Log Message:
Update moin to 1.9.11.

Version 1.9.11 (2020-11-08)

  SECURITY HINT: make sure you have allow_xslt = False (or just do not use
  allow_xslt at all in your wiki configs, False is the internal default).
  Allowing XSLT/4suite is very dangerous, see HelpOnConfiguration wiki page.

  Fixes:
  * security fix for CVE-2020-25074:
    fix remote code execution via cache action
    changeset with fix: d1e5fc7d
  * security fix for CVE-2020-15275:
    fix malicious SVG attachment causing stored XSS vulnerability
    changeset with fix: 64e16037
  * make setup.py and .cfg ascii-only, #40
  * fix SubProcess' os.setsid usage, #44
  * fix interwiki test fails that crept into 1.9.10 release
  * highlight parser: use language as code_type rather than "highlight"
  * catch indexer error for too long names, #57
  * improved indexer logging so logging never crashes due to
    encoding issues for non-ascii page or attachment names.
  * fix mailheader parsing, add tests for mailimport, #53
  * workaround werkzeug errors='fallback:...' regression, #37
  * mailimport: fix AttributeError, #55
  * surge protection / hosts_deny: fix broken html, #60

  Other changes:
  * upgrade werkzeug 0.14.1 -> 1.0.1, adapt imports
    HINT: if you use the ProxyFix code, the required import has changed to:
          from werkzeug.middleware.proxy_fix import ProxyFix
  * add secure-cookie 0.1.0 (code was formerly part of werkzeug.contrib), adapt \ 
imports
  * update pygments 2.1.3 -> 2.5.2
  * update passlib 1.7.1 -> 1.7.2
  * update parsedatetime 2.4 -> 2.6