-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 15 Oct 2018 19:23:10 +0200 Source: moin Binary: python-moinmoin Architecture: source all Version: 1.9.8-1+deb8u2 Distribution: jessie-security Urgency: high Maintainer: Steve McIntyre <93sam@debian.org> Changed-By: Markus Koschany <apo@debian.org> Description: python-moinmoin - Python clone of WikiWiki - library Changes: moin (1.9.8-1+deb8u2) jessie-security; urgency=high . * Non-maintainer upload by the LTS team. * Fix CVE-2017-5934: Nitin Venkatesh discovered a cross-site scripting vulnerability in moin, a Python clone of WikiWiki. A remote attacker can conduct cross-site scripting attacks via the GUI editor's link dialogue. This only affects installations which have set up fckeditor (not enabled by default). Checksums-Sha1: 4dbefaa5463460ee4469688295c1c0cd13602af8 2044 moin_1.9.8-1+deb8u2.dsc 9929627c8b5bb52aea705f7cf7c09e4e8c2fde82 149688 moin_1.9.8-1+deb8u2.debian.tar.xz 082445056a26b64c9a9b82c271131bffb906f8bd 7996448 python-moinmoin_1.9.8-1+deb8u2_all.deb Checksums-Sha256: 4005555a3402de219b44d945d9db2895cd8c4c718a27d68ce554b1fcb0d55d75 2044 moin_1.9.8-1+deb8u2.dsc 184251bc723544d84d93bd55665bf9cc9780aa5b53ae739087ac4a0bb1fe1e8c 149688 moin_1.9.8-1+deb8u2.debian.tar.xz b0870d201cf91cdc439d99cc151c130abf99d5e4a6e596911ec3466fe349b378 7996448 python-moinmoin_1.9.8-1+deb8u2_all.deb Files: d7f86c044ae15eea29358f0833b407b3 2044 net optional moin_1.9.8-1+deb8u2.dsc 9548bf8b96fa2db4d35193738e1bc473 149688 net optional moin_1.9.8-1+deb8u2.debian.tar.xz b00990411962d5b15e0292fb27220c0c 7996448 python optional python-moinmoin_1.9.8-1+deb8u2_all.deb -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlvE9sxfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkqpIP/iauXZ1a6mgzUOlMKK6cIXQMBaa47Vg89B5E TrOar9bK0R8UQLWyU9ULhZvgyAtZc9Twb8z+7Ev61JRmn8L7scjtKBOqxF3JXEK3 9+9QaOSdqMzxScoBsWmpQJO86GME8b4pPcs0Mmli/JXSJ0X0KwNcr5tJI4ne8fRn ljV34hyKh8noW3UDSUMZpcjAh5i3itcT3UNClKVxJnSmPP/Ew1B7CK5Qs1NwW8kw w+VsqIlFrFJOIV+x2snjCNkjeKsiZQodvHfy3Nn1GaYufuH2tSJ4oBmfCM0I/iD2 YjnUB7ZY12hnpOLwuKAS60oyHTN0g8GurXFNDzdTpKvMZdE+nhGuWJxqQINd47QA PJVCzAjGh+OURgM8Ci/0MCy6Wvw+tCqnkaugfC9aCl24+3jxPULB+ausjr4HTXlP 9OVPh8HL9zbcy35sbqmUeNYQklwDCZUcxNQN9sFk3WLnwen+nXfhVwLlCk0SuUCm Sq3KYeJ7mF9hD9ST7Iu7S0tcD/kWIrzjMfX3Uz81zbnrYm1aeXM4JhTUuROPyNWu XLnFG0pzl0UsGQ+WGymJ45lGXJmpNJzBWF8e7FEtLpc4QhW+DmWVvetuxT67uhfC VglKduQ3f85p3+asiYAaDrt6OXZg3yb24CfpBVBVdlGnd5LStTqyo5HLJ/nonOtb tH0UZvuo =0duE -----END PGP SIGNATURE-----