists, please make note of it in this bug report.