[MediaWiki-l] Security fixes for CentralAuth and MobileFrontend extensions