-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Fri, 15 Feb 2008 23:01:17 +0100 Source: moin Binary: moinmoin-common python-moinmoin Architecture: source all Version: 1.5.3-1.2etch1 Distribution: stable-security Urgency: high Maintainer: Jonas Smedegaard <dr@jones.dk> Changed-By: Thomas Viehmann <tv@beamnet.de> Description: moinmoin-common - Python clone of WikiWiki - common data python-moinmoin - Python clone of WikiWiki - library Closes: 403363 422408 462984 Changes: moin (1.5.3-1.2etch1) stable-security; urgency=high . * Non-maintainer upload. * Adding patches from BTS / upstream up to changeset 856 db212dfc58ef + cross-site scripting vulnerabilities using AttachFile, CVE-2007-2423, CVE-2008-0781 + missing access control checks for includes and calendars, CVE-2007-2637 (Closes: #422408) + directory traversal in MOIN_ID cookie vulnerability, CVE-2008-0782 (Closes: #462984) + XSS problem in login (CVE-2008-780) + XSS problem in gui editor + XSS problem in delete page + ACL check for dictionaries + fix password reminder mails (Closes: #403363) Files: e95ec46ee8de9527a39793108de22f7d 4187091 net optional moin_1.5.3.orig.tar.gz 0650a6782cb8b11d99fbfa40378c1dfb 663 net optional moin_1.5.3-1.2etch1.dsc 13984aca140b63e2303a6034fcd4f9ec 40942 net optional moin_1.5.3-1.2etch1.diff.gz 2cd40d664082f835b2def29629ff58e8 1596522 net optional moinmoin-common_1.5.3-1.2etch1_all.deb 0a8dba5cff0e5540e4e55d39855316d4 915318 python optional python-moinmoin_1.5.3-1.2etch1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHvLaDriZpaaIa1PkRAnriAKD8v7t6OHkf3/s8foUg24cMRrQeogCgh5dT AjhnulcQ/X22VvVOIuJApVI= =aWyH -----END PGP SIGNATURE----- Accepted: moin_1.5.3-1.2etch1.diff.gz to pool/main/m/moin/moin_1.5.3-1.2etch1.diff.gz moin_1.5.3-1.2etch1.dsc to pool/main/m/moin/moin_1.5.3-1.2etch1.dsc moinmoin-common_1.5.3-1.2etch1_all.deb to pool/main/m/moin/moinmoin-common_1.5.3-1.2etch1_all.deb python-moinmoin_1.5.3-1.2etch1_all.deb to pool/main/m/moin/python-moinmoin_1.5.3-1.2etch1_all.deb
