[dokuwiki] Re: Security Alert: Remote File Inclusion

  • From: Wouter Schoot <wouter@xxxxxxxxxx>
  • To: dokuwiki@xxxxxxxxxxxxx
  • Date: Wed, 27 May 2009 17:06:10 +0200

Andreas Gohr wrote:
Hi Guys,

in case you didn't get the little yellow notice, yet: there's a
security vulnerability in DokuWiki when you have register_globals
enabled (which you really shouldn't).

Anyway, be sure to read
http://bugs.splitbrain.org/index.php?do=details&task_id=1700 for more
info and manual fixing instructions. Darcs users can just pull the
update as usual of course.

Andi,

Thanks for your quick and correct reaction! I've patched mine (although ofcourse I have register_globals disabled anyway).

Wouter
--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist

Other related posts: