Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F34251709
02-T272386-master.patch
Reedy (Sam Reed)
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Authored By
Reedy
Apr 5 2021, 12:13 AM
2021-04-05 00:13:23 (UTC+0)
Size
924 B
Referenced Files
None
Subscribers
None
02-T272386-master.patch
View Options
From: Tim Starling <tstarling@wikimedia.org>
Date: Mon, 28 Jan 2021 05:50:00 +0000
Subject: [PATCH] SECURITY: Non-admin deleted enwiki page in fast double move
Bug: T272386
---
diff --git a/includes/MovePage.php b/includes/MovePage.php
index cdc994cab6..ffadf55586 100644
--- a/includes/MovePage.php
+++ b/includes/MovePage.php
@@ -231,7 +231,9 @@ class MovePage {
if ( $this->oldTitle->equals( $this->newTitle ) ) {
$status->fatal( 'selfmove' );
- } elseif ( $this->newTitle->getArticleID() && !$this->isValidMoveTarget() ) {
+ } elseif ( $this->newTitle->getArticleID( Title::READ_LATEST /* T272386 */ )
+ && !$this->isValidMoveTarget()
+ ) {
// The move is allowed only if (1) the target doesn't exist, or (2) the target is a
// redirect to the source, and has no history (so we can undo bad moves right after
// they're done). If the target is a single revision redirect to a different page,
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
8965937
Default Alt Text
02-T272386-master.patch (924 B)
Attached To
Mode
T272386: CVE-2021-30159: Non-admin deleted enwiki page in fast double move
Attached
Detach File
T270459: Tracking bug for MediaWiki 1.31.13/1.35.2
Attached
Detach File
Event Timeline
Log In to Comment