Fixed 462038 1.5.3-1.2etch1 thanks Hello,
The two bugs described in this mail were fixed 1.5.3-1.2etch1 > Hi, two issues A Cookie injection[1] and XSS[2] > > 1.http://hg.moinmo.in/moin/1.5/rev/e69a16b6e630 This patch was applied in 1.5.3-1.2etch1 (Closes: 462984) With patch : moin-1.5.3/debian/patches/014_CVE-2008-0782_cookie_directory_traversal.patch >... > - self.id = id > + self.id = self.id_sanitycheck(id) >... > 2.http://hg.moinmo.in/moin/1.5/rev/2f952fa361c7 This patch was applied in 1.5.3-1.2etch1 With patch : moin-1.5.3/debian/patches/018_CVE-2008-780_login_XSS.patch >... > -space between words. Group page name is not allowed.""") % name > +space between words. Group page name is not allowed.""") % > wikiutil.escape(name) >... Therefore I assume the bug can be closed. Franklin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]