lp:ubuntu/karmic-updates/moin

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

32. By Marc Deslauriers on 2010-08-20

* SECURITY UPDATE: arbitrary script injection via multiple cross-site
  scripting issues.
  - debian/patches/30003_CVE-2010-2487,2969,2970.patch: properly escape
    strings in MoinMoin/{Page,PageEditor,PageGraphicalEditor}.py,
    MoinMoin/action/*.py.
  - CVE-2010-2487
  - CVE-2010-2969

31. By Jamie Strandboge on 2010-03-30

* SECURITY UPDATE: fix XSS in Despam action
  - debian/patches/30002_CVE-2010-0828.patch: use wikiutil.escape()
    in revert_pages()
  - CVE-2010-0828

30. By Jamie Strandboge on 2010-03-02

* SECURITY UPDATE: fix multiple CSRF vulnerabilities
  - debian/patches/30000_CVE-2010-0668+0717.patch: add tickets to prevent
    CSRF attacks in several components.
  - CVE-2010-0668
* SECURITY UPDATE: properly sanitize user profiles
  - debian/patches/30001_CVE-2010-0669.patch: adjust userprefs/prefs.py,
    user.py and wikiutil.py to sanitize input
  - CVE-2010-0669

29. By Bhavani Shankar on 2009-07-05

* Merge from debian unstable, remaining changes: LP: #395833
  - debian/rules:
    - Add --install-layout=deb option to install everything in /usr instead
      of /usr/local.
    - Remove python-xml from Recommends field, the package isn't anymore in
      sys.path.
    - Demote fckeditor from Recommends to Suggests; the code was
      previously embedded in moin, but it was also disabled, so there's no
      reason for us to pull this in by default currently.

28. By Steve Langasek on 2009-06-04

* Merge from Debian unstable, remaining changes:
  - debian/rules:
    - Add --install-layout=deb option to install everything in /usr instead
      of /usr/local.
    - Remove python-xml from Recommends field, the package isn't anymore in
      sys.path.
    - Demote fckeditor from Recommends to Suggests; the code was
      previously embedded in moin, but it was also disabled, so there's no
      reason for us to pull this in by default currently.

27. By Steve Langasek on 2009-06-03

* Merge from debian unstable, remaining changes:
  - debian/rules:
    - Add --install-layout=deb option to install everything in /usr instead
      of /usr/local.
    - Remove python-xml from Recommends field, the package isn't anymore in
      sys.path.
    - Demote fckeditor from Recommends to Suggests; the code was
      previously embedded in moin, but it was also disabled, so there's no
      reason for us to pull this in by default currently.
* Dropped patch 10002_encodeAddress_fix_MIME_spacing.patch, merged upstream.
* Recommend default-mta | mail-transport-agent instead of exim4 | m-t-a,
  so that we can pull postfix by default on Ubuntu.

26. By Steve Langasek on 2009-04-09

Demote fckeditor from Recommends to Suggests; the code was
previously embedded in moin, but it was also disabled, so there's no
reason for us to pull this in by default currently.

25. By Alessio Treglia on 2009-03-28

* Merge from debian unstable (LP: #350287), Ubuntu remaining changes:
  - Remove python-xml from Recommends field, the package isn't anymore in
    sys.path.
* debian/patches/10002_encodeAddress_fix_MIME_spacing.patch:
  - Headers are malformed in notification email when, in mail_from, there is
    a phrase before the angle address that gets encoded.
    Thanks to Matthias Andree for the patch (LP: #348960).
* debian/rules:
  - Add --install-layout=deb option to install everything in /usr instead of
    /usr/local, fix FTBFS.

24. By Alessio Treglia on 2009-01-29

* Merge from debian unstable (LP: #322890), Ubuntu remaining changes:
  - Remove python-xml from Recommends field, the package isn't anymore in
    sys.path.

23. By Bhavani Shankar on 2009-01-04

* Merge from debian unstable, remaining changes: LP: #313687
  - Drop recommendation of python-xml, the packages isn't anymore in
    sys.path.