Check Point Software Technologies has announced a remote code execution bug in the popular MediaWiki platform that powers Wikipedia. As detailed here: “Your MediaWiki installation is affected by a remote code execution vulnerability if you have enabled file upload support for DjVu (natively supported by MediaWiki) or PDF files ( …
Did they approach Wikipedia already, so they could apply the patch? Is Wikipedia vulnerable?
The patch was released 2 days ago. With MW's close ties with Wikipedia, you can be sure that was the first place the patch was applied :)