Comment 2 for bug 1046616

This bug was fixed in the package moin - 1.9.5-1ubuntu1

---------------
moin (1.9.5-1ubuntu1) raring; urgency=low

  * Merge from Debian unstable (LP: #1046616). Remaining changes:
   - Remove python-xml from Suggests field, the package isn't anymore in
     sys.path.
   - Demote fckeditor from Recommends to Suggests; the code was previously
     embedded in moin, but it was also disabled, so there's no reason
     for us to pull this in by default currently. Note: fckeditor has a
     number of security problems and so this change probably needs to be
     carried indefinitely.

moin (1.9.5-1) unstable; urgency=low

  * New upstream release.
  * New maintainer: Steve McIntyre. Thanks to Jonas for all his previous
    hard work.

moin (1.9.4-8) unstable; urgency=high

  * High urgency for a security fix
  * Add patch from upstream to fix a virtual group bug in ACL evaluation
    (CVE-2012-4404).

moin (1.9.4-7) unstable; urgency=low

  * subprocess.check_output only appeared in python 2.7. Use
    subprocess.Popen and .communicate() instead to get the same effect but
    working on older python versions too.

moin (1.9.4-6) unstable; urgency=low

  * Fix the error message displayed when external_creation_check fails

moin (1.9.4-5) unstable; urgency=low

  * Store date and host when a new account is created
  * Add the option to call an external helper program at account creation
    time to help with local account control policy (e.g. anti-spam)
  * Make sending of email verification messages slightly more verbose.

moin (1.9.4-4) unstable; urgency=low

  * Fix stupid typo in the mail verification patch. Closes: #671211

moin (1.9.4-3) unstable; urgency=low

  * Update the subscriber lookup patch to add locking.
  * Add a new patch to add support for verifying email addresses during
    account creation.

moin (1.9.4-2) unstable; urgency=low

  * Add a cache for subscriber lookup to boost performance on page save.
    Patch from Vitaliy Shchupak. Closes: #668000

moin (1.9.4-1) unstable; urgency=low

  * New upstream release.
    Closes: bug#663340.
  * Bump debhelper compatibility level to 7.
  * Stop providing/replacing/conflicting with moinmoin-common:
    Transitional quirk unneeded since Lenny.
  * Drop preinst/postrm conffile renaming hack, unneeded since MoinMoin
    1.5.2.
  * Update package relations:
    + Stop needlessly build-depend versioned on cdbs: shadowed by even
      tighter versioning due to use of default Python install helper.
    + Use unversioned suggest for python-docutils: Needed version
      satisfied even in oldstable.
  * Drop dpkg-source local-options hint: Declared options are default
    since dpkg-source 1.16.1.
  * Drop patch implementing CVE-2011-1058: Applied upstream.
  * Unfuzz patch disabling GUI editor.
  * Update copyright file:
    + Extend/bump some copyright years.
    + Introduce new copyright holder.
    + Fix list more specific Files section after general one.
    + Bump format to 1.0.
    + Fix double-indent in Copyright fields as per Policy §5.6.13.
  * Bump standards-version to 3.9.3.

moin (1.9.3-3) unstable; urgency=high

  [ Steve McIntyre ]
  * Add myself to Uploaders
  * Add patch from upstream to fix a cross-site scripting vulnerability in
    the rst parser (CVE-2011-1058). Closes: #643904

moin (1.9.3-2) unstable; urgency=low

  * Ease building with git-buildpackage:
    + Git-ignore quilt .pc dir.
    + Add source local-options.
  * Add patch to add simple support for using recaptcha.
    Closes: bug#637880. Thanks to Steve McIntyre.
  * Depend on python-recaptcha, required by recaptcha support.
  * Suggest cifs-utils (not smbfs).
    Closes: bug#638156. Thanks to Luk Claes.
  * Update copyright file:
    + Rewrite using draft 174 of DEP-5 format.
    + Add recaptcha patch, licensed GPL-2+.
  * Use Python helper python2 (not python-support).
  * Bump Policy compliance to Standards-Version 3.9.2.
 -- Marc Deslauriers <email address hidden> Fri, 23 Nov 2012 09:18:37 -0500