HTML-escape error messages (CVE-2016-4561)

[git.ikiwiki.info.git] / debian / changelog

diff --git a/debian/changelog b/debian/changelog
index 765edac6e1f9a85d7c3e531050d0c9ed4526c141..919814f2f8f01f7084a700874a19e5dd208c2fdb 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+ikiwiki (3.20120629.3) UNRELEASED; urgency=medium
+
+  * HTML-escape error messages, in one case avoiding potential cross-site
+    scripting (CVE-2016-4561, OVE-20160505-0012)
+
+ -- Simon McVittie <smcv@debian.org>  Sun, 08 May 2016 15:33:51 +0100
+
 ikiwiki (3.20120629.2) wheezy; urgency=medium
 
   [ Joey Hess ]