Moin, in case you're wondering, I recently got some very useful feedback from a japanese guy currently doing MoinMoin security research - he found 3 critical issues yet.
If you are interested in moin security, please read (and subscribe to): http://moinmo.in/SecurityFixes One of the issues he found was fixed in 1.9.1 release (only affects 1.9 installations), we are currently working on the more recent 2 issues (which affect all moin versions >=1.5). Likely this will lead to new 1.9 and 1.8 releases, please install them as soon as they are available. We also will patch 1.7 (for some popular linux distributions still having moin 1.7 packages), but considering the easy upgrade from 1.7 to 1.8, there won't be a new 1.7 release. Please note that details about what the issues exactly are and how they could be exploited are intentionally not given NOW, to give developers, package maintainers and site administrators time to fix stuff. Please use the time. If you are running something that's not up-to-date, upgrade to latest 1.8.x or 1.9.x NOW and follow the SecurityFixes page. 1.8.x is still maintained for people who don't want to deal with WSGI stuff right now. If that's not an issue for you, please upgrade to latest 1.9.x. Cheers, Thomas ------------------------------------------------------------------------------ The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com _______________________________________________ Moin-user mailing list Moin-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/moin-user
