]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - debian/changelog
projects / git.ikiwiki.info.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
HTML-escape error messages (CVE-2016-4561)
[git.ikiwiki.info.git] / debian / changelog
diff --git a/debian/changelog b/debian/changelog
index 1897414c460ce30b0f2db9eb29c6bdc86ea6bde4..919814f2f8f01f7084a700874a19e5dd208c2fdb 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,9 +1,17 @@
-ikiwiki (3.20141016.2) UNRELEASED; urgency=high
+ikiwiki (3.20120629.3) UNRELEASED; urgency=medium
+
+  * HTML-escape error messages, in one case avoiding potential cross-site
+    scripting (CVE-2016-4561, OVE-20160505-0012)
+
+ -- Simon McVittie <smcv@debian.org>  Sun, 08 May 2016 15:33:51 +0100
+
+ikiwiki (3.20120629.2) wheezy; urgency=medium
 
   [ Joey Hess ]
-  * Fix XSS in openid selector. Thanks, Raghav Bisht.
+  * Fix XSS in openid selector. Thanks, Raghav Bisht. (Closes: #781483;
+    CVE-2015-2793)
 
- -- Simon McVittie <smcv@debian.org>  Sun, 29 Mar 2015 22:28:15 +0100
+ -- Simon McVittie <smcv@debian.org>  Mon, 06 Apr 2015 20:34:51 +0100
 
 ikiwiki (3.20120629.1) wheezy; urgency=medium
 
Unnamed repository; edit this file 'description' to name the repository.