$this->compatChecks();
} else {
$this->output( "Skipping compatibility checks, proceed at your own risk (Ctrl+C to abort)\n" );
- wfCountDown( 5 );
+ $this->countDown( 5 );
}
// Check external dependencies are up to date
if ( !$this->hasOption( 'quick' ) ) {
$this->output( "Abort with control-c in the next five seconds "
. "(skip this countdown with --quick) ... " );
- wfCountDown( 5 );
+ $this->countDown( 5 );
}
$time1 = microtime( true );
+ $badPhpUnit = dirname( __DIR__ ) . '/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php';
+ if ( file_exists( $badPhpUnit ) ) {
+ // Bad versions of the file are:
+ // https://raw.githubusercontent.com/sebastianbergmann/phpunit/c820f91/src/Util/PHP/eval-stdin.php
+ // https://raw.githubusercontent.com/sebastianbergmann/phpunit/3aaddb1/src/Util/PHP/eval-stdin.php
+ $md5 = md5_file( $badPhpUnit );
+ if ( $md5 === '120ac49800671dc383b6f3709c25c099'
+ || $md5 === '28af792cb38fc9a1b236b91c1aad2876'
+ ) {
+ $success = unlink( $badPhpUnit );
+ if ( $success ) {
+ $this->output( "Removed PHPUnit eval-stdin.php to protect against CVE-2017-9841\n" );
+ } else {
+ $this->error( "Unable to remove $badPhpUnit, you should manually. See CVE-2017-9841" );
+ }
+ }
+ }
+
$shared = $this->hasOption( 'doshared' );
$updates = [ 'core', 'extensions' ];
dépôts / lhc / web / wiklou.git / blobdiff