MoinMoin: Multiple vulnerabilities

2012-10-18T00:00:00
ID GLSA-201210-02
Type gentoo
Reporter Gentoo Foundation
Modified 2012-10-18T00:00:00

Description

Background

MoinMoin is a Python WikiEngine.

Description

Multiple vulnerabilities have been discovered in MoinMoin. Please review the CVE identifiers referenced below for details.

Impact

These vulnerabilities in MoinMoin allow remote users to inject arbitrary web script or HTML, to obtain sensitive information and to bypass the textcha protection mechanism. There are several other unknown impacts and attack vectors.

Workaround

There is no known workaround at this time.

Resolution

All MoinMoin users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=www-apps/moinmoin-1.9.4"