Update git submodules

* Update extensions/AbuseFilter from branch 'REL1_43'
  to bc7e84a07c991ebd9251fb7d0cfb5829af50cbaf
  - SECURITY: Check protected variable access in CheckMatch API
    
    Why:
    * The AbuseFilter 'abusefiltercheckmatch' API allows users to
      check if abuse_filter_log rows or recentchange rows match against
      a provided pattern.
    * This currently does not check if the pattern attempts to match
      against protected variables that may be present in the variables
      generated for either the RecentChange or abuse_filter_log row.
    ** This allows users to trial-and-error work out the value of
       protected variables when they do not have access to the
       variables.
    * This should not be possible and proper access restrictions for
      protected variables should be applied.
    ** This includes logging when a caller is matching against
       protected variable values to avoid trial-and-error matching
       allowing an authorised user to see the value without creating
       a log entry.
    
    What:
    * Update CheckMatch::execute to:
    ** Reject attempts to match using a pattern that contains
       protected variables that the user cannot see the value of.
    ** Reject attempts to match against abuse_filter_log rows that have
       protected variable values that the user cannot see to be
       consistent with Special:AbuseLog access restrictions.
    ** Log when the provided pattern uses protected variables that
       have a value in the variable dump.
    * Add tests to verify this fix works.
    
    Bug: T397196
    Change-Id: I5f02572b94760141f6f57873409469318f441e18

extensions/AbuseFilter

@@ -1 +1 @@
-Subproject commit a8dbd6b44e929cd52d738de6623251f140c814fb
+Subproject commit bc7e84a07c991ebd9251fb7d0cfb5829af50cbaf