Reporting Security Issues

If you have a security issue to report or even a security fix to propose, please contact ThomasWaldmann.

Security Fix Announcements

This page is intended for moin package maintainers, moin distributors (see also our Advisory for Distributors) and users interested in receiving security fix notifications.

(!) If you want to receive such notifications via email, just create a user account and subscribe to this page. You will receive an email as soon as someone updates this page.

For each version listed here, we will list important and rather current issues that got fixed after that release. See the page Security Fixes Installation for information on how to apply the fixes.

If this page gets too long over time, we will remove old version information (you can use info action to access this page's history) - if you are interested in security, you should not run stone-age software.

moin 1.9.11

moin 1.9.10

moin 1.9.9

moin 1.9.8

Fixes issues found in 1.9.7.

moin 1.9.7

moin 1.9.6

moin 1.9.5

Fixes security issues of 1.9.4.

moin 1.9.4

Fixes security issues of 1.9.3.

moin 1.9.3

Fixes security issues of 1.9.2.

moin 1.9.2

Fixes security issues of moin 1.9.1:

moin 1.9.1

moin 1.9.0

moin versions < 1.9.x

MoinMoin versions older than 1.9.x are not maintained by MoinMoin developers any more.

Thus, they have to be considered vulnerable (except if you specifically know that someone else is really caring for security maintenance).

If you still run an old moin, you should upgrade to 1.9.<latest>.

See the docs folder in the moin download archive for upgrade instructions. If you have troubles while upgrading, don't give up, just contact us for Support.

Note: running moin 1.9.x will also be a requirement for upgrading to moin 2 (after it is released).

MoinMoin: SecurityFixes (last edited 2020-11-08 18:14:55 by ThomasWaldmann)