Security gap in Stack


(Valeri Heim) #1

Hi
I got a message from my provider, that after a virus check a security gap came to light. I can’t explain why this file (rw_common/plugins/stacks/Mustache/Cache/NoopCache.php; Atomicorp.PHP.Known.Malware.010217180518.876591.UNOFFICIAL) is part of my site. I don’t know how it found its way to the website code.
I’m using jw’s foundation-theme, different stacks (so bwd’s section pro, compare and map 2 from doobox, gallery 3 from instacks and others). Is there anybody who can tell me how that file came into the site and if there is a newer safer version?

thanks for your tips, your help

valeri


(Joe Workman) #2

Its not Malware. That is used by Foundation to send email from the form stacks.


(Valeri Heim) #3

known malware… that’s what the providers virus checker determined. I can’t judge… So, you are of the opinion that this code isn’t unsafe?


(Joe Workman) #4

Its a part of https://github.com/bobthecow/mustache.php. Its a common open source library used by tens of thousands across the web.


(Isaiah Carew) #5

I can confirm. Mustache is very common library. Perhaps the most-used templating system.


(Psalm66_ Ray) #6

So, Joe, Bob the Cow’s mustache is to be trusted and the virus checker needs a data base correction?

This is good to know.