Please merge moin-1.5.8 (main) from Debian unstable (Security FIX)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
moin (Ubuntu) |
Fix Released
|
Medium
|
Emanuele Gentili |
Bug Description
Binary package hint: moin
moin (1.5.8-5.1ubuntu2) hardy; urgency=low
* Merge with Debian; remaining changes:
- Suggest python-xml (needed for DocBook rendering). LP: #31728.
-- Emanuele Gentili <email address hidden> Thu, 21 Feb 2008 02:22:30 +0100
moin (1.5.8-5.1) unstable; urgency=high
* NMU with maintainer consent, urgency for security updates
* update upstream patches to moin-1.5 branch revision 856 to fix bugs
+ cross-site scripting vulnerabilities using AttachFile,
CVE-2008-0781
+ directory traversal in MOIN_ID cookie vulnerability,
CVE-2008-0782 (Closes: #462984)
+ XSS problem in login, CVE-2008-780
-- Thomas Viehmann <email address hidden> Tue, 19 Feb 2008 22:38:10 +0100
version wrong in the last debdiff, sorry.
please use this.