Accepted moin 1.9.7-2~bpo7+1 (source all) into wheezy-backports, wheezy-backports
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 31 Jul 2014 14:34:47 +0100
Source: moin
Binary: python-moinmoin
Architecture: source all
Version: 1.9.7-2~bpo7+1
Distribution: wheezy-backports
Urgency: high
Maintainer: Steve McIntyre <93sam@debian.org>
Changed-By: Steve McIntyre <93sam@debian.org>
Description:
python-moinmoin - Python clone of WikiWiki - library
Closes: 704433 721557
Changes:
moin (1.9.7-2~bpo7+1) wheezy-backports; urgency=medium
.
* Update backport to get the fix for UTF-8 problems with the account
creation checker.
.
moin (1.9.7-2) unstable; urgency=medium
.
* Add source for the minified copy of jquery.js included in the upstream
source tarball, even though it's never used in the Debian build at all.
Close: #754783. Mention it in README.source too
* Minor updates prompted by lintian:
+ Update Standards-Version
+ Switch from "dh_clean -k" to "dh_prep"
+ Minor tweaks to debian/copyright to fix parse errors
.
moin (1.9.7-1) unstable; urgency=low
.
* New upstream release (x2)
* Make sure that strings output to the external account creation checker
are marked as UTF-8.
* Re-add missing dependencies, fallout from the CDBS switch.
Closes: #704433
* Add dependency on python-passlib rather than use the bundled version.
* Update patches to fit upstream changes:
+ recaptcha.patch
+ subscribercache.patch
+ use_systemwide_libs.patch
+ mail-verification.patch
* Remove patches that were already from upstream:
+ constant_time_strcmp.patch
+ escape_css_url.patch
+ secure_taintfile_name.patch
+ escape_pagename_in_rss.patch
+ draw-taintfile.patch
+ attachfile-path-traversal.patch
* Split out the call to external account creation check into a separate
patch (external_account_creation_check.patch) instead of lumping it in
with mail-verification.patch
* Do not create empty pagedir (with empty edit-log). Patch from
upstream. Closes: #721557
.
moin (1.9.5-5) unstable; urgency=low
.
* Re-package without CDBS.
* Switch from dh_pysupport to dh_python2
.
moin (1.9.5-4) unstable; urgency=high
.
* Another security fix from upstream:
+ fix path traversal vulnerability in AttachFile action
(CVE-2012-6080).
.
moin (1.9.5-3) unstable; urgency=high
.
* Security fix from upstream:
+ fix remote code execution vulnerability in twikidraw/anywikidraw
actions (CVE-2012-6081).
.
moin (1.9.5-2) unstable; urgency=high
.
* Several security fixes from upstream:
+ fix XSS issue, escape page name in rss link (CVE-2012-6082)
+ make taintfilename more secure
+ escape user- or admin-defined css url
+ use a constant time str comparison function to prevent timing
attacks
.
moin (1.9.5-1) unstable; urgency=low
.
* New upstream release.
* New maintainer: Steve McIntyre. Thanks to Jonas for all his previous
hard work.
Checksums-Sha1:
da0ae88b6358b9b2a6c0ec8b23357e11a9d6679e 1891 moin_1.9.7-2~bpo7+1.dsc
5b564b778c6b8db217aab743f5a1c60fb9278c50 180271 moin_1.9.7-2~bpo7+1.debian.tar.gz
4d360ad9273789650b86e69854818e8efa26ac1e 21454536 python-moinmoin_1.9.7-2~bpo7+1_all.deb
Checksums-Sha256:
24fd514761c937e030e7f42cffa6f34616a26f9db55a3272b9d812dae474134a 1891 moin_1.9.7-2~bpo7+1.dsc
98f55d1ca725638ff869b331cd9217363730480c908e232aaee5910dc463e0ca 180271 moin_1.9.7-2~bpo7+1.debian.tar.gz
c2192eb41b1b425afd3afb1d0921e57378b1edf935fcbfb75f2ec0dff8a23e1f 21454536 python-moinmoin_1.9.7-2~bpo7+1_all.deb
Files:
d9c1dfe19c09c4369c78d76d42f8ecd2 1891 net optional moin_1.9.7-2~bpo7+1.dsc
1190c4bde8dc253501318f8d6005cd5d 180271 net optional moin_1.9.7-2~bpo7+1.debian.tar.gz
27dc96fedffb91508dcac87083a0fbb9 21454536 python optional python-moinmoin_1.9.7-2~bpo7+1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJT6M0WAAoJEFh5eVc0QmhO27MQALM5+Zp4irMTErWgb+eGmpNe
WhER/BKMd3GRW9UIjnL/mKD7h2sS83OSxablboeSNrB85ynTvhZQiMcPPttNA2TY
7Sf36NItdalNYcsJjK1ProLgQCVRmCaTuCB9eGbLNkHHXC8Au5+/rQuDDhFBxkr0
SmJ/10Zmp/V1ZTRXMvMaL76YoSJjwnbG0+1Vrs9FIY0fO30kgnix4s8JJwsMO83P
0ebnNgsJnjf+Hgr83U1SUJxjmMKAxjDUMa9ehIqwAGNR+muFwMm/tzI2tLidI7D5
u45iR2Kg7+babRyWJIqTOqtK30RE5p3ABUdThL0ihSWwAjbr0i/NuwiJsmIrchr+
tfAm21apeKKK0elY2PExgnZL2WtBzm4pr1L0ZP8FuQXEmRknPdEP7ZIeS5pkAk2n
/wBQ7K5Lj652yPn/qnKatP6nlFUdTj3jdJg1bJ1X+3Jr0wX5dnzxY2J4ILKdcj1H
GCWmQZFRrW8W6q4H/cqeGNEv+j45TOuHcw9YdVxILDcmLWA1Oaohy0JxMo4jq/x0
vanzvaX0j1kJsNbQuHm3X7/WsWTUeknWbVmpYEOdEz7xAe7M0gHliQKB8pgZGNKm
LyX2Lc5pvIGlAkB3xsVftzkdldAsGX0wpdtR9+uaOGzxJxl838MXje34MEpfUHSl
a12Te+daM7BFcrjdtkd4
=hyvp
-----END PGP SIGNATURE-----
Reply to: