Accepted moin 1.5.7-3ubuntu1 (source)

Kees Cook kees at ubuntu.com
Tue May 15 00:15:14 BST 2007 

Accepted:
 OK: moin_1.5.7-3ubuntu1.dsc
     -> Component: main Section: net
 OK: moin_1.5.7.orig.tar.gz
 OK: moin_1.5.7-3ubuntu1.diff.gz

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 14 May 2007 15:55:15 -0700
Source: moin
Binary: moinmoin-common python-moinmoin
Architecture: source
Version: 1.5.7-3ubuntu1
Distribution: gutsy
Urgency: high
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Kees Cook <kees at ubuntu.com>
Description: 
 moinmoin-common - Python clone of WikiWiki - common data
 python-moinmoin - Python clone of WikiWiki - library
Closes: 373464 373464 383841 383909 384349 410338 410338 422408
Changes: 
 moin (1.5.7-3ubuntu1) gutsy; urgency=low
 .
   * Merge from debian unstable, remaining changes:
     - 11000_show_traceback_toggle.patch: allow for 'show_traceback=0' in
       Moin configurations.
 .
 moin (1.5.7-3) unstable; urgency=high
 .
   * Sync with upstream HG development source, including a security fix:
     + XSS fix for AttachFile 'do' parameter.
     CVE-2007-2423. Closes: bug#422408, thanks to EN Douli for discovery
     and to Florian Weimer for reporting to Debian BTS.
   * Update local cdbs tweaks:
     + Improved upstream-tarball handling.
     + Minor updates to debain/README.cdbs-tweaks.
   * Cleanup duplicate build-dependencies.
   * Set urgency=high due to the upstream security fix.
 .
 moin (1.5.7-2) unstable; urgency=high
 .
   * Sync with upstream HG development source, including a security fix:
     + Respect ACLs in MonthCalendar macro.
   * Update local cdbs tweaks:
     + Check for copyrights at pre-build (at clean we might run before
       actual cleanup has finished).
     + Add new upstream-tarball.mk: get-orig-source target and more.
     + Update debain/README.cdbs-tweaks.
   * Set urgency=high due to the upstream security fix.
 .
 moin (1.5.7-1) unstable; urgency=low
 .
   * New upstream release. Closes: Bug#384349.
     Highlights:
     + XSS Fixes (already fixed in Debian NMU).
     + Improved LDAP authentication.
     + Various GUI editor improvements (but still buggy!).
     + Attachments can be overwritten, moved to a different page, and
       referenced.
     + Various performance improvements.
     + Rendering fixes (especially workarounds for IE6 bugs).
     + Simplified migration routine. Please read
       /usr/share/doc/moinmoin-common/README.Migration(.gz).
     + Fix for forgotten password email login URL.
     + Google sitemap support: ?action=sitemap.
     + Updated translations: i18n strings, system and help pages.
     + Hyphens are now allowed in usernames. Closes: Bug#383909.
     + Improved docutils and ReST support.
   * Acknowledge NMUs. Closes: Bug#373464, #383841, #410338, thanks to
     Josselin Mouette, Pierre Habouzit, Martin Zobel-Helas and Toni
     Mueller.
   * Reorganize patches.
     + Extend patches to 5 digits to make room for Hg changesets.
     + Adjust debian/patches/README to mention Hg (not Arch).
     + Use quilt (not the simple cdbs-internal patch system).
   * Add patches to bring in sync with upstream Hg (patchset 822).
   * Remove parts of CVE-2007-0857 applied upstream (changesets 805-806).
     Rename patch to follow new 5-digit scheme.
   * Rewrite README.packaging to describe getting changesets from Hg (not
     Arch).
   * Update CDBS tweaks:
     + Update copyright-check.mk: Look for "(c)" too, avoid non-printable
       characters, verbose error report.
     + Update buildinfo.mk: Fix touchfile to run only once.
     + Major overhaul of python-distutils.mk: Syncronize with main cdbs,
       which adds support for new Python policy, and massive rewrite to
       bring back functionality broken in the default implementation of
       that new policy.
     + Replace auto-update.mk with (overload of) buildcore.mk.
     + Add README.cdbs-tweaks documenting the added tweaks.
     + Advertise README.cdbs-tweaks in debian/rules.
   * Enable new Python policy, except when DEB_BUILD_OPTIONS contains
     "sarge". Closes: Bug#373464 (thanks to Pierre Habouzit and ).
   * Bump up Standards-Version to 3.7.2 for non-default distros.
   * Adjust long description to not mention dropped pythonXX-moinmoin.
   * As stated in README.Debian, CGI interface has had most testing:
     + Revert to suggesting apache in favor of libapache(2)-python.
     + Suggest httpd-cgi (not httpd) as fallback.
   * Cleanup and improve debian/rules:
     + Use (newly improved!) tweaked cdbs again, to also support
       distributions using the old python policy.
     + Restore rules aaplying only to old python policy.
     + Add switch to declare variables varying between python policies.
     + Stitch together README.Debian from parts, referring to build-
       dependent default python version, and leaving out section on
       multiple packages when using new python policy.
     + Stitch together README.Debian and  moinmoin-common.postinst in
       pre-build, and remove in clean. This avoids distributing changes
       and then loosing it again automatically at next build.
     + Add more comments.
     + Move build targets to switch distribution down to the bottom.
   * Update debian/copyright:
     + Add new copyright for Bubblehelp infoboxes (license: GPLv2).
     + Add new copyright for EXIF filter (license: BSD-like).
     + Fix non-unicode Character (copyright-holder Peter Astrand).
   * No longer install docs/CHANGES.config dropped upstream.
   * Add note to README.Debian about risk of dict symlink breaking if
     copying and using the data from a different location. This relates
     only to the recent NMU changing (without documentaing!!!) from
     static to shared symlink.
   * Use Build-depends (not Build-depends-Indep) for non-default
     distributions.
   * Tightened pyversions to only include 2.3 and higher.
   * Suppress lintian warnings about INSTALL.html in docs (contains
     valuable info on further steps than automated in this packaging) and
     non-executable scripts in underlay (they should never be executed
     from there).
 .
 moin (1.5.3-1.2) unstable; urgency=low
 .
   * Non-maintainer upload.
   * Adding patch from BTS to fix CVE-2007-0857 (Closes: #410338)
Files: 
 81355dc045567f8ea6b2faee14791408 793 net optional moin_1.5.7-3ubuntu1.dsc
 b304f1c2054c7f3bf0dc48c141b28b33 4411634 net optional moin_1.5.7.orig.tar.gz
 ac32bda6dee47ffa55e7218f0e2a6306 53762 net optional moin_1.5.7-3ubuntu1.diff.gz
Original-Maintainer: Jonas Smedegaard <dr at jones.dk>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGSOzGH/9LqRcGPm0RAikaAJ9ehnc68TPBaA0JSDpMbi9Phs279ACeLCEc
TzridvC2FzBlgDchXIUzw1s=
=S2Q+
-----END PGP SIGNATURE-----

More information about the gutsy-changes mailing list