Previous work: T292227: Tracking bug for MediaWiki 1.35.5/1.36.3/1.37.1
Tracking bug for next security release, 1.35.6/1.36.4/1.37.2
Reedy | |
Dec 15 2021, 8:53 PM |
F34881402: 0001-SECURITY-Add-recursion-guard-to-Title-newMainPage.patch | |
Mar 20 2022, 3:23 PM |
F34883919: T297731.patch | |
Mar 20 2022, 3:23 PM |
F34944100: T297754-squash.patch | |
Mar 20 2022, 3:23 PM |
Previous work: T292227: Tracking bug for MediaWiki 1.35.5/1.36.3/1.37.1
Tracking bug for next security release, 1.35.6/1.36.4/1.37.2
Status | Subtype | Assigned | Task | ||
---|---|---|---|---|---|
Resolved | Reedy | T297829 Release MediaWiki 1.35.6/1.36.4/1.37.2 | |||
Resolved | Reedy | T297830 Tracking bug for MediaWiki 1.35.6/1.36.4/1.37.2 | |||
Resolved | Security | Ladsgroup | T297731 CVE-2022-28203: Requesting Special:NewFiles in commons with actor as a condition can bring the whole database down | ||
Resolved | Security | Legoktm | T297571 CVE-2022-28201: Title::newMainPage() goes into an infinite recursion loop if it points to a local interwiki | ||
Resolved | Security | Lucas_Werkmeister_WMDE | T297754 CVE-2022-28204: Whatlinkshere of heavily used properties in wikidata can be easily utilized as a DDoS vector | ||
Resolved | Security | sbassett | T297543 CVE-2022-28202: Messages widthheight/widthheightpage/nbytes not escaped when used in galleries or Special:RevisionDelete |
So the 3 patches apply fine on master/REL1_38/REL1_37.
The first two (not T297754: CVE-2022-28204: Whatlinkshere of heavily used properties in wikidata can be easily utilized as a DDoS vector) also apply to REL1_36/REL1_35. Need to poke at that one a bit further.
Looks like rMWb9c68590d68c: Use pagination on Special:Whatlinkshere based on offset/dir system is the cause of the conflict....