Package: mediawiki Version: 1:1.19.20+dfsg-0+deb7u3 Severity: normal Dear Maintainer,
Today I started getting delivery failures from a server about mails sent by the www-data user. I've added a small script to find out what is sending them. It returned this: /var/lib/mediawiki/images/shwso.php(7) : eval()'d code(1) : eval()'d code(1) /: eval()'d code(10) : eval()'d code(2) : regexp code(1) : eval()'d /code(501) : eval()'d code:77 I'm not sure what to make of it, and I must say I know very little about mediawiki, but it looks a little like there is some sort of vulnerablity being exploited (at least to my untrained eyes..) -- System Information: Debian Release: 7.8 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.32-042stab092.3 (SMP w/2 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) (ignored: LC_ALL set to de_DE.utf8) Shell: /bin/sh linked to /bin/dash Versions of packages mediawiki depends on: ii apache2-mpm-prefork [httpd] 2.2.22-13+deb7u4 ii debconf [debconf-2.0] 1.5.49 ii libjs-jquery 1.7.2+dfsg-1 ii libjs-jquery-cookie 6-1 ii libjs-jquery-form 6-1 ii libjs-jquery-tipsy 6-1 ii mime-support 3.52-1+deb7u1 ii nginx-full [httpd] 1.2.1-2.2+wheezy3 ii php5 5.4.36-0+deb7u3 ii php5-mysql 5.4.36-0+deb7u3 ii php5-sqlite 5.4.36-0+deb7u3 Versions of packages mediawiki recommends: ii mediawiki-extensions-base 3.5~deb7u2 ii mysql-server 5.5.41-0+wheezy1 ii php-wikidiff2 0.0.1+svn109581-1 ii php5-cli 5.4.36-0+deb7u3 ii python 2.7.3-4+deb7u1 Versions of packages mediawiki suggests: pn clamav <none> ii imagemagick 8:6.7.7.10-5+deb7u3 ii mediawiki-math 2:1.0+git20120528-6 ii memcached 1.4.13-0.2+deb7u1 ii php5-gd 5.4.36-0+deb7u3 -- debconf information: mediawiki/webserver: apache2 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
