-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-6012 2010-04-09 00:16:51 --------------------------------------------------------------------------------
Name : moin Product : Fedora 11 Version : 1.8.7 Release : 2.fc11 URL : http://moinmo.in/ Summary : MoinMoin is a WikiEngine to collaborate on easily editable web pages Description : MoinMoin is an advanced, easy to use and extensible WikiEngine with a large community of users. Said in a few words, it is about collaboration on easily editable web pages. -------------------------------------------------------------------------------- ChangeLog: * Sat Apr 3 2010 Ville-Pekka Vainio <vpivaini AT cs.helsinki.fi> - 1.8.7-2 - Fixes CVE-2010-0828 (rhbz#578801) * Thu Feb 18 2010 Ville-Pekka Vainio <vpivaini AT cs.helsinki.fi> - 1.8.7-1 - Fixed major security issues in miscellaneous parts of moin - http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES - http://secunia.com/advisories/38444/ - Fixes rhbz#565604 * Mon Dec 28 2009 Ville-Pekka Vainio <vpivaini AT cs.helsinki.fi> - 1.8.6-1 - 1.8.6, mostly bug fixes - http://hg.moinmo.in/moin/1.8/raw-file/1.8.6/docs/CHANGES * Tue Sep 15 2009 Ville-Pekka Vainio <vpivaini AT cs.helsinki.fi> - 1.8.5-1 - 1.8.5 - Includes multiple bug fixes, a new FCKeditor version and some new features - http://hg.moinmo.in/moin/1.8/raw-file/1.8.5/docs/CHANGES * Sat Jul 25 2009 Fedora Release Engineering <[email protected]> - 1.8.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Sun Jul 12 2009 Ville-Pekka Vainio <vpivaini AT cs.helsinki.fi> 1.8.4-2 - Remove the filemanager directory from the embedded FCKeditor, it contains code with know security vulnerabilities, even though that code couldn't be invoked when moin was used with the default settings. - Fixes rhbz #509924, related to CVE-2009-2265 * Sat Jun 13 2009 Ville-Pekka Vainio <vpivaini AT cs.helsinki.fi> 1.8.4-1 - Update to 1.8.4, http://moinmo.in/MoinMoinRelease1.8 has a list of changes. - Includes a security fix for hierarchical ACL (not the default mode), http://moinmo.in/SecurityFixes has the details. - Drop previous security patches, those are not needed anymore. -------------------------------------------------------------------------------- References: [ 1 ] Bug #578801 - CVE-2010-0828 Moin v1.8.7 / v.1.9.2 -- XSS in Despam action https://bugzilla.redhat.com/show_bug.cgi?id=578801 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update moin' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
