Status | Subtype | Assigned | Task | ||
---|---|---|---|---|---|
Resolved | Reedy | T311775 Release MediaWiki 1.35.8/1.37.5/1.38.3 | |||
Resolved | Reedy | T311777 Obtain CVEs for 1.35.8/1.37.5/1.38.3 security releases |
Event Timeline
Comment Actions
T309894: CVE-2022-41765: HTMLUserTextField exposes existence of hidden users and T307278: CVE-2022-41766: On action=rollback the message "alreadyrolled" can leak revision deleted user name need a CVE.
Can't decide if we should get a CVE for T316304: CVE-2022-41767: reassignEdits doesn't update results in an IP range check on Special:Contributions..