Previous work: T305200: Tracking bug for MediaWiki 1.35.7/1.37.3/1.38.2
Tracking bug for next security release, 1.35.8/1.37.5/1.38.3
Reedy | |
Jun 30 2022, 9:02 PM |
F35538605: T307278-master.patch | |
Sep 29 2022, 12:56 AM |
F35538604: T307278-REL1_38.patch | |
Sep 29 2022, 12:56 AM |
F35485641: 02-T307278.patch | |
Sep 25 2022, 7:18 PM |
F35490459: 0001-SECURITY-reassignEdits-Delete-rows-from-ip_changes.patch | |
Sep 25 2022, 7:09 PM |
Previous work: T305200: Tracking bug for MediaWiki 1.35.7/1.37.3/1.38.2
Tracking bug for next security release, 1.35.8/1.37.5/1.38.3
Status | Subtype | Assigned | Task | ||
---|---|---|---|---|---|
Resolved | Reedy | T311775 Release MediaWiki 1.35.8/1.37.5/1.38.3 | |||
Resolved | Reedy | T311776 Tracking bug for MediaWiki 1.35.8/1.37.5/1.38.3 | |||
Resolved | Security | matmarex | T309894 CVE-2022-41765: HTMLUserTextField exposes existence of hidden users | ||
Resolved | Security | mmartorana | T307278 CVE-2022-41766: On action=rollback the message "alreadyrolled" can leak revision deleted user name | ||
Resolved | Security | Reedy | T316304 CVE-2022-41767: reassignEdits doesn't update results in an IP range check on Special:Contributions |