drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in moin
Name: |
Ausführen beliebiger Kommandos in moin |
|
ID: |
FEDORA-2013-0640 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 16 |
|
Datum: |
Mi, 23. Januar 2013, 06:55 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6495 |
|
Applikationen: |
MoinMoin |
|
Originalnachricht |
Name : moin Product : Fedora 16 Version : 1.9.6 Release : 1.fc16 URL : http://moinmo.in/ Summary : MoinMoin is a WikiEngine to collaborate on easily editable web pages Description : MoinMoin is an advanced, easy to use and extensible WikiEngine with a large community of users. Said in a few words, it is about collaboration on easily editable web pages.
------------------------------------------------------------------------------- - Update Information:
Update to 1.9.6. Fixes CVE-2012-6495
For full changes, see:
http://hg.moinmo.in/moin/1.9/raw-file/1.9.6/docs/CHANGES ------------------------------------------------------------------------------- - ChangeLog:
* Thu Jan 10 2013 Kevin Fenzi <kevin@scrye.com> 1.9.6-1 - Update to 1.9.6. Fixes CVE-2012-6495 - Fix changelog dates. * Mon Oct 8 2012 Ville-Pekka Vainio <vpvainio AT iki.fi> 1.9.5-1 - New upstream release - Drop integrated security patch * Thu Sep 6 2012 Ville-Pekka Vainio <vpvainio AT iki.fi> - 1.9.4-3 - Fix CVE-2012-4404 * Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.9.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sun Feb 26 2012 Ville-Pekka Vainio <vpvainio AT iki.fi> - 1.9.4-1 - New upstream release - Drop integrated security patch * Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.9.3-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Sun Sep 18 2011 Ville-Pekka Vainio <vpvainio AT iki.fi> - 1.9.3-5 - Remove check for packaging egg-info if Fedora >= 9, breaks EL builds (rhbz#739311) ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #890902 - CVE-2012-6081 moinmoin: remote code execution vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=890902 [ 2 ] Bug #890903 - CVE-2012-6082 moinmoin: Wiki (XSS in rss link) https://bugzilla.redhat.com/show_bug.cgi?id=890903 [ 3 ] Bug #890904 - CVE-2012-6080 moinmoin: Path traversal vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=890904 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update moin' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|