On Tue, Apr 26, 2016 at 2:44 PM, Jon Robson <jrobson(a)wikimedia.org> wrote:
A security vulnerability has been discovered in
MediaWiki setups which
use MobileFrontend.
Revisions who's visibility had been alerted were showing up in parts
of the mobile UI.
All projects in the Wikimedia cluster have been since patched but if
you use this extension please be sure to apply the fix.
Patch file and issue are documented on
https://phabricator.wikimedia.org/T133700
Note there is some follow-up work to do which is tracked in:
https://phabricator.wikimedia.org/T133722
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
For these sorts of things, could we include the extension in the
subject line? Otherwise some people might think its a general
mediawiki security issue.
Thanks,
--
-bawolff