It's not an extension that gets bundled with MediaWiki releases. On 26 April 2016 at 19:52, Ryan Lane <rlan...@gmail.com> wrote:
> Any chance that Wikimedia Foundation can actually do proper releases of > this extension, rather than sending people a link to a phabricator page > that has a link to a gerrit change buried in the comments? > > This seems like a pretty poor way to do a security release to third parties > that may be relying on this. > > On Tue, Apr 26, 2016 at 11:44 AM, Jon Robson <jrob...@wikimedia.org> > wrote: > > > A security vulnerability has been discovered in MediaWiki setups which > > use MobileFrontend. > > > > Revisions who's visibility had been alerted were showing up in parts > > of the mobile UI. > > > > All projects in the Wikimedia cluster have been since patched but if > > you use this extension please be sure to apply the fix. > > > > Patch file and issue are documented on > > https://phabricator.wikimedia.org/T133700 > > > > Note there is some follow-up work to do which is tracked in: > > https://phabricator.wikimedia.org/T133722 > > > > _______________________________________________ > > Wikitech-l mailing list > > Wikitech-l@lists.wikimedia.org > > https://lists.wikimedia.org/mailman/listinfo/wikitech-l > _______________________________________________ > Wikitech-l mailing list > Wikitech-l@lists.wikimedia.org > https://lists.wikimedia.org/mailman/listinfo/wikitech-l > _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l