Package Release Info

moinmoin-wiki-1.9.11-bp152.4.3.1

Update Info: openSUSE-2020-1998
Available in Package Hub : 15 SP2 Update

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

moinmoin-wiki

Change Logs

* Thu Nov 12 2020 Olav Reinert <seroton10@gmail.com>
- Security and bug fixes:
  * security fix for CVE-2020-25074 (boo#1178744):
    fix remote code execution via cache action
    changeset with fix: d1e5fc7d
  * security fix for CVE-2020-15275 (boo#1178745):
    fix malicious SVG attachment causing stored XSS vulnerability
    changeset with fix: 64e16037
  * make setup.py and .cfg ascii-only, #40
  * fix SubProcess' os.setsid usage, #44
  * fix interwiki test fails that crept into 1.9.10 release
  * highlight parser: use language as code_type rather than "highlight"
  * catch indexer error for too long names, #57
  * improved indexer logging so logging never crashes due to
    encoding issues for non-ascii page or attachment names.
  * fix mailheader parsing, add tests for mailimport, #53
  * workaround werkzeug errors='fallback:...' regression, #37
  * mailimport: fix AttributeError, #55
  * surge protection / hosts_deny: fix broken html, #60
- Other changes:
  * upgrade werkzeug 0.14.1 -> 1.0.1, adapt imports
    HINT: if you use the ProxyFix code, the required import has changed to:
    from werkzeug.middleware.proxy_fix import ProxyFix
  * add secure-cookie 0.1.0 (code was formerly part of werkzeug.contrib), adapt imports
  * update pygments 2.1.3 -> 2.5.2
  * update passlib 1.7.1 -> 1.7.2
  * update parsedatetime 2.4 -> 2.6
Version: 1.9.10-bp150.3.4.1
* Mon Oct 08 2018 astieger@suse.com
- add upstream signing key and verify source signature
* Mon Sep 17 2018 seroton10@gmail.com
- Upgrade to version 1.9.10
  + security fix for CVE-2017-5934, XSS in GUI editor related code
    (boo#1111104)
  + removed raw#199.patch, is included in new version