Description
Description
Previous release work: T180272
Tracking for activities actually pertaining to making the release of MediaWiki 1.27.5/1.29.3/1.30.1/1.31.1
Related Objects
Related Objects
- Mentioned In
- T205039: Release MediaWiki 1.27.6/1.30.2/1.31.2/1.32.2
- Mentioned Here
- T169545: $wgRateLimits (rate limit / ping limiter) entry for 'user' overrides that for 'newbie' (CVE-2018-0503)
T187638: When a log event is (partially) hidden Special:Redirect/logid can link to the incorrect log and reveal hidden information (CVE-2018-0504)
T194237: bot passwords should call checkLoginSecurityLevel
T194605: BotPassword can bypass CentralAuth's account lock (CVE-2018-0505)
T196386: MediaWiki should prevent username registration if the username previously existed
T196602: Streamline MW security release process
T180272: Release MediaWiki 1.27.4/1.28.3/1.29.2
Event Timeline
Reedy created this task.Jul 7 2018, 4:49 PM
Reedy added a subtask: T181665: Tracking bug for 1.27.5/1.29.3/1.30.1/1.31.1 security release.Jul 7 2018, 4:49 PM
Reedy added a project: MediaWiki-Releasing.
Reedy added a comment.Jul 7 2018, 5:11 PM
Comment ActionsShould probably decide if we're going to try and use the ideas in T196602: Streamline MW security release process
Legoktm subscribed.
Comment ActionsStatus update:
- T169545 - deployed, backports in phab by Reedy
- T167937 - CR -1, needs a new patch.
- T187638 - patches merged to all branches in Gerrit
- T194605 - deployed, needs backports
- T194237 - patches merged to all branches in Gerrit
- T196386 - patch deployed/merged in Gerrit only for CentralAuth, still needs a patch for AntiSpoof itself. (extension isn't bundled though)
MoritzMuehlenhoff closed subtask T199027: Obtain CVEs for 1.27.5/1.29.3/1.30.1/1.31.1 security releases as Resolved.Aug 29 2018, 10:58 AM
Reedy claimed this task.Sep 15 2018, 2:39 AM
Comment ActionsOk, let's get this done next week as @Legoktm has pretty much finished the prep work off
Reedy closed subtask T199023: Write and send pre-release Announcements for MediaWiki 1.27.5/1.29.3/1.30.1/1.31.1 as Resolved.Sep 19 2018, 9:27 PM
Reedy closed subtask T199022: Write release announcements for 1.27.5/1.29.3/1.30.1/1.31.1 security releases as Resolved.Sep 20 2018, 9:21 PM
Reedy closed subtask T181665: Tracking bug for 1.27.5/1.29.3/1.30.1/1.31.1 security release as Resolved.Sep 20 2018, 9:32 PM
Reedy changed the visibility from "Custom Policy" to "Public (No Login Required)".Sep 20 2018, 9:35 PM
Reedy closed subtask T199024: Update onwiki release notes for 1.27.5/1.29.3/1.30.1/1.31.1 as Resolved.Sep 20 2018, 9:49 PM
Reedy closed subtask T199025: Update HISTORY in master after 1.27.5/1.29.3/1.30.1/1.31.1 as Resolved.
Comment ActionsDONED
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits