]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - debian/changelog
projects / git.ikiwiki.info.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
httpauth: If REMOTE_USER is empty, behave as though it was unset
[git.ikiwiki.info.git] / debian / changelog
diff --git a/debian/changelog b/debian/changelog
index d3576c528d3791d3cd7e2901cbf6c0fb78561ec5..005c811d346ad98327d30ade4a36f69284b8ff92 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,6 +3,9 @@ ikiwiki (3.20170112) UNRELEASED; urgency=medium
   * t/git-cgi.t: Wait 1 second before doing a revert that should work.
     This hopefully fixes a race condition in which the test failed
     around 6% of the time. (Closes: 862494)
+  * Guard against set-but-empty REMOTE_USER CGI variable on
+    misconfigured nginx servers, and in general treat sessions with
+    a set-but-empty name as if they were not signed in.
 
  -- Simon McVittie <smcv@debian.org>  Sun, 14 May 2017 15:34:52 +0100
 
Unnamed repository; edit this file 'description' to name the repository.