UbuntuUpdates.org

Package moin

Name:	moin
Description:	This package is just an umbrella for a group of other packages, it has no description. Please select a package in "Packages in group" for more information.
Latest version:	1.8.4-1ubuntu1.3
Ubuntu release:	karmic (9.10)
Level:	security
Repository:	main

All versions of moin in Karmic

security (this page)	base	updates
1.8.4-1ubuntu1.3	1.8.4-1ubuntu1	1.8.4-1ubuntu1.3

See all versions of moin in all Ubuntu releases and repositories.

Links

• Save this URL for the latest version of "moin": http://www.ubuntuupdates.org/moin
• External home page for moin

Packages in group

python-moinmoin

Change Log

Version: 1.8.4-1ubuntu1.3	2010-08-25 16:04:26 UTC
moin (1.8.4-1ubuntu1.3) karmic-security; urgency=low * SECURITY UPDATE: arbitrary script injection via multiple cross-site scripting issues. - debian/patches/30003_CVE-2010-2487,2969,2970.patch: properly escape strings in MoinMoin/{Page,PageEditor,PageGraphicalEditor}.py, MoinMoin/action/*.py. - CVE-2010-2487 - CVE-2010-2969 -- Marc Deslauriers Fri, 20 Aug 2010 10:49:14 -0400
Source diff to previous version
CVE-2010-2487 Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, 1.8.x before 1.8.8, and 1.9.x before 1.9.3 allow remote attackers t CVE-2010-2969 Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary

Version: 1.8.4-1ubuntu1.2	2010-04-08 17:01:36 UTC
moin (1.8.4-1ubuntu1.2) karmic-security; urgency=low * SECURITY UPDATE: fix XSS in Despam action - debian/patches/30002_CVE-2010-0828.patch: use wikiutil.escape() in revert_pages() - CVE-2010-0828 -- Jamie Strandboge Tue, 30 Mar 2010 13:58:02 -0500
Source diff to previous version
CVE-2010-0828 Cross-site scripting (XSS) vulnerability in action/Despam.py in the Despam action module in MoinMoin 1.8.7 and 1.9.2 allows remote authenticated users

Version: 1.8.4-1ubuntu1.1	2010-03-12 01:01:12 UTC
moin (1.8.4-1ubuntu1.1) karmic-security; urgency=low * SECURITY UPDATE: fix multiple CSRF vulnerabilities - debian/patches/30000_CVE-2010-0668+0717.patch: add tickets to prevent CSRF attacks in several components. - CVE-2010-0668 * SECURITY UPDATE: properly sanitize user profiles - debian/patches/30001_CVE-2010-0669.patch: adjust userprefs/prefs.py, user.py and wikiutil.py to sanitize input - CVE-2010-0669 -- Jamie Strandboge Tue, 02 Mar 2010 12:01:33 -0600
CVE-2010-0668 Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related t CVE-2010-0669 MoinMoin before 1.8.7 and 1.9.x before 1.9.2 does not properly sanitize user profiles, which has unspecified impact and attack vectors.

---

Share this page

Tweet

News

  News
  Comments

Recent

Opera 10.61 in Opera PPA
Maverick soon to be added to UbuntuUpdates
Thunderbird 3.1 in Lucid
Opera 10.60 in Opera PPA
KDE 4.4.4 in Lucid

Most Popular

Maverick package stats
All UbuntuUpdates News Feeds
Google Chrome in Ubuntu: 2 repositories, 3 versions
KDE 4.4 PPA for Karmic: all the details
Install Firefox 3.6 in Karmic
Introducing ubuntuupdates.org

See all

Bookmarks

skype 2.1.0.81-1
gnome-shell 2.31.4
virtualbox 3.2.8-64453
opera 10.61.6430
wine1.3 1.3.1-0
linux-maverick 2.6.35-19.25
kernel 2.6.35-19.28
nvidia-graphics-drivers 256.52-0
kernel 2.6.32-25.43
gwibber 2.30.2-0
google-chrome-beta 6.0.472.53
pidgin 1:2.7.3-1
mythtv 0.23.1
chromium-browser 7.0.517.0
firefox-4.0 4.0

Latest updates

  Packages changelogs
  Bugs & CVEs

updates

collectd (lucid)
sawfish (lucid)
gdebi (lucid)
gwibber (lucid)
lazr.restfulclient (lucid)

base

libgenome (maverick)
llvm-2.8 (maverick)
jockey (maverick)
nvidia-settings (maverick)
opendrim-lmp-ssh (maverick)
opendrim-lmp-bios (maverick)
elilo (maverick)
docky (maverick)
fai (maverick)
gkeyfile-sharp (maverick)
libconfig-simple-perl (maverick)
wsjt (maverick)
angband (maverick)
cobertura-maven-plugin (maverick)
lilypond (maverick)
localepurge (maverick)
lxc (maverick)
nlog (maverick)
puppet (maverick)
pymt (maverick)
qt4-x11 (maverick)
casper (maverick)
libmtp (maverick)
puppet (maverick)
usb-creator (maverick)

See all

PPA updates

  PPAs

chromium-browser (maverick)
firefox-4.0 (maverick)
xulrunner-2.0 (maverick)
firefox-4.0 (lucid)
xulrunner-2.0 (lucid)
chromium-browser (lucid)
xulrunner-2.0 (karmic)
chromium-browser (karmic)
firefox-4.0 (karmic)
gnaural (lucid)
ogmrip (lucid)
qbittorrent (lucid)
sqlrunner (lucid)
thunderbird (maverick)
docky (maverick)
docky (karmic)
docky (lucid)
nautilus-flickr-uploader (lucid)
sweethome3d (lucid)
transgui (lucid)
wiican (lucid)
xulrunner-1.9.2 (lucid)
xulrunner-1.9.2 (maverick)
xulrunner-1.9.2 (karmic)
thunderbird (lucid)
xulrunner-1.9.2 (lucid)
thunderbird (karmic)
xulrunner-1.9.2 (karmic)
mythplugins (maverick)
myththemes (maverick)

See all