X-Git-Url: http://git.heureux-cyclage.org/?p=lhc%2Fweb%2Fwiklou.git;a=blobdiff_plain;f=RELEASE-NOTES-1.31;h=231f7108194a42f1979feb400e1afcf4ccbaf1ef;hp=3e0efe4a56e363a9b6e0ba908155cd623ad89d66;hb=5105c77b3bfcfa19754b410ebb8b7f8a17944117;hpb=de69db1e2263bf613a7b5c3d60b2661e776df0e4

diff --git a/RELEASE-NOTES-1.31 b/RELEASE-NOTES-1.31
index 3e0efe4a56..231f710819 100644
--- a/RELEASE-NOTES-1.31
+++ b/RELEASE-NOTES-1.31
@@ -1,7 +1,34 @@
-== MediaWiki 1.31.2 ==
+== MediaWiki 1.31.4 ==
 
 THIS IS NOT A RELEASE YET
 
+=== Changes since MediaWiki 1.31.3 ===
+* (T207100) Updated LanguageTr for dotted and dotless I in PHP 7.3.
+* The ImgAuthModifyHeaders hook was added to img_auth.php to allow modification
+  of headers in private wikis.
+* (T230402) SECURITY: Add permission check for suppressed account to
+  Special:Redirect.
+* Add helper for HTTPFileStreamer header syntax.
+* (T118799) Fix XMP parser errors due to trailing nullchar.
+* (T233119) Improve documentation for the MinimumPasswordLengthToLogin policy.
+* (T202183) Give more specific error messages on Special:Redirect.
+* Cache redirects from Special:Redirect.
+* (T231386) dispatchUser() should use a 302 http status code.
+
+== MediaWiki 1.31.3 ==
+
+This is a maintenance release of the MediaWiki 1.31 branch.
+
+=== Changes since MediaWiki 1.31.2 ===
+* (T225558) Update installer link to PHP intl.
+* (T225496) Detect APC for MainCacheType in CLI installer.
+* (T226766) Remove jetbrains/phpstorm-stubs from composer dev dependancies.
+* (T202211) Fix SQLite patch-(image|page|template)links-fix-pk.sql column order.
+
+== MediaWiki 1.31.2 ==
+
+This is a security and maintenance release of the MediaWiki 1.31 branch.
+
 Required PHP version has been increased from 7.0.0 to 7.0.13.
 
 === Changes since MediaWiki 1.31.1 ===
@@ -79,6 +106,18 @@ Required PHP version has been increased from 7.0.0 to 7.0.13.
   saveFileDependencies().
 * (T224374) Fix message parameters so that the message that says SQLite is out of date
   makes sense.
+* SpecialPage::checkLoginSecurityLevel() will now preserve POST data when
+  reauthenticating.
+* FormSpecialPage::execute() will now call checkLoginSecurityLevel() if
+  getLoginSecurityLevel() returns non-false.
+* (T197279) SECURITY: Fix reauth in Special:ChangeEmail.
+* (T208881) SECURITY: blacklist CSS var().
+* (T209794) SECURITY: rate-limit and prevent blocked users from changing email.
+* (T199540) SECURITY: API: Respect $wgBlockCIDRLimit in action=block.
+* (T212118) SECURITY: Fix cache mode for (un)patrolled recent changes query.
+* (T222036, T222038) SECURITY: Add permission check for user is permitted to
+  view the log type.
+* (T221739) SECURITY: resources: Patch jQuery 3.2.1 for CVE-2019-11358.
 
 == MediaWiki 1.31.1 ==