[Pkg-mediawiki-devel] Exploitable by GeSHi local PHP file inclusion?

Romain Beauxis toots at rastageeks.org
Thu Sep 29 13:41:08 UTC 2005

Daniel Leidert wrote:

> Hello,
> I've found the following security issue report today:
> http://securityreason.com/achievement_securityalert/23 (reported at
> http://www.heise.de/security/news/meldung/64410)
> Is mediawiki affected by this issue or was this fixed with 1.4.10?

AFAIK, geshi is an extension of mediawiki[1].
It is not shipped with the actual debian package, so the issue does not 
apply to the current package.

BTW packaging extensions for mediawiki could be achived one day if 
anyone take the time to do  it and if it is suitable for packaging, that 
is to say that th extension is serious and maintained regulary enought 
-- as for this exemple, the fix has to appear quickly..



More information about the Pkg-mediawiki-devel mailing list