doc/recentchanges/change_5f750e16b8c32d2fd69209f433e7d19efa53a71f._change

   1 [[!meta author="""joey"""]]
   2
   3 [[!meta authorurl="""http://ikiwiki.info/ikiwiki.cgi?page=users%2Fjoey&amp;do=goto"""]]
   4
   5 [[!meta title="""change to security on ikiwiki"""]]
   6
   7 [[!meta permalink="http://ikiwiki.info/recentchanges/#change-5f750e16b8c32d2fd69209f433e7d19efa53a71f"]]
   8
   9 <div id="change-5f750e16b8c32d2fd69209f433e7d19efa53a71f" class="metadata">
  10 <span class="desc"><br />Changed pages:</span>
  11 <span class="pagelinks">
  12
  13 <a href="http://git.ikiwiki.info/?p=ikiwiki;a=blobdiff;f=doc/security.mdwn;h=4fa531eb14a4c842f401fee72d845c19e481c1da;hp=2c342b19986104ed27b46c6c736768d34ad82c15;hb=5f750e16b8c32d2fd69209f433e7d19efa53a71f;hpb=65ecc73755348f1ed13b77b2f4bdf9db4e465be4" title="diff" rel="nofollow">[[diff|wikiicons/diff.png]]</a><a href="http://ikiwiki.info/ikiwiki.cgi?page=security&amp;do=goto" rel="nofollow">security</a>
  14
  15
  16 </span>
  17 <span class="desc"><br />Changed by:</span>
  18 <span class="committer">
  19
  20 <a href="http://ikiwiki.info/ikiwiki.cgi?page=users%2Fjoey&amp;do=goto" rel="nofollow">joey</a>
  21
  22 </span>
  23 <span class="desc"><br />Commit type:</span>
  24 <span class="committype">git</span>
  25 <span class="desc"><br />Date:</span>
  26 <span class="changedate"><span class="relativedate" title="Fri, 12 Nov 2010 10:25:21 -0400">10:25:21 11/12/10</span></span>
  27 <span class="desc"><br /></span>
  28 </div>
  29
  30 <span class="revert">
  31 <a href="http://ikiwiki.info/ikiwiki.cgi?rev=5f750e16b8c32d2fd69209f433e7d19efa53a71f&amp;do=revert" title="revert" rel="nofollow">[[revert|wikiicons/revert.png]]</a>
  32 </span>
  33
  34 <div class="changelog">
  35
  36
  37 CVE id<br />
  38
  39
  40 </div>
  41
  42 <div class="diff">
  43 <pre>
  44 diff --git a/debian/changelog b/debian/changelog
  45 index f8dc04e..582a8e3 100644
  46 --- a/debian/changelog
  47 +++ b/debian/changelog
  48 @@ -10,11 +10,11 @@ ikiwiki (3.20101112) unstable; urgency=HIGH
  49      (Thanks, Tuomas Jormola)
  50    * Fix htmlscrubber_skip to be matched on the source page, not the page it is
  51      inlined into. Should allow setting to &quot;* and !comment(*)&quot; to scrub
  52 -    comments, but leave your blog posts unscrubbed, etc.
  53 +    comments, but leave your blog posts unscrubbed, etc. CVE-2010-1673
  54    * comments: Make postcomment() pagespec work when previewing a comment,
  55 -    including during moderation.
  56 +    including during moderation. CVE-2010-1673
  57    * comments: Make comment() pagespec also match comments that are being
  58 -    posted.
  59 +    posted. CVE-2010-1673
  60
  61   -- Joey Hess &lt;joeyh@debian.org&gt;  Fri, 12 Nov 2010 00:36:06 -0400
  62
  63 diff --git a/doc/security.mdwn b/doc/security.mdwn
  64 index 2c342b1..4fa531e 100644
  65 --- a/doc/security.mdwn
  66 +++ b/doc/security.mdwn
  67 @@ -452,4 +452,4 @@ Additionally, it was discovered that comments&#39; html was never scrubbed during
  68  preview or moderation of comments with such a configuration.
  69
  70  These problems were discovered on 12 November 2010 and fixed the same
  71 -hour with the release of ikiwiki 3.20101112.
  72 +hour with the release of ikiwiki 3.20101112. (&#91;&#91;!cve CVE-2010-1673&#93;&#93;)
  73
  74 </pre>
  75 </div>
  76
  77 <!-- 5f750e16b8c32d2fd69209f433e7d19efa53a71f -->