AVG-491 log
Package | mediawiki |
Status | Fixed |
Severity | Critical |
Type | arbitrary code execution |
Affected | 1.28.2-1 |
Fixed | 1.28.3-1 |
Current | 1.42.3-1 [extra] |
Ticket | None |
Created | Wed Nov 15 09:59:48 2017 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2017-9841 | Critical | Yes | Arbitrary code execution | Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning... |
References |
---|
https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html https://phabricator.wikimedia.org/T180231 |
Notes |
---|
only affects version 1.27 and 1.28 |