Bug#591532: Info received (Bug#591532: wiki.debian.org: When I try to login I get: global name 'wikiutil' is not defined)
Problem: When I try to login I get: global name 'wikiutil' is not defined Workaround for this bug: Type your password properly! i.e: after some investigations, it appears that the regression introduced in the last secruity update only occurs when a user tries to login with a wrong password (moin 1.7.1-3+lenny5 ; Bug #584809 ; CVE-2010-2487) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#591532: wiki.debian.org: When I try to login I get: global name 'wikiutil' is not defined
Package: wiki.debian.org Severity: normal When I try to login I get: global name 'wikiutil' is not defined. -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores) Locale: LANG=es_GT.UTF-8, LC_CTYPE=es_GT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#591532: wiki.debian.org: When I try to login I get: global name 'wikiutil' is not defined
reassign 591532 moin thanks Hello, It's a bug in the package, introduced by a recent security update. I've attached a patch to fix it (I don't understand how I could miss that bug when I tested my previous patch). Thank you for reporting this bug, Franklin Josue Abarca wrote: Package: wiki.debian.org Severity: normal When I try to login I get: global name 'wikiutil' is not defined. diff --git a/debian/patches/CVE-2010-2487-XSS.patch b/debian/patches/CVE-2010-2487-XSS.patch index d353459..949feb9 100644 --- a/debian/patches/CVE-2010-2487-XSS.patch +++ b/debian/patches/CVE-2010-2487-XSS.patch @@ -166,8 +184,19 @@ Last-update: 2010-06-04 return request.page.send_page() func(pagename, request) a/MoinMoin/action/login.py 2008-03-03 00:20:39.0 +0100 -+++ b/MoinMoin/action/login.py 2010-06-07 06:41:50.0 +0200 +Index: git/MoinMoin/action/login.py +=== +--- git.orig/MoinMoin/action/login.py 2010-08-03 20:01:39.0 -0400 git/MoinMoin/action/login.py 2010-08-03 20:14:20.0 -0400 +@@ -10,7 +10,7 @@ + @license: GNU GPL, see COPYING for details. + + +-from MoinMoin import userform ++from MoinMoin import userform, wikiutil + from MoinMoin.Page import Page + from MoinMoin.widget import html + @@ -68,7 +68,7 @@ if hasattr(request, '_login_messages'): for msg in request._login_messages: