diff options
Diffstat (limited to 'doc/recentchanges/change_5f750e16b8c32d2fd69209f433e7d19efa53a71f._change')
| -rw-r--r-- | doc/recentchanges/change_5f750e16b8c32d2fd69209f433e7d19efa53a71f._change | 77 |
1 files changed, 77 insertions, 0 deletions
diff --git a/doc/recentchanges/change_5f750e16b8c32d2fd69209f433e7d19efa53a71f._change b/doc/recentchanges/change_5f750e16b8c32d2fd69209f433e7d19efa53a71f._change new file mode 100644 index 000000000..cb1e325e8 --- /dev/null +++ b/doc/recentchanges/change_5f750e16b8c32d2fd69209f433e7d19efa53a71f._change @@ -0,0 +1,77 @@ +[[!meta author="""joey"""]] + +[[!meta authorurl="""http://ikiwiki.info/ikiwiki.cgi?page=users%2Fjoey&do=goto"""]] + +[[!meta title="""change to security on ikiwiki"""]] + +[[!meta permalink="http://ikiwiki.info/recentchanges/#change-5f750e16b8c32d2fd69209f433e7d19efa53a71f"]] + +<div id="change-5f750e16b8c32d2fd69209f433e7d19efa53a71f" class="metadata"> +<span class="desc"><br />Changed pages:</span> +<span class="pagelinks"> + +<a href="http://git.ikiwiki.info/?p=ikiwiki;a=blobdiff;f=doc/security.mdwn;h=4fa531eb14a4c842f401fee72d845c19e481c1da;hp=2c342b19986104ed27b46c6c736768d34ad82c15;hb=5f750e16b8c32d2fd69209f433e7d19efa53a71f;hpb=65ecc73755348f1ed13b77b2f4bdf9db4e465be4" title="diff" rel="nofollow">[[diff|wikiicons/diff.png]]</a><a href="http://ikiwiki.info/ikiwiki.cgi?page=security&do=goto" rel="nofollow">security</a> + + +</span> +<span class="desc"><br />Changed by:</span> +<span class="committer"> + +<a href="http://ikiwiki.info/ikiwiki.cgi?page=users%2Fjoey&do=goto" rel="nofollow">joey</a> + +</span> +<span class="desc"><br />Commit type:</span> +<span class="committype">git</span> +<span class="desc"><br />Date:</span> +<span class="changedate"><span class="relativedate" title="Fri, 12 Nov 2010 10:25:21 -0400">10:25:21 11/12/10</span></span> +<span class="desc"><br /></span> +</div> + +<span class="revert"> +<a href="http://ikiwiki.info/ikiwiki.cgi?rev=5f750e16b8c32d2fd69209f433e7d19efa53a71f&do=revert" title="revert" rel="nofollow">[[revert|wikiicons/revert.png]]</a> +</span> + +<div class="changelog"> + + +CVE id<br /> + + +</div> + +<div class="diff"> +<pre> +diff --git a/debian/changelog b/debian/changelog +index f8dc04e..582a8e3 100644 +--- a/debian/changelog ++++ b/debian/changelog +@@ -10,11 +10,11 @@ ikiwiki (3.20101112) unstable; urgency=HIGH + (Thanks, Tuomas Jormola) + * Fix htmlscrubber_skip to be matched on the source page, not the page it is + inlined into. Should allow setting to "* and !comment(*)" to scrub +- comments, but leave your blog posts unscrubbed, etc. ++ comments, but leave your blog posts unscrubbed, etc. CVE-2010-1673 + * comments: Make postcomment() pagespec work when previewing a comment, +- including during moderation. ++ including during moderation. CVE-2010-1673 + * comments: Make comment() pagespec also match comments that are being +- posted. ++ posted. CVE-2010-1673 + + -- Joey Hess <joeyh@debian.org> Fri, 12 Nov 2010 00:36:06 -0400 + +diff --git a/doc/security.mdwn b/doc/security.mdwn +index 2c342b1..4fa531e 100644 +--- a/doc/security.mdwn ++++ b/doc/security.mdwn +@@ -452,4 +452,4 @@ Additionally, it was discovered that comments' html was never scrubbed during + preview or moderation of comments with such a configuration. + + These problems were discovered on 12 November 2010 and fixed the same +-hour with the release of ikiwiki 3.20101112. ++hour with the release of ikiwiki 3.20101112. ([[!cve CVE-2010-1673]]) + +</pre> +</div> + +<!-- 5f750e16b8c32d2fd69209f433e7d19efa53a71f --> |