Changelog for 1.6.1 lists this:
- XSS fixes
They're not more specific and there seems to be no cve yet, anyway it's a security issue.
" * Fix XSS issue in login action."
1.6.1 in webapps overlay (using distutils as it should in the first place now) in case someone needs it urgently. :)
web-apps, please bump 1.6.1 into the tree.
moinmoin-1.6.1 is in the tree.
amd64 ppc sparc x86
Thanks for the ebuild. Nice work!
(In reply to comment #4)
> moinmoin-1.6.1 is in the tree.
> amd64 ppc sparc x86
> Thanks for the ebuild. Nice work!
Fixed in release snapshot.
This one is ready for GLSA vote. I vote NO.
I would raise the severity level on this bug, for CVE-2008-0782:
Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows
remote attackers to overwrite arbitrary files via ".." sequences in the
MOIN_ID user ID in a cookie for a userform action. NOTE: this issue can
be leveraged for PHP code execution via the quicklinks parameter.
Removed vulnerable version. webapps done.
voting NO too, and closing.
Actually I missed rbu's comment. reverting my vote to YES, and request filed.
Raising severity to C1 ie remote code execution with non standard config. Is that correct?
(In reply to comment #16)
> Raising severity to C1 ie remote code execution with non standard config. Is
> that correct?
We should research this first, but I asusme this is fixes in the most recent update, too. Hanno, can you help here?
Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.5.8 and
earlier allow remote attackers to inject arbitrary web script or HTML via (1)
certain input processed by formatter/text_gedit.py (aka the gui editor
formatter); (2) a page name, which triggers an injection in PageEditor.py
when the page is successfully deleted by a victim in a DeletePage action; or
(3) the destination page name for a RenamePage action, which triggers an
injection in PageEditor.py when a victim's rename attempt fails because of a
duplicate name. NOTE: the AttachFile XSS issue is already covered by
CVE-2008-0781, and the login XSS issue is already covered by CVE-2008-0780.
_macro_Getval in wikimacro.py in MoinMoin 1.5.8 and earlier does not properly
enforce ACLs, which allows remote attackers to read protected pages.