X-Git-Url: https://git.heureux-cyclage.org/?p=lhc%2Fweb%2Fwiklou.git;a=blobdiff_plain;f=RELEASE-NOTES-1.31;h=b0da15a0df01ccca73969eddd3e3ee3848b44ec8;hp=c05efe9fc2205e7db40b4f12d81f9fa4c80823e2;hb=52262ecf919e6aeb3565d816d6911368beed199f;hpb=32d551a4397763604b32e2347ef65f7fc6fc9cf8

diff --git a/RELEASE-NOTES-1.31 b/RELEASE-NOTES-1.31
index c05efe9fc2..b0da15a0df 100644
--- a/RELEASE-NOTES-1.31
+++ b/RELEASE-NOTES-1.31
@@ -1,10 +1,28 @@
-== MediaWiki 1.31 ==
+== MediaWiki 1.31.1 ==
 
-THIS IS NOT A RELEASE YET!
+This is a security and maintenance release of the MediaWiki 1.31 branch.
 
 === Changes since MediaWiki 1.31.0 ===
+* (T169545, CVE-2018-0503) SECURITY: $wgRateLimits entry for 'user' overrides
+  'newbie'.
+* (T194605, CVE-2018-0505) SECURITY: BotPasswords can bypass CentralAuth's
+  account lock.
+* (T199029, CVE-2018-13258) SECURITY: Tarball was missing .htaccess files.
 * (T197229) Bundle Nuke extension, it was accidentally omitted.
 * (T193995) Fix undefined patchPath() method call in parser tests.
+* (T198687) Fix various selectFields methods to use the string 'NULL', not null.
+* Special:BotPasswords now requires reauthentication.
+* (T191608, T187638) Add 'logid' parameter to Special:Log.
+* (T193829) Indicate when a Bot Password needs reset.
+* (T198037) GitInfo: Don't try shelling out if it's disabled.
+* (T151415) Log email changes.
+* (T197206) Fix performance regression when multiple DB used without caching.
+* (T197030) PHPSessionHandler: Suppress headers warnings in initialize().
+* (T182377, T196793) Exif: Guard against uncountable tag values.
+* (T200861) Fix total breakage of SQLite web upgrade.
+* (T200864) Fix pingback over-reporting on non-MySQL databases
+* (T202550) Unbreak SpecialListusersHeaderForm and SpecialListusersHeader
+  hooks. 
 
 === Changes since MediaWiki 1.31.0-rc.2 ===
 * (T195783) Initialize PSR-4 namespaces at same stage as normal autoloader.