Bug#565854: marked as done (python-moinmoin: moin-1.9.1 fixes a security issue)

Fri, 22 Jan 2010 04:04:59 -0800 

Your message dated Fri, 22 Jan 2010 12:02:19 +0000
with message-id <[email protected]>
and subject line Bug#565854: fixed in moin 1.9.1-1
has caused the Debian Bug report #565854,
regarding python-moinmoin: moin-1.9.1 fixes a security issue
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
565854: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=565854
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: python-moinmoin
Version: 1.9.0-1
Severity: normal
Tags: security fixed-upstream

The MoinMoin developers have released moin-1.9.1. This release fixes a 
security issue¹. It provides also a lot small bug fixes.

BTW: Please keep the xappy stuff included, as long as you don't provide
the python-xappy package (#558715, #559979).


Regards,
Pascal
--
1 = http://hg.moinmo.in/moin/1.9/raw-file/1.9.1/docs/CHANGES

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing'), (50, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.30-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages python-moinmoin depends on:
ii  python                      2.5.4-5      An interactive high-level object-o
ii  python-parsedatetime        0.8.7-1      Python module to parse human-reada
ii  python-pygments             1.2.2+dfsg-1 syntax highlighting package writte
ii  python-support              1.0.6        automated rebuilding support for P
ii  python-werkzeug             0.5.1-1      collection of utilities for WSGI a

Versions of packages python-moinmoin recommends:
pn  fckeditor                     <none>     (no description available)
ii  postfix [mail-transport-agent 2.6.5-3    High-performance mail transport ag
ii  python-xapian                 1.0.17-1   Xapian search engine interface for
ii  python-xappy                  0.5-1      easy-to-use interface to the Xapia

Versions of packages python-moinmoin suggests:
pn  antiword                  <none>         (no description available)
ii  apache2                   2.2.14-5       Apache HTTP Server metapackage
ii  apache2-mpm-worker [httpd 2.2.14-5       Apache HTTP Server - high speed th
pn  catdoc                    <none>         (no description available)
pn  docbook-dsssl             <none>         (no description available)
ii  miscfiles [wordlist]      1.4.2.dfsg.1-9 Dictionaries and other interesting
ii  poppler-utils [xpdf-utils 0.12.2-2       PDF utilitites (based on libpopple
pn  python-4suite-xml         <none>         (no description available)
ii  python-docutils           0.6-3          utilities for the documentation of
pn  python-flup               <none>         (no description available)
pn  python-gdchart            <none>         (no description available)
pn  python-ldap               <none>         (no description available)
ii  python-mysqldb            1.2.2-10       A Python interface to MySQL
pn  python-openid             <none>         (no description available)
pn  python-pyxmpp             <none>         (no description available)
ii  python-tz                 2009u-1        Python version of the Olson timezo
pn  python-xml                <none>         (no description available)
pn  smbfs                     <none>         (no description available)
ii  wamerican-huge [wordlist] 6-3            American English dictionary words 
ii  wngerman [wordlist]       20091006-3     New German orthography wordlist

-- no debconf information

-- debsums errors found:
debsums: changed file /usr/share/pyshared/MoinMoin/parser/highlight.py (from 
python-moinmoin package)

--- End Message ---
--- Begin Message --- 
Source: moin
Source-Version: 1.9.1-1

We believe that the bug you reported is fixed in the latest version of
moin, which is due to be installed in the Debian FTP archive:

moin_1.9.1-1.diff.gz
  to main/m/moin/moin_1.9.1-1.diff.gz
moin_1.9.1-1.dsc
  to main/m/moin/moin_1.9.1-1.dsc
moin_1.9.1.orig.tar.gz
  to main/m/moin/moin_1.9.1.orig.tar.gz
python-moinmoin_1.9.1-1_all.deb
  to main/m/moin/python-moinmoin_1.9.1-1_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jonas Smedegaard <[email protected]> (supplier of updated moin package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Format: 1.8
Date: Fri, 22 Jan 2010 12:16:29 +0100
Source: moin
Binary: python-moinmoin
Architecture: source all
Version: 1.9.1-1
Distribution: unstable
Urgency: high
Maintainer: Jonas Smedegaard <[email protected]>
Changed-By: Jonas Smedegaard <[email protected]>
Description: 
 python-moinmoin - Python clone of WikiWiki - library
Closes: 565854
Changes: 
 moin (1.9.1-1) unstable; urgency=high
 .
   * New upstream release.
     + Fixes security issue in CGI handling, introduced in 1.9. Closes:
       bug#565854, thanks to Pascal Volk and Frank Lin PIAT.
   * Update local CDBS snippets:
     + Tighten and minor fix of package-relations.mk dependency cleanup.
     + Relax upstream-tarball.mk to depend unversioned on cdbs (the
       needed 0.4.39 is in oldstable).
     + Check most lines (top 99999, not just 60) in copyright-check.mk.
       Improve licensecheck filtering. Group files by owners (ignore
       years) and sort owners by ownership string (years and then owner).
     + Update upstream-tarball.mk to preserve bzip2 tarballs with source
       format 3.0 (quilt).
   * Minor updates to debian/copyright (no new owners or licenses).
   * Make debhelper build-dependency unversioned (thanks to CDBS).
   * Fix emodify explicitly ownership for all in zip repackaging script
     process_language_pages, to avoid spurious failure to remove write
     access from lithuanian binary.
   * Set urgency=high due to security fix.
Checksums-Sha1: 
 2d688b863263bf856b93e04045414bab632b3723 1247 moin_1.9.1-1.dsc
 10ec04085451e3896a78d22602886bb6db6d3891 28069951 moin_1.9.1.orig.tar.gz
 67e709281f63c91b68ee9e21d5a74c0bf8db9488 119850 moin_1.9.1-1.diff.gz
 2eac245e83def9c95c4ea2e2bfa0236d44df9199 12550390 
python-moinmoin_1.9.1-1_all.deb
Checksums-Sha256: 
 59a86a340f972f4d8ab907b3126923a38a199572945a676d8a8c1735c47a4ab0 1247 
moin_1.9.1-1.dsc
 fe1ff132ad1b1ec60885603e66e980c609fffd55c5e7fea5c1f4a9aac2bb1fbf 28069951 
moin_1.9.1.orig.tar.gz
 57a592bdb298462a606085cab6425d02ae7a91d42e1703cfb16b9a7ccfe41be2 119850 
moin_1.9.1-1.diff.gz
 1c37b0aee0494f061cc5289f55e1935a156b6d8cf4daffea1c9f39044bf858a3 12550390 
python-moinmoin_1.9.1-1_all.deb
Files: 
 2b46dbf9e75fd61966a0ce07115d8e92 1247 net optional moin_1.9.1-1.dsc
 6d88b44c4b199a981124d8192864ac29 28069951 net optional moin_1.9.1.orig.tar.gz
 1cbc16298ffbdbfd32223cdceb0870eb 119850 net optional moin_1.9.1-1.diff.gz
 20013680afb7f87b618a7629e9a33a3f 12550390 python optional 
python-moinmoin_1.9.1-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEAREDAAYFAktZkFkACgkQn7DbMsAkQLi7sACfW6dV2U+WdDB9BwYvy8r/vCVN
EwUAmweUqg+Y2ZbjxMKX7CQW4oirpC+O
=XRgk
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to