Some bugs were fixed, including some critical security problems. There were also some minor feature improvements. http://sourceforge.net/project/shownotes.php?group_id=8482&release_id=243709
I'm not seeing the "critical" security fixes. Looks like there have been some tweaks to some ACLs but I didn't see any mention of being able to bypass security in the old version. Are there other links that talk about exactly what was wrong in the old version?
Sorry, I stupidly copied from freshmeat in this case. I don't know why it's announced as a critical fix.
ok -- I'm going to re-assing to web-apps then as this seems more like a regular bump bug than a security problem. If further information emerges that indicates there are important security problems with the previous version, please feel free to kick this back over to security.
I found more info on this particular problem: http://sourceforge.net/tracker/index.php?func=detail&aid=948103&group_id=8482&atid=108482 Sounds like it should have a security fix bump possibly.
Sorry Kurt, you're back in the game. Don't know, if I was too blind to find it or just missed the info by a few hours. Thanks Lance! :)
Fix is in 1.2.2, please bump. Target keywords : "x86 sparc ~amd64"
It installs ok with a simple copy of the ebuild to bump it, but it gives a warning about needing to be converted to use webapp.eclass instead of webapp-apache.eclass. I have not actually tested its functionality.
web-apps : please bump, otherwise we'll have to mask the package.
masking.
Tested 1.2.2, works on x86. Leaving arch-masked on sparc and amd64. Unmasked.
Reopening so that a GLSA can be issued. sparc: please mark net-www/moinmoin-1.2.2 stable.
Stable on sparc :)
GLSA-ready
GLSA drafted : security please review
glsa 200407-09
