-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 12 Dec 2012 14:17:35 +0000 Source: moin Binary: python-moinmoin Architecture: source all Version: 1.9.5-2 Distribution: unstable Urgency: high Maintainer: Steve McIntyre <93sam@debian.org> Changed-By: Steve McIntyre <93sam@debian.org> Description: python-moinmoin - Python clone of WikiWiki - library Changes: moin (1.9.5-2) unstable; urgency=high . * Several security fixes from upstream: + fix XSS issue, escape page name in rss link (CVE id not available yet) + make taintfilename more secure + escape user- or admin-defined css url + use a constant time str comparison function to prevent timing attacks Checksums-Sha1: f2da0ca7f5780b63136cda2f35d4442af87ca87f 1896 moin_1.9.5-2.dsc 2681343f26c4819ac6d055a8491536336292fff4 129842 moin_1.9.5-2.debian.tar.gz da4824fbbc5eb46ef933e0dae102418b42af3997 21441978 python-moinmoin_1.9.5-2_all.deb Checksums-Sha256: b17e9caa3ea14f180f78a1b0085ee5fc4d903a461cd7991559551c396e901673 1896 moin_1.9.5-2.dsc 52032e242d66a530a301d4447e46b6abc664c94a35fc98ced8a97b615b65658e 129842 moin_1.9.5-2.debian.tar.gz cc03b22ca4d7e793662e0eb71958637a797534185fa915c31c5315c877e40561 21441978 python-moinmoin_1.9.5-2_all.deb Files: 80be6838fa00faaa21349f69d1111a87 1896 net optional moin_1.9.5-2.dsc 47bd6300e28948ad40aa7b76b0595022 129842 net optional moin_1.9.5-2.debian.tar.gz b5752f679119bcee9d8eb3061e84bbe0 21441978 python optional python-moinmoin_1.9.5-2_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJQyJVzAAoJEFh5eVc0QmhOSBIP/3lr8+Jd8Y7uzHeGbF8QhG1q FKhc+1ryVC7aT4Z7apmu9nFmbnEg9dc819BV1jQ0aEHmQklQT1DFdIN9yTmAbz+P m3UAO/8LZ42NcB3ff3YOpRLo5lC4++e403ayKolA4D4kHoW1NCa8ZnJ/6/7PCcTb 2MgVlOfeqcRYAlyi1f0uwj3ESAXf+d5E4y+7KWkM0r/N60RkRCdnjASeLzZq5yRf MkrTyJNMkywgO76BB1BNV/aQUcDpoH9MIEf/HMGJffgTPP8Oy63q0HHKRXWYtkrs aQk2FESAhDgmNO2/OGMAQxMWAdcz0XWeIRRZq7lvVjOl0CwnB5vO7Jvm7NX/uTBk 8P5VgRlfsxUV4wqPE3AlO+RGzu0Yoora2OAdCYk3RNKDOBiTlLQEOeQ/imj8JCjD GsoIj7+UZ2GbhnboiYKi/Uxs7Fa1FhymqkHbgEmsanY2n0RZEz6evPv47e+UpHP9 XjzBM7WEGp3dB8ELYziQEZy3t8wwLSFvAE/+beu/tChKkUdmjnJvBxKsFgS60LgL bpq0rOidE2q8JL1s7KMFqRCC3J2I8FCGlDzWiBq+uSBCUbPOBXygBgpGL26DvQVk FVUgVbO+bE9YYNKyrrqq3cE4QwVPHwNK8faJeo8fCxoyrvPXgHyJcevhagh/w23r /AowD6ybh3gXC/i5UQgw =SbV3 -----END PGP SIGNATURE-----