aboutsummaryrefslogtreecommitdiffstats
path: root/RELEASE-NOTES-1.27
Commit message (Expand)AuthorAgeFilesLines
* Bump 1.27.51.27.5Kunal Mehta2018-09-201-2/+4
* Fix bogus DatabaseOracle::__construct() calls in OracleInstallerAaron Schulz2018-08-281-0/+1
* SpecialChangeEmail: Log email changesBrad Jorsch2018-07-101-0/+1
* BotPasswords: Indicate when a password needs resetBrad Jorsch2018-07-071-0/+1
* Add 'logid' parameter to Special:LogSam Wilson2018-07-071-0/+1
* SECURITY: Special:BotPasswords should reauthenticateBrad Jorsch2018-07-071-0/+3
* Add release notes for 0eb4eaefd3 and f7f71359Kunal Mehta2018-06-111-0/+2
* Ensure $user is passed by reference in TitleMoveComplete hook on HHVMKrinkle2018-06-091-1/+2
* registration: Allow the mtime of extension.json files to be zeroEd Schouten2018-06-081-0/+1
* objectcache: update MemcachedPeclBagOStuff for pecl memcached 3.0.0Aaron Schulz2018-06-051-0/+1
* Add default edit rate limit of 90 edits/minute for all usersBrian Wolff2018-05-101-0/+1
* Don't pass USE INDEX to a $dbType parameterReedy2018-04-201-0/+1
* Let install.php detect and inject extensionsAntoine Musso2018-03-141-0/+2
* Update SPDX licensesReedy2018-03-031-0/+1
* Make FormatMetadata::flattenArrayReal() work for an associative arrayMark A. Hershberger2018-01-051-0/+1
* Copy in Field changes from Id8963924f036e9ed3fcdde3a8e54b7126b72356eReedy2017-12-091-0/+1
* resources: Bump moment.js from 2.15.0 to 2.19.3James D. Forrester2017-11-291-0/+7
* Bump 1.27.41.27.4Reedy2017-11-141-1/+1
* SECURITY: Handle -{}- syntax in attributes safelyBrian Wolff2017-11-141-0/+1
* SECURITY: XSS in langconverter when regex hits pcre.backtrack_limitBrian Wolff2017-11-141-0/+1
* SECURITY: update.php: Remove eval-stdin.php if necessaryKunal Mehta2017-11-141-0/+1
* SECURITY: Create a .htaccess in /vendor after composer runsKunal Mehta2017-11-141-0/+1
* SECURITY: Make anchor for headlines escape > and <Max Semenik2017-11-141-0/+1
* SECURITY: Ensure Message::rawParams can't lead to XSSBrian Wolff2017-11-141-0/+1
* SECURITY: Do not reveal if user exists during login failureBrian Wolff2017-11-141-0/+1
* SECURITY: API: Avoid some silliness with browser-guessed filenamesBrad Jorsch2017-11-141-0/+1
* SECURITY: Add throttling for BotPasswords authentication attemptsBrad Jorsch2017-11-141-0/+1
* SECURITY: Escape internal error messageBrian Wolff2017-11-141-0/+2
* Updated dev dependancy phpunit/phpunit from v4.8.24 to v4.8.36Reedy2017-11-101-0/+1
* Add RELEASE-NOTES for BotPasswords backportsReedy2017-11-021-0/+1
* Add RELEASE-NOTES for 1.27 backportsReedy2017-11-021-1/+6
* Set $wgUserEmailUseReplyTo = true by defaultKunal Mehta2017-09-191-0/+2
* RELEASE-NOTES for PHP 7.1 backportsReedy2017-09-011-0/+1
* Flesh out 1.27.4 RELEASE-NOTES from merged commitsReedy2017-08-271-0/+5
* Allow SVGs using an older proposed recommendation DTDMatthias Mullie2017-07-171-0/+17
* Bump $wgVersion and finalise RELEASE-NOTES for 1.27.21.27.2Reedy2017-04-071-1/+1
* SECURITY: Do not allow users to undelete a page they can't edit or createBrian Wolff2017-04-071-0/+2
* SECURITY: Always normalize link url before adding to ParserOutputBrian Wolff2017-04-061-0/+2
* SECURITY: Don't write LocalisationCache to temporary directoryReedy2017-04-061-0/+2
* SECURITY: Whitelist DTD declaration in SVGBrian Wolff2017-04-061-0/+2
* SECURITY: Escape wikitext content model/format in messageBrian Wolff2017-04-061-0/+1
* SECURITY: SpecialWatchlist: Check CSRF token when using "Mark all pages visited"Bartosz DziewoƄski2017-04-061-0/+2
* SECURITY: API: Don't log "sensitive" parametersBrad Jorsch2017-04-061-0/+4
* SECURITY: XSS in search if $wgAdvancedSearchHighlighting = true;Brian Wolff2017-04-061-0/+2
* SECURITY: Do not directly redirect to interwikis, but use splash pageBrian Wolff2017-04-061-0/+2
* objectcache: Never use CACHE_NONE for CACHE_ANYTHINGBrian Wolff2017-04-011-0/+1
* SECURITY: Disable <html> tag on system messages despite $wgRawHtml = true;Brian Wolff2017-04-011-0/+1
* Drop index oi_name_archive_name on table oldimage in MSSQLPaladox2017-03-291-0/+1
* Make selectRowCount() (hopefully) work in MSSQL.Brian Wolff2017-03-291-0/+1
* ApiCreateAccount was removed in REL1_27Reedy2017-02-171-1/+5
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-22 18:45:49 +0000