[Bug 228764] CVE-2007-0901, CVE-2007-0902: moin 1.5.7 XSS, information disclosure

Mon May 7 13:13:07 UTC 2007

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.

Summary: CVE-2007-0901, CVE-2007-0902: moin 1.5.7 XSS, information disclosure

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228764

bugzilla at redhat.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Priority|normal                      |medium

matthias at rpmforge.net changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |CLOSED
         Resolution|                            |CURRENTRELEASE
   Fixed In Version|                            |1.5.7-2

------- Additional Comments From matthias at rpmforge.net  2007-05-07 09:13 EST -------
Debian has a really great MoinMoin package, and seems to track upstream really
closely.

I've reviewed, included and tested 4 security patches from Debian, which should
fix CVE-2007-0857, CVE-2007-0901, CVE-2007-0902 and CVE-2007-2423 (and other
security bugs too).

I've updated F7,6,5 and EL5,4 branches (all current).

-- 
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.