lp:ubuntu/karmic-security/moin
- Get this branch:
- bzr branch lp:ubuntu/karmic-security/moin
Branch merges
Branch information
Recent revisions
- 32. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary script injection via multiple cross-site
scripting issues.
- debian/patches/ 30003_CVE- 2010-2487, 2969,2970. patch: properly escape
strings in MoinMoin/{Page,PageEdito r,PageGraphical Editor} .py,
MoinMoin/action/ *.py.
- CVE-2010-2487
- CVE-2010-2969 - 31. By Jamie Strandboge
-
* SECURITY UPDATE: fix XSS in Despam action
- debian/patches/ 30002_CVE- 2010-0828. patch: use wikiutil.escape()
in revert_pages()
- CVE-2010-0828 - 30. By Jamie Strandboge
-
* SECURITY UPDATE: fix multiple CSRF vulnerabilities
- debian/patches/ 30000_CVE- 2010-0668+ 0717.patch: add tickets to prevent
CSRF attacks in several components.
- CVE-2010-0668
* SECURITY UPDATE: properly sanitize user profiles
- debian/patches/ 30001_CVE- 2010-0669. patch: adjust userprefs/prefs.py,
user.py and wikiutil.py to sanitize input
- CVE-2010-0669 - 29. By Bhavani Shankar
-
* Merge from debian unstable, remaining changes: LP: #395833
- debian/rules:
- Add --install-layout= deb option to install everything in /usr instead
of /usr/local.
- Remove python-xml from Recommends field, the package isn't anymore in
sys.path.
- Demote fckeditor from Recommends to Suggests; the code was
previously embedded in moin, but it was also disabled, so there's no
reason for us to pull this in by default currently. - 28. By Steve Langasek
-
* Merge from Debian unstable, remaining changes:
- debian/rules:
- Add --install-layout= deb option to install everything in /usr instead
of /usr/local.
- Remove python-xml from Recommends field, the package isn't anymore in
sys.path.
- Demote fckeditor from Recommends to Suggests; the code was
previously embedded in moin, but it was also disabled, so there's no
reason for us to pull this in by default currently. - 27. By Steve Langasek
-
* Merge from debian unstable, remaining changes:
- debian/rules:
- Add --install-layout= deb option to install everything in /usr instead
of /usr/local.
- Remove python-xml from Recommends field, the package isn't anymore in
sys.path.
- Demote fckeditor from Recommends to Suggests; the code was
previously embedded in moin, but it was also disabled, so there's no
reason for us to pull this in by default currently.
* Dropped patch 10002_encodeAddress_fix_ MIME_spacing. patch, merged upstream.
* Recommend default-mta | mail-transport-agent instead of exim4 | m-t-a,
so that we can pull postfix by default on Ubuntu. - 26. By Steve Langasek
-
Demote fckeditor from Recommends to Suggests; the code was
previously embedded in moin, but it was also disabled, so there's no
reason for us to pull this in by default currently. - 25. By Alessio Treglia
-
* Merge from debian unstable (LP: #350287), Ubuntu remaining changes:
- Remove python-xml from Recommends field, the package isn't anymore in
sys.path.
* debian/patches/ 10002_encodeAdd ress_fix_ MIME_spacing. patch:
- Headers are malformed in notification email when, in mail_from, there is
a phrase before the angle address that gets encoded.
Thanks to Matthias Andree for the patch (LP: #348960).
* debian/rules:
- Add --install-layout= deb option to install everything in /usr instead of
/usr/local, fix FTBFS. - 24. By Alessio Treglia
-
* Merge from debian unstable (LP: #322890), Ubuntu remaining changes:
- Remove python-xml from Recommends field, the package isn't anymore in
sys.path. - 23. By Bhavani Shankar
-
* Merge from debian unstable, remaining changes: LP: #313687
- Drop recommendation of python-xml, the packages isn't anymore in
sys.path.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/natty/moin