To report security bugs, vulnerabilities or other issues please follow our reporting process.
Receive release notifications
You may subscribe to the low-traffic mediawiki-announce mailing list to receive notifications of new MediaWiki releases by e-mail.
This will include all security fix releases as well as other new versions. Anyone running a MediaWiki installation is strongly recommended to subscribe.
Educational and Training Material
Related Security Content
|Project||Use by Wikimedia Security Team|
|mediawiki.org||General content for Policy, SOPs, etc. Official Security team page.|
|wikitech.wikimedia.org||Procedural or instructional material that is not training.|
|office.wikimedia.org||Sensitive or private content. Must have an NDA and appropriate access.|
|foundation.wikimedia.org||Canonical location for Policy|
Understanding the Wikimedia Security Team's documentation structure.
- Security/Guides/Draft/Golang Security Best Practices
- Security/Reference/Security for libraries
- Security/SOP/Access to Phabricator Security Issues
- Security/SOP/Requests For Service
- Security/SOP/Security Concept Reviews
- Security/SOP/Security Readiness Reviews