dépôts / lhc / web / wiklou.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d1442d7) | patch
SECURITY: update.php: Remove eval-stdin.php if necessary
authorKunal Mehta <legoktm@member.fsf.org>
Sat, 11 Nov 2017 00:53:24 +0000 (16:53 -0800)
committerReedy <reedy@wikimedia.org>
Wed, 15 Nov 2017 02:56:15 +0000 (02:56 +0000)
commit20fd11be7ad7899b8baa77dc267532dcecc5acb1
treedf955bcaa5addd9ea7755cd6304019e9c15c4dd0tree | snapshot
parentd1442d72f8b8b672636bb130a61b443ceab5b7c0commit | diff
SECURITY: update.php: Remove eval-stdin.php if necessary

If phpunit's eval-stdin.php file exists and is one of the vulnerable
versions, delete it when running update.php as most people should run
that when updating to a new release. If the unlink() call fails, we'll
warn the user but continue with update.php processing and hope they've
mitigated it in some other way.

Bug: T180231
Change-Id: I5b838686ede9764083c52853cc05c52ea72739df
maintenance/update.php diff | blob | history
Wiklou, le Wiki du Wiklou