Page MenuHomePhabricator
Create Task
Maniphest T333617

Tracking bug for MediaWiki 1.35.11/1.38.7/1.39.4/1.40.0
Closed, ResolvedPublic
Actions

Description

Previous work: T325840: Tracking bug for MediaWiki 1.35.10/1.38.6/1.39.3

Tracking bug for next security release, 1.35.11/1.38.7/1.39.4/1.40.0

Related Objects
Search...

Event Timeline

Reedy added projects: Security, MediaWiki-Releasing.Mar 30 2023, 11:49 PM
Reedy subscribed.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMar 30 2023, 11:49 PM
Reedy added a parent task: T333616: Release MediaWiki 1.35.11/1.38.7/1.39.4/1.40.0.Mar 30 2023, 11:49 PM
DannyS712 updated the task description. (Show Details)Apr 4 2023, 3:34 PM
sbassett added a subtask: T333050: CVE-2023-45363: RequestTimeoutException when querying pages redirected to other variants with redirects and converttitles set.Apr 17 2023, 9:15 PM
sbassett closed subtask T333050: CVE-2023-45363: RequestTimeoutException when querying pages redirected to other variants with redirects and converttitles set as Resolved.Apr 20 2023, 9:27 PM
Reedy added a subtask: T335203: CVE-2023-29197: Upgrade guzzlehttp/psr7 to >= 1.9.1/2.4.5.Apr 23 2023, 5:22 PM
sbassett mentioned this in T335612: CVE-2023-36674: Manualthumb bypasses badFile lookup.May 15 2023, 8:22 PM
Mstyles added a subtask: T335612: CVE-2023-36674: Manualthumb bypasses badFile lookup.May 15 2023, 11:07 PM
Legoktm added a subtask: T332889: CVE-2023-36675: XSS in BlockLogFormatter due to unsafe message use.May 20 2023, 12:38 PM
sbassett mentioned this in T332889: CVE-2023-36675: XSS in BlockLogFormatter due to unsafe message use.May 22 2023, 2:30 PM
sbassett closed subtask T332889: CVE-2023-36675: XSS in BlockLogFormatter due to unsafe message use as Resolved.
Reedy renamed this task from Tracking bug for MediaWiki 1.35.11/1.38.7/1.39.4/1.40.1 to Tracking bug for MediaWiki 1.35.11/1.38.7/1.39.4/1.40.0.Jun 29 2023, 7:57 PM
Reedy updated the task description. (Show Details)
Reedy claimed this task.Jun 29 2023, 8:00 PM
Reedy closed subtask T335612: CVE-2023-36674: Manualthumb bypasses badFile lookup as Resolved.Jun 30 2023, 4:21 PM
Reedy closed this task as Resolved.Jun 30 2023, 4:46 PM
Reedy changed the visibility from "acl*security (Project)" to "Public (No Login Required)".Jun 30 2023, 5:34 PM
Reedy changed the edit policy from "acl*security (Project)" to "All Users".
Reedy removed a subtask: T333050: CVE-2023-45363: RequestTimeoutException when querying pages redirected to other variants with redirects and converttitles set.Jun 30 2023, 5:45 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits