From 2ad3e60ee8272b7cccfd83ae02d5b45e2cec003d Mon Sep 17 00:00:00 2001
From: Joey Hess <joey@gnu.kitenet.net>
Date: Fri, 12 Mar 2010 14:49:13 -0500
Subject: htmlscrubber: Security fix: In data:image/* uris, only allow a few
 whitelisted image types. No svg.

---
 debian/changelog | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'debian')

diff --git a/debian/changelog b/debian/changelog
index bae0e7ee0..7fdbbcb63 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
-ikiwiki (3.20100303) UNRELEASED; urgency=low
+ikiwiki (3.20100312) unstable; urgency=HIGH
 
   * Fix utf8 issues in calls to md5_hex.
   * moderatedcomments: Added moderate_pagespec that can be used
@@ -12,6 +12,8 @@ ikiwiki (3.20100303) UNRELEASED; urgency=low
   * Fix missing span on recentchanges page template.
   * search: Avoid '$' in the wikiname appearing unescaped on omega's
     query template, where it might crash omega.
+  * htmlscrubber: Security fix: In data:image/* uris, only allow a few
+    whitelisted image types. No svg.
 
  -- Joey Hess <joeyh@debian.org>  Tue, 09 Mar 2010 19:46:35 -0500
 
-- 
cgit v1.2.3