comparison docs/CHANGES @ 5578:d7a546ed1596

updated docs/CHANGES
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Tue, 23 Feb 2010 21:36:58 +0100
parents 19cd37af7e99
children 090327e92862
comparison
equal deleted inserted replaced
5577:092ce221f03a 5578:d7a546ed1596
14 * The GUI WYSIWYG editor has still some issues and limitations. 14 * The GUI WYSIWYG editor has still some issues and limitations.
15 If you can't live with those, you can simply switch it off by using: 15 If you can't live with those, you can simply switch it off by using:
16 editor_force = True 16 editor_force = True
17 editor_default = 'text' # internal default, just for completeness 17 editor_default = 'text' # internal default, just for completeness
18 18
19 Version 1.9.current: 19 Version 1.9.2:
20 Bug fixes: 20 Fixes:
21 * Fix CVE-2010-0668: major security issues were discovered in misc. parts
22 of moin.
23 HINT: if you have removed superuser configuration to workaround the issue
24 (following our security advisory), you may re-add it after installing this
25 moin release. If you don't need superuser capabilities often, it might be
26 wise to not have superusers configured all the time, though.
27 * Fix CVE-2010-0669: potential security issue due to incomplete user profile
28 input sanitizing.
29 * Improved package security: cfg.packagepages_actions_excluded excludes
30 unsafe or otherwise questionable package actions by default now.
31 * wiki parser: fixed transclusion of (e.g. video) attachments from other
32 pages.
33 * Fixed edit locking for non-logged in editors and cfg.log_remote_addr=False.
34 * mailimport: fix missing wikiutil import for normalize_pagename
35 * SubProcess: fix "timeout" AttributeError
36 * "standalone" wikiserver.py: fixed calling non-existing os.getuid on win32
37 * HTTPAuth deprecation warning moved from class level to __init__
38 * Fixed MoinMoinBugs/1.9DiffActionThrowsException.
39 * Fixed misc. session related problems, avoid unneccessary session file
40 updates
41 * Fix/improve rename-related problems on Win32 (depending on Windows version).
42 * Fixed spider / user agent detection.
43 * Make sure to use language_default when language_ignore_browser is set.
44 * diff action: fix for case when user can't revert page.
45 * Fix trail size (was off by one).
46 * Updated bundled flup middleware (upstream repo checkout), avoids
47 socket.fromfd AttributeError on win32 if cgi is forced, gives helpful
48 exception msg.
49 * wikiutil: Fixed required_arg handling (no exception when trying to raise
50 exception that choice is wrong).
51 * Do not use MoinMoin.support.* to import 3rd party code, give dist packages
52 a chance.
53 * wikiutil.clean_input: avoid crash if it gets str type
21 54
22 New features: 55 New features:
23 * info action: added pagination ability to revision history viewer. 56 * info action: added pagination ability to revision history viewer.
24 http://hg.moinmo.in/moin/1.9/rev/b23b1d2b1391 57 * ldap_login auth: add report_invalid_credentials param to control wrong
58 credentials error message (this is typically used when using multiple
59 ldap authenticators).
60 * Add RenderAsDocbook to actions_excluded if we have no python-xml.
61 * Upgraded pygments to 1.2.2 (some fixes, some new lexers).
25 62
26 Other changes: 63 Other changes:
64 * New docs/REQUIREMENTS.
65 * Added a less magic cgi/fcgi driver (moin.fcgi), added fixer middleware
66 for apache2/win32 to it.
67
27 68
28 Version 1.9.1: 69 Version 1.9.1:
29 Bug fixes: 70 Bug fixes:
30 * Fixed sys.argv security issue. 71 * Fixed sys.argv security issue.
31 * Fixed FileSessionService - use session_dir from CURRENT request.cfg (it 72 * Fixed FileSessionService - use session_dir from CURRENT request.cfg (it