Security

From MediaWiki.org

Jump to: navigation, search

Contents

[edit] How to report a security problem

If you have found or believe you have found a security bug in MediaWiki or on one of Wikimedia's web sites, please directly e-mail security@wikimedia.org with details.

We would be most happy to have a day or two to fix the problem and prepare a bug fix for third-party users before public disclosure, if possible.

(Note that any security problems found in the wiki-to-HTML parser will be included in the parser regression test suite in the next release.)

[edit] Receiving release notifications

[edit] By e-mail

You may subscribe to the low-traffic mediawiki-announce mailing list to receive notifications of new MediaWiki releases by e-mail.

This will include all security fix releases as well as other new versions. Anyone running a MediaWiki installation is strongly recommended to subscribe.


[edit] Further information

For some background on tightening up security and potential problems, see meta:Documentation:Security (possibly not 100% up to date, but a good primer).


See also: Manual:Security

Personal tools