public inbox for overseers@sourceware.org
 help / color / mirror / Atom feed
* MoinMoin vulnerability fix on sourceware
@ 2013-01-14 15:46 Siddhesh Poyarekar
  2013-02-01 14:33 ` Jonathan Larmour
  0 siblings, 1 reply; 3+ messages in thread
From: Siddhesh Poyarekar @ 2013-01-14 15:46 UTC (permalink / raw)
  To: overseers

Hi,

A few days ago wiki.python.org was compromised using a vulnerability
in moinmoin[1][2].  A fix was released as v1.9.6 of MoinMoin.  Is our
instance is updated?

Thanks,
Siddhesh

[1] http://mail.python.org/pipermail/python-dev/2013-January/123499.html
[2] http://moinmo.in/SecurityFixes

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: MoinMoin vulnerability fix on sourceware
  2013-01-14 15:46 MoinMoin vulnerability fix on sourceware Siddhesh Poyarekar
@ 2013-02-01 14:33 ` Jonathan Larmour
  2013-02-01 15:21   ` Daniel Berlin
  0 siblings, 1 reply; 3+ messages in thread
From: Jonathan Larmour @ 2013-02-01 14:33 UTC (permalink / raw)
  To: overseers

Can I just highlight the below message again for whoever knows about the
MoinMoin installation on sourceware? A security vulnerability sounds worth
investigation.

Jifl

On 14/01/13 15:47, Siddhesh Poyarekar wrote:
> Hi,
> 
> A few days ago wiki.python.org was compromised using a vulnerability
> in moinmoin[1][2].  A fix was released as v1.9.6 of MoinMoin.  Is our
> instance is updated?
> 
> Thanks,
> Siddhesh
> 
> [1] http://mail.python.org/pipermail/python-dev/2013-January/123499.html
> [2] http://moinmo.in/SecurityFixes
> 

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: MoinMoin vulnerability fix on sourceware
  2013-02-01 14:33 ` Jonathan Larmour
@ 2013-02-01 15:21   ` Daniel Berlin
  0 siblings, 0 replies; 3+ messages in thread
From: Daniel Berlin @ 2013-02-01 15:21 UTC (permalink / raw)
  To: Jonathan Larmour; +Cc: overseers

I put the original moinmoin instance on sourceware. It has not been updated.
I don't know if i even have the access on sourceware to do so anymore.

Moin moin was fairly easy to upgrade, however.

http://moinmo.in/MoinMoinDownload has how to guides for each version.



On Fri, Feb 1, 2013 at 9:33 AM, Jonathan Larmour <jifl@jifvik.org> wrote:
> Can I just highlight the below message again for whoever knows about the
> MoinMoin installation on sourceware? A security vulnerability sounds worth
> investigation.
>
> Jifl
>
> On 14/01/13 15:47, Siddhesh Poyarekar wrote:
>> Hi,
>>
>> A few days ago wiki.python.org was compromised using a vulnerability
>> in moinmoin[1][2].  A fix was released as v1.9.6 of MoinMoin.  Is our
>> instance is updated?
>>
>> Thanks,
>> Siddhesh
>>
>> [1] http://mail.python.org/pipermail/python-dev/2013-January/123499.html
>> [2] http://moinmo.in/SecurityFixes
>>
>

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2013-02-01 15:21 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-01-14 15:46 MoinMoin vulnerability fix on sourceware Siddhesh Poyarekar
2013-02-01 14:33 ` Jonathan Larmour
2013-02-01 15:21   ` Daniel Berlin

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).