diff options
| -rw-r--r-- | IkiWiki/CGI.pm | 3 | ||||
| -rw-r--r-- | debian/changelog | 10 | ||||
| -rw-r--r-- | po/bg.po | 17 | ||||
| -rw-r--r-- | po/cs.po | 17 | ||||
| -rw-r--r-- | po/es.po | 17 | ||||
| -rw-r--r-- | po/fr.po | 17 | ||||
| -rw-r--r-- | po/gu.po | 17 | ||||
| -rw-r--r-- | po/ikiwiki.pot | 17 | ||||
| -rw-r--r-- | po/pl.po | 17 | ||||
| -rw-r--r-- | po/sv.po | 17 | ||||
| -rw-r--r-- | po/vi.po | 17 |
11 files changed, 110 insertions, 56 deletions
diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm index a8e610e2d..6c489df8d 100644 --- a/IkiWiki/CGI.pm +++ b/IkiWiki/CGI.pm @@ -323,6 +323,9 @@ sub cgi_editpage ($$) { #{{{ if (exists $pagesources{$page}) { $file=$pagesources{$page}; $type=pagetype($file); + if (! defined $type) { + error(sprintf(gettext("%s is not an editable page"), $page)); + } } else { $type=$form->param('type'); diff --git a/debian/changelog b/debian/changelog index d3ec481f8..13293d863 100644 --- a/debian/changelog +++ b/debian/changelog @@ -25,8 +25,14 @@ ikiwiki (1.42) UNRELEASED; urgency=low to be used as close to public domain as possible. * viewcvs is now viewvc (in Debian unstable), update everything to use the new name. - - -- Joey Hess <joeyh@debian.org> Fri, 9 Feb 2007 00:27:59 -0500 + * Fix a security hole that allowed a web user to edit images and other + non-page format files in the wiki. To exploit this, the file already had + to exist in the wiki, and the web user would need to somehow use the web + based editor to replace it with malicious content. + (Sorry Josh, this means you can't edit style.css directly anymore, + although I do appreciate your fixes, actually..) + + -- Joey Hess <joeyh@debian.org> Sat, 10 Feb 2007 15:09:51 -0500 ikiwiki (1.41) unstable; urgency=low @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: ikiwiki-bg\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2007-02-08 14:47-0500\n" +"POT-Creation-Date: 2007-02-10 15:26-0500\n" "PO-Revision-Date: 2007-01-12 01:19+0200\n" "Last-Translator: Damyan Ivanov <dam@modsodtsys.com>\n" "Language-Team: Bulgarian <dict@fsa-bg.org>\n" @@ -24,28 +24,33 @@ msgstr "Първо трябва да влезете." msgid "Preferences saved." msgstr "Предпочитанията са запазени." -#: ../IkiWiki/CGI.pm:412 ../IkiWiki/Plugin/brokenlinks.pm:24 +#: ../IkiWiki/CGI.pm:327 +#, perl-format +msgid "%s is not an editable page" +msgstr "" + +#: ../IkiWiki/CGI.pm:415 ../IkiWiki/Plugin/brokenlinks.pm:24 #: ../IkiWiki/Plugin/inline.pm:164 ../IkiWiki/Plugin/opendiscussion.pm:17 #: ../IkiWiki/Plugin/orphans.pm:28 ../IkiWiki/Render.pm:97 #: ../IkiWiki/Render.pm:165 msgid "discussion" msgstr "дискусия" -#: ../IkiWiki/CGI.pm:457 +#: ../IkiWiki/CGI.pm:460 #, perl-format msgid "creating %s" msgstr "създаване на %s" -#: ../IkiWiki/CGI.pm:474 ../IkiWiki/CGI.pm:517 +#: ../IkiWiki/CGI.pm:477 ../IkiWiki/CGI.pm:520 #, perl-format msgid "editing %s" msgstr "промяна на %s" -#: ../IkiWiki/CGI.pm:625 +#: ../IkiWiki/CGI.pm:628 msgid "You are banned." msgstr "Достъпът ви е забранен." -#: ../IkiWiki/CGI.pm:657 +#: ../IkiWiki/CGI.pm:660 msgid "login failed, perhaps you need to turn on cookies?" msgstr "" @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: ikiwiki\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2007-02-08 14:47-0500\n" +"POT-Creation-Date: 2007-02-10 15:26-0500\n" "PO-Revision-Date: 2007-01-07 11:59+0100\n" "Last-Translator: Miroslav Kure <kurem@debian.cz>\n" "Language-Team: Czech <debian-l10n-czech@lists.debian.org>\n" @@ -23,28 +23,33 @@ msgstr "Nejprve se musíte přihlásit." msgid "Preferences saved." msgstr "Nastavení uloženo." -#: ../IkiWiki/CGI.pm:412 ../IkiWiki/Plugin/brokenlinks.pm:24 +#: ../IkiWiki/CGI.pm:327 +#, perl-format +msgid "%s is not an editable page" +msgstr "" + +#: ../IkiWiki/CGI.pm:415 ../IkiWiki/Plugin/brokenlinks.pm:24 #: ../IkiWiki/Plugin/inline.pm:164 ../IkiWiki/Plugin/opendiscussion.pm:17 #: ../IkiWiki/Plugin/orphans.pm:28 ../IkiWiki/Render.pm:97 #: ../IkiWiki/Render.pm:165 msgid "discussion" msgstr "diskuse" -#: ../IkiWiki/CGI.pm:457 +#: ../IkiWiki/CGI.pm:460 #, perl-format msgid "creating %s" msgstr "vytvářím %s" -#: ../IkiWiki/CGI.pm:474 ../IkiWiki/CGI.pm:517 +#: ../IkiWiki/CGI.pm:477 ../IkiWiki/CGI.pm:520 #, perl-format msgid "editing %s" msgstr "upravuji %s" -#: ../IkiWiki/CGI.pm:625 +#: ../IkiWiki/CGI.pm:628 msgid "You are banned." msgstr "Jste vyhoštěni." -#: ../IkiWiki/CGI.pm:657 +#: ../IkiWiki/CGI.pm:660 msgid "login failed, perhaps you need to turn on cookies?" msgstr "" @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: ikiwiki\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2007-02-08 14:47-0500\n" +"POT-Creation-Date: 2007-02-10 15:26-0500\n" "PO-Revision-Date: 2007-01-03 09:37+0100\n" "Last-Translator: Víctor Moral <victor@taquiones.net>\n" "Language-Team: spanish <es@li.org>\n" @@ -24,28 +24,33 @@ msgstr "Antes es necesario identificarse" msgid "Preferences saved." msgstr "Las preferencias se han guardado." -#: ../IkiWiki/CGI.pm:412 ../IkiWiki/Plugin/brokenlinks.pm:24 +#: ../IkiWiki/CGI.pm:327 +#, perl-format +msgid "%s is not an editable page" +msgstr "" + +#: ../IkiWiki/CGI.pm:415 ../IkiWiki/Plugin/brokenlinks.pm:24 #: ../IkiWiki/Plugin/inline.pm:164 ../IkiWiki/Plugin/opendiscussion.pm:17 #: ../IkiWiki/Plugin/orphans.pm:28 ../IkiWiki/Render.pm:97 #: ../IkiWiki/Render.pm:165 msgid "discussion" msgstr "comentarios" -#: ../IkiWiki/CGI.pm:457 +#: ../IkiWiki/CGI.pm:460 #, perl-format msgid "creating %s" msgstr "creando página %s" -#: ../IkiWiki/CGI.pm:474 ../IkiWiki/CGI.pm:517 +#: ../IkiWiki/CGI.pm:477 ../IkiWiki/CGI.pm:520 #, perl-format msgid "editing %s" msgstr "modificando página %s" -#: ../IkiWiki/CGI.pm:625 +#: ../IkiWiki/CGI.pm:628 msgid "You are banned." msgstr "Ha sido expulsado." -#: ../IkiWiki/CGI.pm:657 +#: ../IkiWiki/CGI.pm:660 msgid "login failed, perhaps you need to turn on cookies?" msgstr "" @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: ikiwiki\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2007-02-08 14:47-0500\n" +"POT-Creation-Date: 2007-02-10 15:26-0500\n" "PO-Revision-Date: 2007-01-22 22:12+0100\n" "Last-Translator: Jean-Luc Coulon (f5ibh) <jean-luc.coulon@wanadoo.fr>\n" "Language-Team: French <debian-l10n-french@lists.debian.org>\n" @@ -25,28 +25,33 @@ msgstr "Vous devez d'abord vous identifier." msgid "Preferences saved." msgstr "Les préférences ont été enregistrées." -#: ../IkiWiki/CGI.pm:412 ../IkiWiki/Plugin/brokenlinks.pm:24 +#: ../IkiWiki/CGI.pm:327 +#, perl-format +msgid "%s is not an editable page" +msgstr "" + +#: ../IkiWiki/CGI.pm:415 ../IkiWiki/Plugin/brokenlinks.pm:24 #: ../IkiWiki/Plugin/inline.pm:164 ../IkiWiki/Plugin/opendiscussion.pm:17 #: ../IkiWiki/Plugin/orphans.pm:28 ../IkiWiki/Render.pm:97 #: ../IkiWiki/Render.pm:165 msgid "discussion" msgstr "Discussion" -#: ../IkiWiki/CGI.pm:457 +#: ../IkiWiki/CGI.pm:460 #, perl-format msgid "creating %s" msgstr "Création de %s" -#: ../IkiWiki/CGI.pm:474 ../IkiWiki/CGI.pm:517 +#: ../IkiWiki/CGI.pm:477 ../IkiWiki/CGI.pm:520 #, perl-format msgid "editing %s" msgstr "Édition de %s" -#: ../IkiWiki/CGI.pm:625 +#: ../IkiWiki/CGI.pm:628 msgid "You are banned." msgstr "Vous avez été banni." -#: ../IkiWiki/CGI.pm:657 +#: ../IkiWiki/CGI.pm:660 msgid "login failed, perhaps you need to turn on cookies?" msgstr "" "Échec de l'identification, vous devriez peut-être autoriser les cookies." @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: ikiwiki-gu\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2007-02-08 14:47-0500\n" +"POT-Creation-Date: 2007-02-10 15:26-0500\n" "PO-Revision-Date: 2007-01-11 16:05+0530\n" "Last-Translator: Kartik Mistry <kartik.mistry@gmail.com>\n" "Language-Team: Gujarati <team@utkarsh.org>\n" @@ -23,28 +23,33 @@ msgstr "તમારે પ્રથમ લોગ ઇન થવું પડશ msgid "Preferences saved." msgstr "પ્રાથમિકતાઓ સંગ્રહાઇ." -#: ../IkiWiki/CGI.pm:412 ../IkiWiki/Plugin/brokenlinks.pm:24 +#: ../IkiWiki/CGI.pm:327 +#, perl-format +msgid "%s is not an editable page" +msgstr "" + +#: ../IkiWiki/CGI.pm:415 ../IkiWiki/Plugin/brokenlinks.pm:24 #: ../IkiWiki/Plugin/inline.pm:164 ../IkiWiki/Plugin/opendiscussion.pm:17 #: ../IkiWiki/Plugin/orphans.pm:28 ../IkiWiki/Render.pm:97 #: ../IkiWiki/Render.pm:165 msgid "discussion" msgstr "ચર્ચા" -#: ../IkiWiki/CGI.pm:457 +#: ../IkiWiki/CGI.pm:460 #, perl-format msgid "creating %s" msgstr "%s બનાવે છે" -#: ../IkiWiki/CGI.pm:474 ../IkiWiki/CGI.pm:517 +#: ../IkiWiki/CGI.pm:477 ../IkiWiki/CGI.pm:520 #, perl-format msgid "editing %s" msgstr "%s સુધારે છે" -#: ../IkiWiki/CGI.pm:625 +#: ../IkiWiki/CGI.pm:628 msgid "You are banned." msgstr "તમારા પર પ્રતિબંધ છે." -#: ../IkiWiki/CGI.pm:657 +#: ../IkiWiki/CGI.pm:660 msgid "login failed, perhaps you need to turn on cookies?" msgstr "" diff --git a/po/ikiwiki.pot b/po/ikiwiki.pot index 296aab6db..9dfa1dc0c 100644 --- a/po/ikiwiki.pot +++ b/po/ikiwiki.pot @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2007-02-08 14:47-0500\n" +"POT-Creation-Date: 2007-02-10 15:26-0500\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" @@ -24,28 +24,33 @@ msgstr "" msgid "Preferences saved." msgstr "" -#: ../IkiWiki/CGI.pm:412 ../IkiWiki/Plugin/brokenlinks.pm:24 +#: ../IkiWiki/CGI.pm:327 +#, perl-format +msgid "%s is not an editable page" +msgstr "" + +#: ../IkiWiki/CGI.pm:415 ../IkiWiki/Plugin/brokenlinks.pm:24 #: ../IkiWiki/Plugin/inline.pm:164 ../IkiWiki/Plugin/opendiscussion.pm:17 #: ../IkiWiki/Plugin/orphans.pm:28 ../IkiWiki/Render.pm:97 #: ../IkiWiki/Render.pm:165 msgid "discussion" msgstr "" -#: ../IkiWiki/CGI.pm:457 +#: ../IkiWiki/CGI.pm:460 #, perl-format msgid "creating %s" msgstr "" -#: ../IkiWiki/CGI.pm:474 ../IkiWiki/CGI.pm:517 +#: ../IkiWiki/CGI.pm:477 ../IkiWiki/CGI.pm:520 #, perl-format msgid "editing %s" msgstr "" -#: ../IkiWiki/CGI.pm:625 +#: ../IkiWiki/CGI.pm:628 msgid "You are banned." msgstr "" -#: ../IkiWiki/CGI.pm:657 +#: ../IkiWiki/CGI.pm:660 msgid "login failed, perhaps you need to turn on cookies?" msgstr "" @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: ikiwiki 1.37\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2007-02-08 14:47-0500\n" +"POT-Creation-Date: 2007-02-10 15:26-0500\n" "PO-Revision-Date: 2007-01-05 16:33+100\n" "Last-Translator: Paweł Tęcza <ptecza@net.icm.edu.pl>\n" "Language-Team: Debian L10n Polish <debian-l10n-polish@lists.debian.org>\n" @@ -24,28 +24,33 @@ msgstr "Konieczne jest zalogowanie się." msgid "Preferences saved." msgstr "Ustawienia zostały zapisane." -#: ../IkiWiki/CGI.pm:412 ../IkiWiki/Plugin/brokenlinks.pm:24 +#: ../IkiWiki/CGI.pm:327 +#, perl-format +msgid "%s is not an editable page" +msgstr "" + +#: ../IkiWiki/CGI.pm:415 ../IkiWiki/Plugin/brokenlinks.pm:24 #: ../IkiWiki/Plugin/inline.pm:164 ../IkiWiki/Plugin/opendiscussion.pm:17 #: ../IkiWiki/Plugin/orphans.pm:28 ../IkiWiki/Render.pm:97 #: ../IkiWiki/Render.pm:165 msgid "discussion" msgstr "dyskusja" -#: ../IkiWiki/CGI.pm:457 +#: ../IkiWiki/CGI.pm:460 #, perl-format msgid "creating %s" msgstr "tworzenie strony %s" -#: ../IkiWiki/CGI.pm:474 ../IkiWiki/CGI.pm:517 +#: ../IkiWiki/CGI.pm:477 ../IkiWiki/CGI.pm:520 #, perl-format msgid "editing %s" msgstr "edycja strony %s" -#: ../IkiWiki/CGI.pm:625 +#: ../IkiWiki/CGI.pm:628 msgid "You are banned." msgstr "Dostęp został zabroniony przez administratora." -#: ../IkiWiki/CGI.pm:657 +#: ../IkiWiki/CGI.pm:660 msgid "login failed, perhaps you need to turn on cookies?" msgstr "" @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: ikiwiki\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2007-02-08 14:47-0500\n" +"POT-Creation-Date: 2007-02-10 15:26-0500\n" "PO-Revision-Date: 2007-01-10 23:47+0100\n" "Last-Translator: Daniel Nylander <po@danielnylander.se>\n" "Language-Team: Swedish <tp-sv@listor.tp-sv.se>\n" @@ -23,28 +23,33 @@ msgstr "Du måste logga in först." msgid "Preferences saved." msgstr "Inställningar sparades." -#: ../IkiWiki/CGI.pm:412 ../IkiWiki/Plugin/brokenlinks.pm:24 +#: ../IkiWiki/CGI.pm:327 +#, perl-format +msgid "%s is not an editable page" +msgstr "" + +#: ../IkiWiki/CGI.pm:415 ../IkiWiki/Plugin/brokenlinks.pm:24 #: ../IkiWiki/Plugin/inline.pm:164 ../IkiWiki/Plugin/opendiscussion.pm:17 #: ../IkiWiki/Plugin/orphans.pm:28 ../IkiWiki/Render.pm:97 #: ../IkiWiki/Render.pm:165 msgid "discussion" msgstr "diskussion" -#: ../IkiWiki/CGI.pm:457 +#: ../IkiWiki/CGI.pm:460 #, perl-format msgid "creating %s" msgstr "skapar %s" -#: ../IkiWiki/CGI.pm:474 ../IkiWiki/CGI.pm:517 +#: ../IkiWiki/CGI.pm:477 ../IkiWiki/CGI.pm:520 #, perl-format msgid "editing %s" msgstr "redigerar %s" -#: ../IkiWiki/CGI.pm:625 +#: ../IkiWiki/CGI.pm:628 msgid "You are banned." msgstr "Du är bannlyst." -#: ../IkiWiki/CGI.pm:657 +#: ../IkiWiki/CGI.pm:660 msgid "login failed, perhaps you need to turn on cookies?" msgstr "" @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: ikiwiki\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2007-02-08 14:47-0500\n" +"POT-Creation-Date: 2007-02-10 15:26-0500\n" "PO-Revision-Date: 2007-01-13 15:31+1030\n" "Last-Translator: Clytie Siddall <clytie@riverland.net.au>\n" "Language-Team: Vietnamese <vi-VN@googlegroups.com>\n" @@ -24,28 +24,33 @@ msgstr "Trước tiên bạn cần phải đăng nhập." msgid "Preferences saved." msgstr "Tùy thích đã được lưu." -#: ../IkiWiki/CGI.pm:412 ../IkiWiki/Plugin/brokenlinks.pm:24 +#: ../IkiWiki/CGI.pm:327 +#, perl-format +msgid "%s is not an editable page" +msgstr "" + +#: ../IkiWiki/CGI.pm:415 ../IkiWiki/Plugin/brokenlinks.pm:24 #: ../IkiWiki/Plugin/inline.pm:164 ../IkiWiki/Plugin/opendiscussion.pm:17 #: ../IkiWiki/Plugin/orphans.pm:28 ../IkiWiki/Render.pm:97 #: ../IkiWiki/Render.pm:165 msgid "discussion" msgstr "thảo luận" -#: ../IkiWiki/CGI.pm:457 +#: ../IkiWiki/CGI.pm:460 #, perl-format msgid "creating %s" msgstr "đang tạo %s" -#: ../IkiWiki/CGI.pm:474 ../IkiWiki/CGI.pm:517 +#: ../IkiWiki/CGI.pm:477 ../IkiWiki/CGI.pm:520 #, perl-format msgid "editing %s" msgstr "đang sửa %s" -#: ../IkiWiki/CGI.pm:625 +#: ../IkiWiki/CGI.pm:628 msgid "You are banned." msgstr "Bạn bị cấm ra." -#: ../IkiWiki/CGI.pm:657 +#: ../IkiWiki/CGI.pm:660 msgid "login failed, perhaps you need to turn on cookies?" msgstr "" |