# HG changeset patch # User Thomas Waldmann # Date 1275755293 -7200 # Node ID 80fb5c4ed1690942940dd9932b7e38f7d24bc776 # Parent b3ef42861733d5d9533032dc2c300e7a42c0f99a# Parent 6ae9c998cd3d204155a795dd4848ee8e1ab27f4f merge moin/1.8 diff -r b3ef42861733 -r 80fb5c4ed169 MoinMoin/script/migration/1080700.py --- a/MoinMoin/script/migration/1080700.py Sat Jun 05 18:07:41 2010 +0200 +++ b/MoinMoin/script/migration/1080700.py Sat Jun 05 18:28:13 2010 +0200 @@ -9,5 +9,5 @@ """ def execute(script, data_dir, rev): - return 1089999 + return 1080800 diff -r b3ef42861733 -r 80fb5c4ed169 MoinMoin/script/migration/1080800.py --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/MoinMoin/script/migration/1080800.py Sat Jun 05 18:28:13 2010 +0200 @@ -0,0 +1,13 @@ +# -*- coding: iso-8859-1 -*- +""" + MoinMoin - migration from base rev 1080800 + + Nothing to do, we just return the new data dir revision. + + @copyright: 2010 by Thomas Waldmann + @license: GNU GPL, see COPYING for details. +""" + +def execute(script, data_dir, rev): + return 1089999 + diff -r b3ef42861733 -r 80fb5c4ed169 docs/CHANGES --- a/docs/CHANGES Sat Jun 05 18:07:41 2010 +0200 +++ b/docs/CHANGES Sat Jun 05 18:28:13 2010 +0200 @@ -454,6 +454,26 @@ to WSGI refactoring) - please use macro.request.{args,form,values} +Version 1.8.8: + Fixes: + * Fixed XSS issues (see MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg). + * Fixed XSS in Despam action (CVE-2010-0828). + * wikiutil.clean_input: avoid crash if it gets str type + * Add RenderAsDocbook to actions_excluded if we have no python-xml + * AttachFile._build_filelist: verifies readonly flag for unzip file link + * attachUrl: fix wrongly generated tickets (e.g. for AttachList macro) + * MoinMoin.util.filesys.dc* (dircache can't work reliably): + * disable usage of dircache, deprecate dc* functions + * remove all calls to filesys.dc* (dclistdir, dcdisable) + * Fixed crash, see MoinMoinPatch/IncludeMacroWithDocBookFormatter + * Avoid hardly recoverable crashes if #format specification is invalid + + New features: + * auth.ldap_login: add report_invalid_credentials param to control wrong + credentials error message (typically used when using multiple ldap + authenticators) + + Version 1.8.7: Fixes: * Fixed major security issues in miscellaneous parts of moin.