moinmoin-wiki-1.9.9-bp150.2.4

- Trim filler wording from description.

- Upgrade to version 1.9.9:
  + added raw#199.patch as specified by upstream
- Remove obsolete Java drawing Applets from package
  + removed anywikidraw-java8.patch
  + removed anywikidraw-java9.patch
  + removed anywikidraw.patch
  + removed twikidraw-java9.patch

- Adjust to Java9 as default compiler
  + added anywikidraw-java9.patch
  + added twikidraw-java9.patch

- Always use python2 interpreter

- Reinstate AnyWikiDraw applet, with proof it's actually GPL.

- Remove AnyWikiDraw applet due to non-GPL license (SR 356378)

- Rename package to moinmoin-wiki

- anywikidraw-java8.patch: Fix compilation error on Java 8.

- Upgrade to MoinMoin version 1.9.8:
  + surge protection for authentication requests
  + added abuse logging, and various other logging improvements
  + various changes to reduce load caused by bots
  + an XSS security fix, and other bugfixes
  + see the CHANGES file for the full list, and for more details

- Reinstate AnyWikiDraw applet in the package (bnc#895361)
  + anywikidraw.patch allows it to run as an unsigned applet

- Fix build for SLE11SP3

- Rename moin-mkwiki to mkwiki.moin (like mkfs.*)

- Remove AnyWikiDraw from package (see bnc#895361)

- Added man pages
- Filter out spurious "non-executable-script" rpmlint warning

- Rebuild Java applets for editing drawings from source.

- Reinstate applets - they are served to and executed in client
  browser, so bytecode level is irrelevant

- Remove applet JARs from SLE build - bytecode level not accepted

- default configuration of Apache 2.4 for openSUSE 13.1 expects
  old-style directives for access control.

- Reverted to standard install to /usr/share/moin
  + Removed moin-setup.py.patch
  + Added command moin-mkwiki to create a new wiki

- Remove data directory from package, only create it when needed;
  ensures it remains untouched by install/update/removal of package.

- Security and bug fixes:
  * security fix for CVE-2020-25074 (boo#1178744):
    fix remote code execution via cache action
    changeset with fix: d1e5fc7d
  * security fix for CVE-2020-15275 (boo#1178745):
    fix malicious SVG attachment causing stored XSS vulnerability
    changeset with fix: 64e16037
  * make setup.py and .cfg ascii-only, #40
  * fix SubProcess' os.setsid usage, #44
  * fix interwiki test fails that crept into 1.9.10 release
  * highlight parser: use language as code_type rather than "highlight"
  * catch indexer error for too long names, #57
  * improved indexer logging so logging never crashes due to
    encoding issues for non-ascii page or attachment names.
  * fix mailheader parsing, add tests for mailimport, #53
  * workaround werkzeug errors='fallback:...' regression, #37
  * mailimport: fix AttributeError, #55
  * surge protection / hosts_deny: fix broken html, #60
- Other changes:
  * upgrade werkzeug 0.14.1 -> 1.0.1, adapt imports
    HINT: if you use the ProxyFix code, the required import has changed to:
    from werkzeug.middleware.proxy_fix import ProxyFix
  * add secure-cookie 0.1.0 (code was formerly part of werkzeug.contrib), adapt imports
  * update pygments 2.1.3 -> 2.5.2
  * update passlib 1.7.1 -> 1.7.2
  * update parsedatetime 2.4 -> 2.6

- add upstream signing key and verify source signature

- Upgrade to version 1.9.10
  + security fix for CVE-2017-5934, XSS in GUI editor related code
    (boo#1111104)
  + removed raw#199.patch, is included in new version