USN-4629-1: MoinMoin vulnerabilities

11 November 2020

Several security issues were fixed in MoinMoin.

Releases

Packages

  • moin - Collaborative hypertext environment

Details

Michael Chapman discovered that MoinMoin incorrectly handled certain cache actions.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2020-25074)

Catarina Leite discovered that MoinMoin incorrectly handled certain SVG files.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2020-15275)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04
Ubuntu 16.04

In general, a standard system update will make all the necessary changes.