blob: cb1e325e85fa5758a45841160ae12fc5a50dca09 (
plain)
- [[!meta author="""joey"""]]
- [[!meta authorurl="""http://ikiwiki.info/ikiwiki.cgi?page=users%2Fjoey&do=goto"""]]
- [[!meta title="""change to security on ikiwiki"""]]
- [[!meta permalink="http://ikiwiki.info/recentchanges/#change-5f750e16b8c32d2fd69209f433e7d19efa53a71f"]]
- <div id="change-5f750e16b8c32d2fd69209f433e7d19efa53a71f" class="metadata">
- <span class="desc"><br />Changed pages:</span>
- <span class="pagelinks">
- <a href="http://git.ikiwiki.info/?p=ikiwiki;a=blobdiff;f=doc/security.mdwn;h=4fa531eb14a4c842f401fee72d845c19e481c1da;hp=2c342b19986104ed27b46c6c736768d34ad82c15;hb=5f750e16b8c32d2fd69209f433e7d19efa53a71f;hpb=65ecc73755348f1ed13b77b2f4bdf9db4e465be4" title="diff" rel="nofollow">[[diff|wikiicons/diff.png]]</a><a href="http://ikiwiki.info/ikiwiki.cgi?page=security&do=goto" rel="nofollow">security</a>
- </span>
- <span class="desc"><br />Changed by:</span>
- <span class="committer">
- <a href="http://ikiwiki.info/ikiwiki.cgi?page=users%2Fjoey&do=goto" rel="nofollow">joey</a>
- </span>
- <span class="desc"><br />Commit type:</span>
- <span class="committype">git</span>
- <span class="desc"><br />Date:</span>
- <span class="changedate"><span class="relativedate" title="Fri, 12 Nov 2010 10:25:21 -0400">10:25:21 11/12/10</span></span>
- <span class="desc"><br /></span>
- </div>
- <span class="revert">
- <a href="http://ikiwiki.info/ikiwiki.cgi?rev=5f750e16b8c32d2fd69209f433e7d19efa53a71f&do=revert" title="revert" rel="nofollow">[[revert|wikiicons/revert.png]]</a>
- </span>
- <div class="changelog">
- CVE id<br />
- </div>
- <div class="diff">
- <pre>
- diff --git a/debian/changelog b/debian/changelog
- index f8dc04e..582a8e3 100644
- --- a/debian/changelog
- +++ b/debian/changelog
- @@ -10,11 +10,11 @@ ikiwiki (3.20101112) unstable; urgency=HIGH
- (Thanks, Tuomas Jormola)
- * Fix htmlscrubber_skip to be matched on the source page, not the page it is
- inlined into. Should allow setting to "* and !comment(*)" to scrub
- - comments, but leave your blog posts unscrubbed, etc.
- + comments, but leave your blog posts unscrubbed, etc. CVE-2010-1673
- * comments: Make postcomment() pagespec work when previewing a comment,
- - including during moderation.
- + including during moderation. CVE-2010-1673
- * comments: Make comment() pagespec also match comments that are being
- - posted.
- + posted. CVE-2010-1673
-
- -- Joey Hess <joeyh@debian.org> Fri, 12 Nov 2010 00:36:06 -0400
-
- diff --git a/doc/security.mdwn b/doc/security.mdwn
- index 2c342b1..4fa531e 100644
- --- a/doc/security.mdwn
- +++ b/doc/security.mdwn
- @@ -452,4 +452,4 @@ Additionally, it was discovered that comments' html was never scrubbed during
- preview or moderation of comments with such a configuration.
-
- These problems were discovered on 12 November 2010 and fixed the same
- -hour with the release of ikiwiki 3.20101112.
- +hour with the release of ikiwiki 3.20101112. ([[!cve CVE-2010-1673]])
- </pre>
- </div>
- <!-- 5f750e16b8c32d2fd69209f433e7d19efa53a71f -->
|
