diff options
| -rw-r--r-- | IkiWiki.pm | 2 | ||||
| -rw-r--r-- | debian/changelog | 5 |
2 files changed, 5 insertions, 2 deletions
diff --git a/IkiWiki.pm b/IkiWiki.pm index 5f0dca385..2392c787b 100644 --- a/IkiWiki.pm +++ b/IkiWiki.pm @@ -174,7 +174,7 @@ sub log_message ($$) { #{{{ $log_open=1; } eval { - Sys::Syslog::syslog($type, join(" ", @_)); + Sys::Syslog::syslog($type, "%s", join(" ", @_)); } } elsif (! $config{cgi}) { diff --git a/debian/changelog b/debian/changelog index 2c7ded1fa..ee88086ff 100644 --- a/debian/changelog +++ b/debian/changelog @@ -26,8 +26,11 @@ ikiwiki (1.43) UNRELEASED; urgency=low * Add a prettydate plugin that formats dates in a more readable fashion. (I had to get a pretty date somehow today..) * Updated Czech translation. + * Avoid potential syslog format string issue, although only older versions + of perl are vulnerable and it is not known to really be exploitable from + ikiwiki. - -- Joey Hess <joeyh@debian.org> Sat, 17 Feb 2007 14:02:32 -0500 + -- Joey Hess <joeyh@debian.org> Sat, 17 Feb 2007 16:32:35 -0500 ikiwiki (1.42) unstable; urgency=low |