wiki.python.org compromised

Posted Jan 8, 2013 21:30 UTC (Tue) by amarao (guest, #87073)
Parent article: wiki.python.org compromised

Moin-moin's wikis list: http://moinmo.in/MoinMoinWikis.

Most of them are alive. And list is pretty serious: Apache, Ubuntu, Mercurial, Baazar, CAcert.org, WireShark, Squid, CouchDB, SpamAssasin, Gnome Live, Wine, X.org, GRUB, CentOS, Arch, FreeBSD, OpenWRT, freedesktop.org, GCC...

wiki.python.org compromised

Posted Jan 8, 2013 22:30 UTC (Tue) by pboddie (guest, #50784) [Link]

As far as I know (and can tell), MoinMoin 1.8 is not affected by the two most serious vulnerabilities recently announced, with the vulnerability presumably involved in this case involving functionality not provided with Moin 1.8 at all, although I haven't looked at the code that one might use if one wanted this functionality on Moin 1.8 and installed it oneself.

Not that this helps anyone who migrated to Moin 1.9, of course, but those of us who drag our feet and belatedly upgrade only when necessary may still be running Moin 1.8 despite it now being more or less at the end of its support lifecycle.