Your submission was sent successfully! Close

CVE-2010-0668

Published: 26 February 2010

Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser list, the xmlrpc action enabled, the SyncPages action enabled, or OpenID configured.

Priority

Medium

Status

Package Release Status
moin
Launchpad, Ubuntu, Debian
dapper
Released (1.5.2-1ubuntu2.5)
hardy
Released (1.5.8-5.1ubuntu2.3)
intrepid
Released (1.7.1-1ubuntu1.3)
jaunty
Released (1.8.2-2ubuntu2.2)
karmic
Released (1.8.4-1ubuntu1.1)
upstream
Released (1.8.7, 1.9.2-1)

Notes

AuthorNote
jdstrand
upstream plans to backport to 1.7 and 1.8 only. Patches for 8.04 LTS
and 6.06 LTS need a lot of work since the 1.7 patches don't apply.

References