Debian Security Advisory DSA 2593-1 (moin - several vulnerabilities)

Summary
It was discovered that missing input validation in the twikidraw and anywikidraw actions can result in the execution of arbitrary code. This security issue is being actively exploited. This update also addresses path traversal in AttachFile.
Solution
For the stable distribution (squeeze), this problem has been fixed in version 1.9.3-1+squeeze4. For the unstable distribution (sid), this problem has been fixed in version 1.9.5-4. We recommend that you upgrade your moin packages.
Insight
A WikiWikiWeb is a collaborative hypertext environment, with an emphasis on easy access to and modification of information. MoinMoin is a Python WikiClone that allows you to easily set up your own wiki, only requiring a Web server and a Python installation.
Affected
moin on Debian Linux
Detection
This check tests the installed software version using the apt package manager.
References