Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 59338 - net-www/moinmoin-1.2.3 Fixes security issues
Summary: net-www/moinmoin-1.2.3 Fixes security issues
Status: RESOLVED DUPLICATE of bug 57913
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: High normal (vote)
Assignee: Gentoo Security
URL: http://www.securityfocus.com/bid/10805
Whiteboard: B3? [ ebuild ] jaervosz
Keywords:
Depends on:
Blocks:
 
Reported: 2004-08-03 23:19 UTC by Sune Kloppenborg Jeppesen (RETIRED)
Modified: 2011-10-30 22:38 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2004-08-03 23:19:36 UTC
From ChangeLog:

-ACL security fix for PageEditor, thanks to Dr. Pleger for reporting
-There was a bad, old bug that triggered if you did not use ACLs. In that
      case, moin used some simple (but wrong and incomplete) function to
      determine what a user (or bot) may do or may not do. The function is now
      fixed to allow only read and write to anon users, and only delete and
      revert to known users additionally - and disallow everything else.
Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2004-08-03 23:21:48 UTC
web-apps please bump to latest version.
Comment 2 Thierry Carrez (RETIRED) gentoo-dev 2004-08-04 00:33:29 UTC

*** This bug has been marked as a duplicate of 57913 ***