Last modified: 2013-10-25 18:52:38 UTC
Bug in the hook causes users to get a generic message about an extension aborting their password reset, instead of telling them that they were prevented from the change because they were resetting their password to one that matched the hashes that were potentially compromised.
Change 91199 had a related patch set uploaded by CSteipp: Fix error message for recycled passwords https://gerrit.wikimedia.org/r/91199
Change 91199 merged by jenkins-bot: Fix error message for recycled passwords https://gerrit.wikimedia.org/r/91199
Patch merged - Is more work needed, or can this be closed as RESOLVED FIXED?