from:"Scott Bassett"

[Wikitech-l] BREAKING CHANGE: Action API action=logout will require a CSRF token

2019-04-30 Thread Scott Bassett

Hey everybody, This was already posted to Mediawiki-api-announce, x-posting here for increased visibility as this change should be in production this week. With the merge of Icb674095,[1] use of API action=logout will require a CSRF token. This was considered a security issue, so the usual deprec

[Wikitech-l] MediaWiki Extensions Security Release Supplement

2019-10-11 Thread Scott Bassett

kimedia.org/T232113 [3] https://www.mediawiki.org/wiki/Version_lifecycle -- Scott Bassett sbass...@wikimedia.org ___ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l

[Wikitech-l] MediaWiki Extensions and Skins Security Release Supplement

2019-12-19 Thread Scott Bassett

34983 [2] https://www.mediawiki.org/wiki/Version_lifecycle [3] https://www.mediawiki.org/wiki/Reporting_security_bugs -- Scott Bassett sbass...@wikimedia.org ___ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l

[Wikitech-l] MediaWiki Extensions and Skins Security Release Supplement (1.31.7/1.33.3/1.34.1)

2020-03-26 Thread Scott Bassett

e a security task within Phabricator [3]. [0] https://lists.wikimedia.org/pipermail/wikitech-l/2020-March/093243.html [1] https://phabricator.wikimedia.org/T240400 [2] https://www.mediawiki.org/wiki/Version_lifecycle [3] https://www.mediawiki.org/wiki/Reporting_security_bugs -- Scott Basset

[Wikitech-l] MediaWiki Extensions and Skins Security Release Supplement (1.31.8/1.33.4/1.34.2)

2020-06-25 Thread Scott Bassett

ia.org/T248542 [2] https://www.mediawiki.org/wiki/Version_lifecycle [3] https://www.mediawiki.org/wiki/Reporting_security_bugs -- Scott Bassett sbass...@wikimedia.org ___ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/m

[Wikitech-l] MediaWiki Extensions and Skins Security Release Supplement (1.31.9/1.34.3/1.35.0)

2020-09-28 Thread Scott Bassett

imedia.org/pipermail/mediawiki-announce/2020-September/000260.html [1] https://phabricator.wikimedia.org/T256342 [2] https://www.mediawiki.org/wiki/Version_lifecycle [3] https://www.mediawiki.org/wiki/Reporting_security_bugs -- Scott Bassett sbass...@wikimedia.org

Re: [Wikitech-l] Workflow for updating javascript tools on wiki?

2020-10-29 Thread Scott Bassett

___ > Wikitech-l mailing list > Wikitech-l@lists.wikimedia.org > https://lists.wikimedia.org/mailman/listinfo/wikitech-l > -- Scott Bassett sbass...@wikimedia.org ___ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l

[Wikitech-l] MediaWiki Extensions and Skins Security Release Supplement (1.31.11/1.35.1)

2020-12-22 Thread Scott Bassett

ase feel free to contact secur...@wikimedia.org or file a security task within Phabricator [3]. [0] https://lists.wikimedia.org/pipermail/mediawiki-announce/2020-December/000268.html [1] https://phabricator.wikimedia.org/T263810 [2] https://www.mediawiki.org/wiki/Version_lifecycle [3] https://www.m

[Wikitech-l] MediaWiki Extensions and Skins Security Release Supplement (1.31.13/1.35.2)

2021-04-23 Thread Scott Bassett

ct secur...@wikimedia.org or file a security task within Phabricator [3]. [0] https://lists.wikimedia.org/pipermail/mediawiki-announce/2021-April/000272.html [1] https://phabricator.wikimedia.org/T270466 [2] https://www.mediawiki.org/wiki/Version_lifecycle [3] https://www.mediawiki

[Wikitech-l] Re: Why does the train start on Tuesday?

2021-06-22 Thread Scott Bassett

ealt with on a Friday or even over the weekend, but in general, the Security Team likes to avoid this. Moving the train to a Mon, Tue, Wed cadence would imply the security window be moved to the previous Friday or possibly Thursday, which is doable, but not desired for the aforementioned reasons.

[Wikitech-l] MediaWiki Extensions and Skins Security Release Supplement (1.31.15/1.35.3/1.36.1)

2021-07-02 Thread Scott Bassett

ists.wikimedia.org/hyperkitty/list/mediawiki-annou...@lists.wikimedia.org/thread/YR3X4L2CPSEJVSY543AWEO65TD6APXHP/ [1] https://phabricator.wikimedia.org/T279733 [2] https://www.mediawiki.org/wiki/Version_lifecycle [3] https://www.mediawiki.org/wiki/Reporting_security_bugs -- Scott Bassett sbass...

[Wikitech-l] BREAKING CHANGE: Action API action=logout will require a CSRF token

[Wikitech-l] MediaWiki Extensions Security Release Supplement

[Wikitech-l] MediaWiki Extensions and Skins Security Release Supplement

[Wikitech-l] MediaWiki Extensions and Skins Security Release Supplement (1.31.7/1.33.3/1.34.1)

[Wikitech-l] MediaWiki Extensions and Skins Security Release Supplement (1.31.8/1.33.4/1.34.2)

[Wikitech-l] MediaWiki Extensions and Skins Security Release Supplement (1.31.9/1.34.3/1.35.0)

Re: [Wikitech-l] Workflow for updating javascript tools on wiki?

[Wikitech-l] MediaWiki Extensions and Skins Security Release Supplement (1.31.11/1.35.1)

[Wikitech-l] MediaWiki Extensions and Skins Security Release Supplement (1.31.13/1.35.2)

[Wikitech-l] Re: Why does the train start on Tuesday?

[Wikitech-l] MediaWiki Extensions and Skins Security Release Supplement (1.31.15/1.35.3/1.36.1)

11 matches

Site Navigation

Mail list logo

Footer information