diff options
-rw-r--r-- | debian/changelog | 4 | ||||
-rw-r--r-- | doc/security.mdwn | 4 |
2 files changed, 6 insertions, 2 deletions
diff --git a/debian/changelog b/debian/changelog index befe1dda4..007842833 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -ikiwiki (1.13) UNRELEASED; urgency=low +ikiwiki (1.13) unstable; urgency=low * ikiwiki can now download and aggregate feeds with its new aggregate plugin, so it's possible to implement a Planet using ikiwiki! @@ -37,7 +37,7 @@ ikiwiki (1.13) UNRELEASED; urgency=low Closes: #380680 * Changes to index file encoding. - -- Joey Hess <joeyh@debian.org> Tue, 1 Aug 2006 16:00:58 -0400 + -- Joey Hess <joeyh@debian.org> Tue, 1 Aug 2006 21:21:19 -0400 ikiwiki (1.12) unstable; urgency=low diff --git a/doc/security.mdwn b/doc/security.mdwn index 4db756e2e..b3b5b6f3e 100644 --- a/doc/security.mdwn +++ b/doc/security.mdwn @@ -91,6 +91,10 @@ _(AKA, the assumptions that will be the root of most security holes...)_ Someone could add bad content to the wiki and hope to exploit ikiwiki. Note that ikiwiki runs with perl taint checks on, so this is unlikely. +One fun thing in ikiwiki is its handling of a PageSpec, which involves +translating it into perl and running the perl. Of course, this is done +*very* carefully to guard against injecting arbitrary perl code. + ## publishing cgi scripts ikiwiki does not allow cgi scripts to be published as part of the wiki. Or |