Ubuntu
moin package

lp:ubuntu/jaunty-updates/moin

Jaunty (9.04)
jaunty-updates

Created by James Westby on 2011-01-19 and last modified on 2011-01-19

Get this branch:: bzr branch lp:ubuntu/jaunty-updates/moin

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Development

Recent revisions

31. By Marc Deslauriers on 2010-08-20: * SECURITY UPDATE: arbitrary script injection via multiple cross-site
  scripting issues.
  - debian/patches/30006_CVE-2010-2487,2969,2970.patch: properly escape
    strings in MoinMoin/{Page,PageEditor,PageGraphicalEditor}.py,
    MoinMoin/action/*.py.
  - CVE-2010-2487
  - CVE-2010-2969
30. By Marc Deslauriers on 2010-05-18: * SECURITY UPDATE: restrictions bypass via incorrect acl checking
  - debian/patches/30005_CVE-2009-4762.patch: don't check parents if item
    has an ACL in MoinMoin/security/__init__.py.
  - CVE-2009-4762
29. By Jamie Strandboge on 2010-03-30: * SECURITY UPDATE: fix XSS in Despam action
  - debian/patches/30004_CVE-2010-0828.patch: use wikiutil.escape()
    in revert_pages()
  - CVE-2010-0828
28. By Jamie Strandboge on 2010-03-02: * SECURITY UPDATE: fix multiple CSRF vulnerabilities
  - debian/patches/30002_CVE-2010-0668+0717.patch: add tickets to prevent
    CSRF attacks in several components.
  - CVE-2010-0668
* SECURITY UPDATE: properly sanitize user profiles
  - debian/patches/30003_CVE-2010-0669.patch: adjust userprefs/prefs.py,
    user.py and wikiutil.py to sanitize input
  - CVE-2010-0669
27. By Marc Deslauriers on 2009-05-08: * SECURITY UPDATE: Multiple XSS vulnerabilities in action/AttachFile.py
  - debian/patches/30001_security_CVE-2009-1482.patch: escape msg,
    pagename and attachment_name in MoinMoin/action/AttachFile.py.
  - CVE-2009-1482
26. By Steve Langasek on 2009-04-09: Demote fckeditor from Recommends to Suggests; the code was
previously embedded in moin, but it was also disabled, so there's no
reason for us to pull this in by default currently.
25. By Alessio Treglia on 2009-03-28: * Merge from debian unstable (LP: #350287), Ubuntu remaining changes:
  - Remove python-xml from Recommends field, the package isn't anymore in
    sys.path.
* debian/patches/10002_encodeAddress_fix_MIME_spacing.patch:
  - Headers are malformed in notification email when, in mail_from, there is
    a phrase before the angle address that gets encoded.
    Thanks to Matthias Andree for the patch (LP: #348960).
* debian/rules:
  - Add --install-layout=deb option to install everything in /usr instead of
    /usr/local, fix FTBFS.
24. By Alessio Treglia on 2009-01-29: * Merge from debian unstable (LP: #322890), Ubuntu remaining changes:
- Remove python-xml from Recommends field, the package isn't anymore in
sys.path.
23. By Bhavani Shankar on 2009-01-04: * Merge from debian unstable, remaining changes: LP: #313687
- Drop recommendation of python-xml, the packages isn't anymore in
sys.path.
22. By Michael Vogt on 2008-11-13: * Merge from debian unstable, remaining changes:
- Drop recommendation of python-xml, the packages isn't anymore in
sys.path.

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/natty/moin

This branch contains Public information

Everyone can see this information.

Subscribers

Ubuntu branches

Ubuntumoin package