diff options
author | Joey Hess <joey@kitenet.net> | 2007-11-26 15:31:16 -0500 |
---|---|---|
committer | Joey Hess <joey@kitenet.net> | 2007-11-26 15:31:16 -0500 |
commit | acf52a637380f21c355cab21c2b18992d48f7d4f (patch) | |
tree | af700ea2107c6d5bbec8dc7135d4fdcc448bee0c /doc/news | |
parent | e15e3202eb04048feb302b39d946f1ae1a15c306 (diff) |
add news item for ikiwiki 2.14
Diffstat (limited to 'doc/news')
-rw-r--r-- | doc/news/version_2.14.mdwn | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/doc/news/version_2.14.mdwn b/doc/news/version_2.14.mdwn new file mode 100644 index 000000000..aa7ab894f --- /dev/null +++ b/doc/news/version_2.14.mdwn @@ -0,0 +1,17 @@ +News for ikiwiki 2.14: + + This version of ikiwiki is more picky about symlinks in the path leading + to the srcdir, and will refuse to use a srcdir specified by such a path. + This was necessary to avoid some potential exploits, but could potentially + break (semi-)working wikis. If your wiki has a srcdir path containing a + symlink, you should change it to use a path that does not. + +ikiwiki 2.14 released with [[toggle text="these changes"]] +[[toggleable text=""" + * Let CC be used to control what compiler is used to build wrappers. + * Use 'cc' instead of gcc as the default compiler. + * Security fix: Ensure that there are no symlinks anywhere in the path + to the top of the srcdir. In certian unusual configurations, an attacker + who could commit to one of the parent directories of the srcdir could + use a symlink attack to cause ikiwiki to publish files elsewhere in the + filesystem. More details at <http://ikiwiki.info/security/#index29h2>"""]]
\ No newline at end of file |