Addshore added a comment. |
Everything from the security review now either has a patch linked to this ticket or a subtask has been created.
In response to the issue with hash conflicts, pages that create duplicate hashes will simply not be written to the database / ignored, thus it should not be an attack vector in terms of vandalism.
I have created a sub task to confirm this, and add some logging when conflicts do happen (if they do) and add some extra testing in the area.
TASK DETAIL
EMAIL PREFERENCES
To: Addshore
Cc: gerritbot, Bawolff, daniel, Aklapper, Addshore, Lydia_Pintscher, Th3d3v1ls, Ramalepe, Liugev6, Lewizho99, Maathavan, D3r1ck01, Andrew-WMDE, dpatrick, Izno, Luke081515, Wikidata-bugs, aude, JanZerebecki, Darkdadaah, csteipp, Mbch331, Jay8g, Legoktm
Cc: gerritbot, Bawolff, daniel, Aklapper, Addshore, Lydia_Pintscher, Th3d3v1ls, Ramalepe, Liugev6, Lewizho99, Maathavan, D3r1ck01, Andrew-WMDE, dpatrick, Izno, Luke081515, Wikidata-bugs, aude, JanZerebecki, Darkdadaah, csteipp, Mbch331, Jay8g, Legoktm
_______________________________________________ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs