Hi Reinhard, the error happens in package 0.0.20140505.a+dfsg-4+deb8u1, Debian Jessie. I'm aware that in unstable there is a newer package without this issue, but unfortunately I cannot upgrade right now. Is it possible to build a fixed package for jessie?
Thank you, Gabriele > CVE-2018-18123-2f65d86.patch, introduced in security version > 0.0.20140505.a+dfsg-4+deb8u1 changed two lines in /lib/exe/ajax.php. > > Now ajax calls fail with PHP Fatal error: Call to undefined method > PostInput::filter() in /usr/share/dokuwiki/lib/exe/ajax.php on line 18 > > > > In the most recent upload to unstable, which upgrades the debian package > to a more recent version of dokuwiki this patch is no longer necessary and > included upstream. I'm unable to reproduce this issue, so I'm closing this > bug with this email. Please follow-up you feel something is missing. > > Best, > -rt > > > ---------- Forwarded message ---------- > From: Gabriele Monfardini <monfard...@ldpgis.it> > To: Debian Bug Tracking System <sub...@bugs.debian.org> > Cc: > Bcc: > Date: Wed, 12 Sep 2018 10:39:15 +0200 > Subject: dokuwiki: CVE-2018-18123 patch leads to Call to undefined > PostInput::filter() > Package: dokuwiki > Version: 0.0.20140505.a+dfsg-4+deb8u1 > Severity: normal > > Dear Maintainer, > > CVE-2018-18123-2f65d86.patch, introduced in security version > 0.0.20140505.a+dfsg-4+deb8u1 changed two lines in /lib/exe/ajax.php. > Now ajax calls fail with PHP Fatal error: Call to undefined method > PostInput::filter() in /usr/share/dokuwiki/lib/exe/ajax.php on line 18 > > -- System Information: > Debian Release: 8.11 > APT prefers oldstable > APT policy: (500, 'oldstable') > Architecture: amd64 (x86_64) > > Kernel: Linux 3.16.0-6-amd64 (SMP w/4 CPU cores) > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages dokuwiki depends on: > ii debconf [debconf-2.0] 1.5.56+deb8u1 > ii javascript-common 11 > ii libjs-jquery 1.7.2+dfsg-3.2 > ii libjs-jquery-cookie 10-1 > ii libjs-jquery-ui 1.10.1+dfsg-1 > ii libphp-simplepie 1.2.1-3 > ii php-geshi 1.0.8.11-2 > ii php-seclib 0.3.8-1 > ii php5 5.6.37+dfsg-0+deb8u1 > ii ucf 3.0030 > > Versions of packages dokuwiki recommends: > ii imagemagick 8:6.8.9.9-5+deb8u13 > ii php5-cli 5.6.37+dfsg-0+deb8u1 > ii php5-gd 5.6.37+dfsg-0+deb8u1 > ii php5-ldap 5.6.37+dfsg-0+deb8u1 > ii php5-mysqlnd [php5-mysql] 5.6.37+dfsg-0+deb8u1 > ii php5-pgsql 5.6.37+dfsg-0+deb8u1 > ii wget 1.16-1+deb8u5 > > Versions of packages dokuwiki suggests: > pn libapache2-mod-xsendfile <none> > > -- Configuration Files: > /etc/dokuwiki/mime.conf changed [not included] > /etc/dokuwiki/plugins.local.php changed [not included] > > -- debconf information excluded >
