Page MenuHomePhabricator
Create Task
Maniphest T225160

Obtain CVEs for 1.31.4/1.32.4/1.33.1 security releases
Closed, ResolvedPublic
Actions

Description

CVEs!

Related Objects
Search...

Event Timeline

Reedy created this task.Jun 5 2019, 9:28 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 5 2019, 9:28 PM
Reedy added a project: MediaWiki-Releasing.Jun 5 2019, 9:28 PM
Reedy renamed this task from Obtain CVEs for 1.31.3/1.32.3/1.33.1 security releases to Obtain CVEs for 1.31.4/1.32.4/1.33.1 security releases.Jul 2 2019, 2:58 PM
Reedy added a subscriber: sbassett.Sep 21 2019, 10:04 PM

Do we want to get a CVE for T230402: Exposed suppressed username via Special:Redirect, @sbassett ?

As I think that's the only MW core security patch going into this release

sbassett added a comment.Sep 23 2019, 2:20 PM

@Reedy - we can. Probably should. You want me to request one? I probably have frequent flier status with Mitre now :)

sbassett triaged this task as Medium priority.Sep 23 2019, 2:20 PM
sbassett mentioned this in T230402: Exposed suppressed username via Special:Redirect.Sep 30 2019, 2:52 PM
Reedy changed the visibility from "Custom Policy" to "Public (No Login Required)".Oct 7 2019, 6:59 PM
Reedy closed this task as Resolved.Oct 7 2019, 7:11 PM
Reedy assigned this task to sbassett.
chasemp added a project: Security.Feb 10 2020, 10:56 PM
chasemp removed a project: acl*security.Feb 20 2020, 8:16 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL