Ubuntu

“moin” 1.9.2-2ubuntu3.3 source package in The Lucid Lynx

Publishing history

1.9.2-2ubuntu3.3
PUBLISHED: Lucid pocket Updates in component main and section net
  • Published on 2012-12-30
  • Copied from ubuntu lucid in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot
1.9.2-2ubuntu3.3
PUBLISHED: Lucid pocket Security in component main and section net
  • Published on 2012-12-30
  • Copied from ubuntu lucid in Private PPA for Ubuntu Security Team by Jamie Strandboge

Changelog

moin (1.9.2-2ubuntu3.3) lucid-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via anywikidraw/twikidraw
    - debian/patches/CVE-2012-XXXX.patch: adjust action/anywikidraw.py and
      action/twikidraw.py to use wikiutil.taintfilename()
    - CVE-2012-XXXX
  * SECURITY UPDATE: path traversal via AttachFile
    - debian/patches/CVE-2012-YYYY.patch: adjust action/AttachFile.py to use
      wikiutil.taintfilename()
    - CVE-2012-YYYY
 -- Jamie Strandboge <email address hidden>   Sat, 29 Dec 2012 18:14:52 -0600