Path to this page:
Subject: CVS commit: [pkgsrc-2010Q2] pkgsrc/www/py-moin
From: Matthias Scheler
Date: 2010-07-10 14:07:35
Message id: 20100710120735.E5820175DD@cvs.netbsd.org
Log Message:
Pullup ticket #3160 - requested by obache
www/py-moin: security update
Revisions pulled up:
- www/py-moin/Makefile 1.14
- www/py-moin/PLIST 1.7
- www/py-moin/distinfo 1.6
---
Module Name: pkgsrc
Committed By: obache
Date: Fri Jul 9 11:38:36 UTC 2010
Modified Files:
pkgsrc/www/py-moin: Makefile PLIST distinfo
Log Message:
Update py-moin to 1.9.3.
PR#43524 by Wen Heping.
Known main issues:
* The GUI WYSIWYG editor has still some issues and limitations.
If you can't live with those, you can simply switch it off by using:
editor_force = True
editor_default = 'text' # internal default, just for completeness
Version 1.9.3:
Fixes:
* Fix XSS in Despam action (CVE-2010-0828).
* Fix XSS issues (see MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg):
* by escaping template name in messages
* by fixing other places that had similar issues
* Make moin compatible to werkzeug 0.5 .. 0.6.2 (1.9.2 had issues
with xmlrpc when used with werkzeug 0.6.x).
* MoinMoin.util.filesys: disable usage of dircache, deprecate dc* functions,
because the dircache stdlib module can't work correctly for fast updates of
directories.
* rss_rc and sisterpages actions: fix Content-Type header (mimetype)
* Fix associating OpenID identity with user, wasn't adapted to werkzeug yet.
* openidrp auth: fix undefined _ (gettext)
* Fix auth.cas and userprefs.oidserv request object usage.
* highlight parser: fixed MoinMoinBugs/LineNumberSpansForProcessInstructionsMissed
* Pygments syntax highlighting: add missing code files
* Notifications: use same email subject format for every notification
* Fix docbook formatter crashing, see \
MoinMoinPatch/IncludeMacroWithDocBookFormatter
* Fix regex content search for xapian search.
* Get rid of the empty line at the end of code highlights.
* GUI editor: compute editor height like the text editor does.
* Added help texts for: standalone server and moin migration.
* script.maint.cleancache: clean also i18n cache files
* Improved formatter.text_plain, see FeatureRequests/TextPlainFormatterRewrite
(fixes many issues of this formatter).
* text_html_text_moin_wiki: fixed index error for width="", see also:
MoinMoinBugs/GUI_convertor_list_index_out_of_range
* xmlrpc: disable editor backup for putPage, renamePage and revertPage
because if pages get uploaded by xmlrpc then the draft cache file can
rapidly increase in size, causing high memory usage because it needs to
get loaded into memory for updating/processing.
* Emit Content-Type header (with charset) for SlideShow action and many other
actions that just call send_title().
* ActionBase: better compatibility to moin 1.8, use request.values by
default, optionally use request.form data only
New features:
* RenamePage action: added ability to create redirect pages when renaming
(turned off by default, see show_rename_redirect config option).
* formatter/text_html: Added line number links to code blocks.
* diff action:
* Fixed whitespace in generated (html) diff view table so white-space: pre
can be used (and whitespace in diffs preserved).
* Added links to first/last revision.
* MoinMoin.widget.browser: introduced feature for sorting tables, see:
http://moinmo.in/FeatureRequests/SortableTables
* SystemAdmin user and attachment browsers: sorting feature used there now
* Scrolling the text editor to the double clicked line.
* Enable double-click-editing by default.
* WikiConfigHelp macro: make heading and description display optional,
heading level as a parameter (default 2)
* If edit ticket check fails, send the editor with the current content.
* moin import wikipage - use this script to import local files as a wiki page
Other changes:
* upgraded pygments from 1.2.2 to 1.3.1
* upgraded FCKeditor from 2.6.4.1 to 2.6.6
* added configuration snippet for ldap authentication against 2 servers
* improved script help output
Files: