SECURITY: UserGroupMembership: Fix HTML escaping in #getLink

[lhc/web/wiklou.git] / RELEASE-NOTES-1.31

diff --git a/RELEASE-NOTES-1.31 b/RELEASE-NOTES-1.31
index 82f1f9c..6625cd2 100644 (file)
--- a/RELEASE-NOTES-1.31
+++ b/RELEASE-NOTES-1.31
@@ -1,9 +1,35 @@
-== MediaWiki 1.31.6 ==
+== MediaWiki 1.31.7 ==
 
 THIS IS NOT A RELEASE YET
 
+=== Changes since MediaWiki 1.31.6 ===
+* (T193565, T234022) Re-add DB domain sanity checks to LoadBalancer.
+* Use proper SemVer comparison in CheckComposerLockUpToDate.
+* (T212738) Add the MW_VERSION constant, global $wgVersion is soft deprecated.
+* Update comment about PHP versions supported by The PHP Group.
+* (T247215) Fix output of RecountCategories::doWork().
+* Add check for page existence to view.php maintenance script.
+* (T247580) Disable some broken Selenium tests.
+
+== MediaWiki 1.31.6 ==
+
+This is a security and maintenance release of the MediaWiki 1.31 branch.
+
 === Changes since MediaWiki 1.31.5 ===
 * (T181658) Do not insert page titles into querycache.qc_value.
+* (T206013) Suppress errors when reading invalid XML file properties.
+* (T237931) Remove references to pg_attrdef.adsrc in Postgres code.
+* Use correct value for 'sslmode' in DatabasePostgres.
+* (T232866) Fix support for HTTP/2 in MultiHttpClient.
+* (T227461) Stop calling deprecated Redis delete functions.
+* (T239561) Mark options as requiring parameters in addSite.php.
+* (T239734) Replace deprecated lSize with lLen in Redis code.
+* (T192134) SECURITY: Do not allow user scripts on Special:PasswordReset.
+* (T239428) ApiEditPage: Test for bad redirect targets.
+* (T233342) rdbms: Log debug message traces as 'exception.trace' instead of
+  'trace'.
+* (T226751) media: Log and fail gracefully on invalid EXIF coordinates.
+* (T212067) Work around PHP bug in parse_url.
 
 == MediaWiki 1.31.5 ==