diff options
| author | joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071> | 2007-03-21 18:52:56 +0000 |
|---|---|---|
| committer | joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071> | 2007-03-21 18:52:56 +0000 |
| commit | c8b4ba354f82fbbcebbbfca65b40a047f9920525 (patch) | |
| tree | 6dd5bd85031e42da9a3c65d1c5c3f9bfacfdfcda /debian/changelog | |
| parent | 829d097dc52b6a8f50297406affc67fbc08dccb7 (diff) | |
* Fix a security hole that allowed insertion of unsafe content via the meta
plugins's support for inserting html link and meta tags. Now such content
is passed through the htmlscrubber like everything else.
* Unfortunatly, that means that some valid uses of those tags are no longer
usable, and special case methods needed to be added for including
stylesheets, and for doing openid delegation. If you use either of these
in your wiki, it will need to be modified. See the meta plugin docs
for details.
Diffstat (limited to 'debian/changelog')
| -rw-r--r-- | debian/changelog | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index 976143aee..42b23945a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,16 @@ +ikiwiki (1.47) UNRELEASED; urgency=low + + * Fix a security hole that allowed insertion of unsafe content via the meta + plugins's support for inserting html link and meta tags. Now such content + is passed through the htmlscrubber like everything else. + * Unfortunatly, that means that some valid uses of those tags are no longer + usable, and special case methods needed to be added for including + stylesheets, and for doing openid delegation. If you use either of these + in your wiki, it will need to be modified. See the meta plugin docs + for details. + + -- Joey Hess <joeyh@debian.org> Wed, 21 Mar 2007 14:05:00 -0400 + ikiwiki (1.46) unstable; urgency=low * Fix a bug with inlined create page links, including Discussion links on |