diff options
| author | Joey Hess <joey@kitenet.net> | 2011-03-28 19:10:08 -0400 |
|---|---|---|
| committer | Joey Hess <joey@kitenet.net> | 2011-03-28 19:10:08 -0400 |
| commit | 0204dabccfafd89b1e98a33fc5165e8f0e4e0927 (patch) | |
| tree | 45a44052e0db2aa2b0695ac0d028426efaa674cc | |
| parent | 116672d7d72d8181607f69ad22ad8bd0bb9d8348 (diff) | |
CVE assigned
| -rw-r--r-- | debian/changelog | 2 | ||||
| -rw-r--r-- | doc/security.mdwn | 1 |
2 files changed, 2 insertions, 1 deletions
diff --git a/debian/changelog b/debian/changelog index 1f73523a4..db6f95f43 100644 --- a/debian/changelog +++ b/debian/changelog @@ -14,7 +14,7 @@ ikiwiki (3.20110328) unstable; urgency=low * comment: Better fix to avoid showing comments of subpages, while not breaking manual inlining of comments. * meta: Security fix; don't allow alternative stylesheets to be added - on pages where the htmlscrubber is enabled. + on pages where the htmlscrubber is enabled. CVE-2011-1401 -- Joey Hess <joeyh@debian.org> Mon, 28 Mar 2011 12:23:26 -0400 diff --git a/doc/security.mdwn b/doc/security.mdwn index 916bd0484..353854656 100644 --- a/doc/security.mdwn +++ b/doc/security.mdwn @@ -473,3 +473,4 @@ page as an alternate stylesheet, or replacing the default stylesheet. This hole was discovered on 28 Mar 2011 and fixed the same hour with the release of ikiwiki 3.20110328. An upgrade is recommended for sites that have untrusted committers, or have the attachments plugin enabled. +([[!cve CVE-2011-1401]]) |