关键信息 Bug ID: 800064 CVE: CVE-2012-1109 Title: mwlib: denial of service when parsing #iferror magic functions Component: vulnerability Priority: medium Severity: medium Status: CLOSED ERRATA Reported by: Vincent Danen on 2012-03-05 17:02 UTC Description: - A flaw in mwlib allowed a remote attacker to perform a denial of service attack by forcing it to parse a specially-crafted magic function. - The issue was corrected in upstream version 0.13.5. References: 1. Discussion Thread 2. GitHub Pull Request 3. GitHub Commit Affected Products: - fedora-all [bug 800066] - epel-5 [bug 800067]