summaryrefslogtreecommitdiff
path: root/doc/security.mdwn
AgeCommit message (Expand)Author
2008-04-10Fix CSRF attacks against the preferences and edit forms. Closes: #475445Joey Hess
2008-04-10fix what I think is a typoJoey Hess
2008-02-20add CVE idsJoey Hess
2008-02-10some updates about the recent holeJoey Hess
2008-02-10a few thoughts on data: securityJoey Hess
2008-02-10document security fixJoey Hess
2007-12-22typoJoey Hess
2007-11-27moreJoey Hess
2007-11-27remove svn-ismsJoey Hess
2007-11-27add some documentation about how to safely allow multiple committers to anJoey Hess
2007-11-26releasing version 2.14Joey Hess
2007-03-21* Fix a security hole that allowed insertion of unsafe content via the metajoey
2007-03-21* Fix a few bugs around page titles containing html. The worst of thesejoey
2007-02-14document recent security holejoey
2006-12-27web commit by JeremyReed: typo fixjoey
2006-11-21web commit by http://id.kurokatta.org/david: Copyedit.joey
2006-10-22some notes about the security (or lack thereof) of pluginsjoey
2006-08-28* Add toc (table of contents) plugin.joey
2006-08-28updatejoey
2006-08-27* Patch from James Westby to add a --sslcookie switch, which forcesjoey
2006-08-23* Allow preprocessor directives to contain python-like triple-quotedjoey
2006-08-18updatejoey
2006-08-05misc changesjoey
2006-08-02releasing version 1.13joey
2006-07-30security notejoey
2006-07-02web commit by ThomasSchwinge: Typo fixes.www-data
2006-07-02web commit by joeywww-data
2006-07-02* Parse svn log as xml for improved utf8 and security. Note that this makesjoey
2006-06-01* More security review.joey
2006-05-26typojoey
2006-05-05* Removed --sanitize and --no-sanitize, replaced with --plugin htmlscrubberjoey
2006-05-02* Added plugin system, currently only supporting for PreProcessorDirectives.joey
2006-04-25web commit by joeywww-data
2006-04-25web commit by joeywww-data
2006-04-25security updatejoey
2006-04-25web commit by joeywww-data
2006-04-25web commit by joeywww-data
2006-04-25web commit by joeywww-data
2006-04-25implemented html sanitisationjoey
2006-04-25web commit by joeywww-data
2006-04-24updatejoey
2006-04-24updatejoey
2006-03-29improve fix for symlink attacks to check subdirectories for symlinks toojoey
2006-03-29Implemented --underlaydir, and moved files provided by underlay out of docjoey
2006-03-26added --getctimejoey
2006-03-23found & fixed another symlink attackjoey
2006-03-23added adminuser settings, globlist support, and used this to implement pagejoey
2006-03-19web commit by joeywww-data
2006-03-19web commit by joeywww-data
2006-03-19web commit by joeywww-data