moin (1.5.2-1ubuntu2.5) dapper-security; urgency=low
* SECURITY UPDATE: fix multiple CSRF vulnerabilities
- debian/patches/100_CVE-2010-0668.patch: add tickets to prevent CSRF
attacks in several components.
- CVE-2010-0668
* SECURITY UPDATE: properly sanitize user profiles
- debian/patches/101_CVE-2010-0669.patch: adjust userprefs/prefs.py,
user.py and wikiutil.py to sanitize input
- CVE-2010-0669
Date: Thu, 11 Mar 2010 11:41:33 -0600
Changed-By: Jamie Strandboge <[email protected]>
Maintainer: Jonas Smedegaard <[email protected]>
https://launchpad.net/ubuntu/dapper/+source/moin/1.5.2-1ubuntu2.5
Format: 1.7
Date: Thu, 11 Mar 2010 11:41:33 -0600
Source: moin
Binary: python2.4-moinmoin moinmoin-common python-moinmoin
Architecture: source
Version: 1.5.2-1ubuntu2.5
Distribution: dapper-security
Urgency: low
Maintainer: Jonas Smedegaard <[email protected]>
Changed-By: Jamie Strandboge <[email protected]>
Description:
moinmoin-common - Python clone of WikiWiki - common data
python-moinmoin - Python clone of WikiWiki - dummy library package
python2.4-moinmoin - Python clone of WikiWiki - library
Changes:
moin (1.5.2-1ubuntu2.5) dapper-security; urgency=low
.
* SECURITY UPDATE: fix multiple CSRF vulnerabilities
- debian/patches/100_CVE-2010-0668.patch: add tickets to prevent CSRF
attacks in several components.
- CVE-2010-0668
* SECURITY UPDATE: properly sanitize user profiles
- debian/patches/101_CVE-2010-0669.patch: adjust userprefs/prefs.py,
user.py and wikiutil.py to sanitize input
- CVE-2010-0669
Files:
4261e09e14aba68d31430e62fad58b96 711 net optional moin_1.5.2-1ubuntu2.5.dsc
c9de4722f63975d5b0d549f4541faefb 47842 net optional
moin_1.5.2-1ubuntu2.5.diff.gz
--
dapper-changes mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/dapper-changes
