From 23a4ee6d15dbd9b8e8c6588a829dd30a26a8de32 Mon Sep 17 00:00:00 2001
From: Joey Hess <joey@gnu.kitenet.net>
Date: Mon, 18 May 2009 15:25:10 -0400
Subject: Allow curly braces to be used in pagespecs

And avoid a whole class of potential security problems (though
none that I know of actually existing..), by avoiding
performing any string interpolation on user-supplied data when translating
pagespecs.
---
 debian/changelog | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'debian/changelog')

diff --git a/debian/changelog b/debian/changelog
index c2819d0c5..7efa31cf1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -6,6 +6,9 @@ ikiwiki (3.13) UNRELEASED; urgency=low
     of other underlays via add_underlay.
   * More friendly display of markdown, textile in edit form selector
     (jmtd)
+  * Allow curly braces to be used in pagespecs, and avoid a whole class
+    of potential security problems, by avoiding performing any string
+    interpolation on user-supplied data when translating pagespecs.
 
  -- Joey Hess <joeyh@debian.org>  Wed, 06 May 2009 20:45:44 -0400
 
-- 
cgit v1.2.3