diff options
-rw-r--r-- | debian/NEWS | 2 | ||||
-rw-r--r-- | debian/changelog | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/debian/NEWS b/debian/NEWS index 086798750..878489547 100644 --- a/debian/NEWS +++ b/debian/NEWS @@ -1,4 +1,4 @@ -ikiwiki (2.48) unstable; urgency=low +ikiwiki (2.48) unstable; urgency=high If you allowed password based logins to your wiki, those passwords were stored in cleartext in the userdb. To guard against exposing users' diff --git a/debian/changelog b/debian/changelog index 32d423ad4..0edd2ab33 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,8 @@ -ikikiwiki (2.48) unstable; urgency=high +ikiwiki (2.48) unstable; urgency=high * Fix security hole that occurred if openid and passwordauth were both enabled. passwordauth would allow logging in as a known openid, with an - empty password. Closes: # + empty password. Closes: #483770 * Add rel=nofollow to edit links. This may prevent some spiders from pounding on the cgi following edit links. * passwordauth: If Authen::Passphrase is installed, use it to store |