Comment 5 for bug 322890

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package moin - 1.8.1-1.1ubuntu1

---------------
moin (1.8.1-1.1ubuntu1) jaunty; urgency=low

  * Merge from debian unstable (LP: #322890), Ubuntu remaining changes:
    - Remove python-xml from Recommends field, the package isn't anymore in
      sys.path.

moin (1.8.1-1.1) unstable; urgency=high

  * Non-maintainer upload by the security team
  * Fix cross-site scripting vulnerability via basename parameter in the
    AttachFile action (Closes: #513158)
    Fixes: CVE-2009-0260
  * Fix cross-site scripting vulnerability in antispam.py via malformed
    content
    Fixes: CVE-2009-0312

 -- Alessio Treglia <email address hidden> Thu, 29 Jan 2009 20:36:20 +0100