[ubuntu/zesty-proposed] moin 1.9.8-1ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue Nov 22 13:11:15 UTC 2016 

moin (1.9.8-1ubuntu2) zesty; urgency=medium

  * SECURITY UPDATE: XSS in attachment dialogue
    - debian/patches/CVE-2016-7146.patch: properly escape page_name in
      MoinMoin/action/fckdialog.py.
    - CVE-2016-7146
  * SECURITY UPDATE: XSS in AttachFile view
    - debian/patches/CVE-2016-7148.patch: properly escape pagename in
      MoinMoin/action/AttachFile.py.
    - CVE-2016-7148
  * SECURITY UPDATE: XSS in link dialogue
    - debian/patches/CVE-2016-9119.patch: properly escape strings in
      MoinMoin/action/fckdialog.py.
    - CVE-2016-9119

Date: Tue, 22 Nov 2016 07:45:20 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/moin/1.9.8-1ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 22 Nov 2016 07:45:20 -0500
Source: moin
Binary: python-moinmoin
Architecture: source
Version: 1.9.8-1ubuntu2
Distribution: zesty
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 python-moinmoin - Python clone of WikiWiki - library
Changes:
 moin (1.9.8-1ubuntu2) zesty; urgency=medium
 .
   * SECURITY UPDATE: XSS in attachment dialogue
     - debian/patches/CVE-2016-7146.patch: properly escape page_name in
       MoinMoin/action/fckdialog.py.
     - CVE-2016-7146
   * SECURITY UPDATE: XSS in AttachFile view
     - debian/patches/CVE-2016-7148.patch: properly escape pagename in
       MoinMoin/action/AttachFile.py.
     - CVE-2016-7148
   * SECURITY UPDATE: XSS in link dialogue
     - debian/patches/CVE-2016-9119.patch: properly escape strings in
       MoinMoin/action/fckdialog.py.
     - CVE-2016-9119
Checksums-Sha1:
 a590d601fed4cc77dc8a7aec7ee20ddbff003a69 1958 moin_1.9.8-1ubuntu2.dsc
 579aa75f62c7146dcdb6c76c1fc556c76f5cb96d 151344 moin_1.9.8-1ubuntu2.debian.tar.xz
Checksums-Sha256:
 94173fbe52f56e558a00f2bf1130e827c326a339f99c7580976e881a2aea9ffe 1958 moin_1.9.8-1ubuntu2.dsc
 6a1c29fc1402a050e8ad623868059ccc0a8469ea16462c7293f9a2f0c53822ec 151344 moin_1.9.8-1ubuntu2.debian.tar.xz
Files:
 11c7ccc52f3dae950295b94686cbb0b2 1958 net optional moin_1.9.8-1ubuntu2.dsc
 6872e38c7f6daf85b04c202b5f9c09d3 151344 net optional moin_1.9.8-1ubuntu2.debian.tar.xz
Original-Maintainer: Steve McIntyre <93sam at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJYNEN7AAoJEGVp2FWnRL6TVn8QAJesj2glKCcUNlHt7+1rURB9
JWvq8JOkya6Hh3xK+ApAp/x/PLBH/YZn4kCVB/KNRtO5vaxUFRlWBCZaxgL5BzJt
3Avw0s83gJkplinwBnOqL7/EXZQbSA0TaYnIbz8X+wjnwlzCm/HO5cl/g3UKbO9A
tziKst2zs6+EElsnXAZMipHFv3Ox71kXUF+SSAvey5vBLMdduWEsj+m5VFMPsGsb
CXbx5yy5dxZ+2YNlbS/W38qnk+rNuF1g0r8+Mpp0T/KlddBdt0AuaQ4BcQDjCPyq
TLqRhXjjWuFeyY+Csg8rO6d9mY6sAJi0DFFaubL7GoyWTxoH2Njk5J4sgOIjVTH9
lTrQ6wk/buRZvpLjR+lJsrsoniKaxuRVWNK6WND6bNzgb/l2Awqr9UFIhi1PFQkn
lx910NaUgdEmAc9o0xpLdNQLngUCqLnUYBCmkLHQM9HZA5Cd+FEylwQ14faAjXHN
E3wJcEDwNi8We/Gcrv1GNwVXb53d3rXyrSP6s9xgTeNign6M6yUqi2AKuVn6HR7/
0qKI/aoyp1fTQKCVRW5/TR/IkyTRgA7qOyaWW6f6Y/q8Qu0dw7isVrRZ5quhWQmM
5Mr5a19Bkrri5Wj/CVeGwFEz+c9se6H6/nPTBGaeTB3JUjKWQctFK90cud22Jy4q
boDG7KmPXobpqnVht+6s
=1swy
-----END PGP SIGNATURE-----

More information about the Zesty-changes mailing list