+ikiwiki (3.20141016.4) UNRELEASED; urgency=high
+
+ * Reference CVE-2016-4561 in 3.20141016.3 changelog
+ * Security: force CGI::FormBuilder->field to scalar context where
+ necessary, avoiding unintended function argument injection
+ analogous to CVE-2014-1572.
+ - passwordauth: prevent authentication bypass via multiple name
+ parameters (OVE-20170111-0001)
+ - passwordauth: prevent userinfo forgery via repeated email
+ parameter (OVE-20170111-0001)
+ - comments, editpage: prevent commit metadata forgery
+ (CVE-2016-9646, OVE-20161226-0001)
+ - CGI, attachment, comments, editpage, notifyemail, passwordauth,
+ po, rename: harden against similar issues that are not believed
+ to be exploitable
+ * t/passwordauth.t: new automated test for OVE-20170111-0001
+ * Backport IkiWiki::Plugin::img from 3.20160905 to fix a regression
+ in 3.20141016.3:
+ - img: ignore the case of the extension when detecting image format,
+ fixing the regression that *.JPG etc. would not be displayed
+ (patch from Amitai Schleier)
+
+ -- Simon McVittie <smcv@debian.org> Wed, 11 Jan 2017 15:22:38 +0000
+
+ikiwiki (3.20141016.3) jessie-security; urgency=high
+
+ [ Simon McVittie ]
+ * img: stop ImageMagick trying to be clever if filenames contain a colon,
+ avoiding mis-processing
+ * HTML-escape error messages, in one case avoiding potential cross-site
+ scripting (CVE-2016-4561, OVE-20160505-0012)
+ * Mitigate ImageMagick vulnerabilities such as CVE-2016-3714:
+ - img: force common Web formats to be interpreted according to extension,
+ so that "allowed_attachments: '*.jpg'" does what one might expect
+ - img: restrict to JPEG, PNG and GIF images by default, again mitigating
+ CVE-2016-3714 and similar vulnerabilities
+ - img: check that the magic number matches what we would expect from
+ the extension before giving common formats to ImageMagick
+
+ [ Joey Hess ]
+ * img: Add back support for SVG images, bypassing ImageMagick and
+ simply passing the SVG through to the browser, which is supported by all
+ commonly used browsers these days.
+ SVG scaling by img directives has subtly changed; where before
+ size=wxh would preserve aspect ratio, this cannot be done when passing
+ them through and so specifying both a width and height can change
+ the SVG's aspect ratio.
+
+ -- Simon McVittie <smcv@debian.org> Fri, 06 May 2016 07:55:49 +0100
+
+ikiwiki (3.20141016.2) unstable; urgency=high
+
+ [ Joey Hess ]
+ * Fix XSS in openid selector. Thanks, Raghav Bisht. (Closes: #781483)
+
+ -- Simon McVittie <smcv@debian.org> Sun, 29 Mar 2015 22:28:15 +0100
+
+ikiwiki (3.20141016.1) unstable; urgency=medium
+
+ * Backport selected commits for Debian 8:
+
+ [ Joey Hess ]
+ * Add missing build-depends on libcgi-formbuilder-perl, needed for
+ t/relativity.t if libipc-run-perl is also installed
+ (buildds are unaffected by this)
+ * Set Debian package maintainer to Simon McVittie as I'm retiring from
+ Debian.
+
+ [ Amitai Schlair ]
+ * blogspam: use the 2.0 JSON API (the 1.0 XML-RPC API has been EOL'd).
+ Closes: #774441
+
+ [ Simon McVittie ]
+ * Work around imagemagick Debian bug #771047 by using a non-blank SVG
+ for the regression test, to avoid FTBFS in current unstable
+ if inkscape is installed (buildds are unaffected by this)
+
+ -- Simon McVittie <smcv@debian.org> Wed, 07 Jan 2015 11:08:35 +0000
+
+ikiwiki (3.20141016) unstable; urgency=medium
+
+ [ Joey Hess ]
+ * Fix crash that can occur when only_committed_changes is set and a
+ file is deleted from the underlay.
+
+ [ Simon McVittie ]
+ * core: avoid dangerous use of CGI->param in list context, which led
+ to a security flaw in Bugzilla; as far as we can tell, ikiwiki
+ is not vulnerable to a similar attack, but it's best to be safe
+ * core: new reverse_proxy option prevents ikiwiki from trying to detect
+ how to make self-referential URLs by using the CGI environment variables,
+ for instance when it's deployed behind a HTTP reverse proxy
+ (Closes: #745759)
+ * core: the default User-Agent is now "ikiwiki/$version" to work around
+ ModSecurity rules assuming that only malware uses libwww-perl
+ * core: use protocol-relative URLs (e.g. //www.example.com/wiki) so that
+ https stays on https and http stays on http, particularly if the
+ html5 option is enabled
+ * core: avoid mixed content when a https cgiurl links to http static pages
+ on the same server (the static pages are assumed to be accessible via
+ https too)
+ * core: force the correct top URL in w3mmode
+ * google plugin: Use search form
+ * docwiki: replace Paypal and Flattr buttons with text links
+ * comments: don't record the IP address in the wiki if the user is
+ logged in via passwordauth or httpauth
+ * templates: add ARIA roles to some page elements, if html5 is enabled.
+ Thanks, Patrick
+ * debian: build-depend on libmagickcore-6.q16-2-extra | libmagickcore-extra
+ so we can thumbnail SVGs in the docwiki
+ * debian: explicitly depend and build-depend on libcgi-pm-perl
+ * debian: drop unused python-support dependency
+ * debian: rename debian/link to debian/links so the intended symlinks appear
+ * debian: fix some wrong paths in the copyright file
+
+ -- Simon McVittie <smcv@debian.org> Thu, 16 Oct 2014 23:28:26 +0100
+
+ikiwiki (3.20140916) unstable; urgency=low
+
+ * Don't double-decode CGI submissions with Encode.pm >= 2.53,
+ fixing "Error: Cannot decode string with wide characters".
+ Thanks, Antoine Beaupré
+ * Avoid making trails depend on everything in the wiki by giving them
+ a better way to sort the pages
+ * Don't let users post comments that won't be displayed
+ * Fix encoding of Unicode strings in Python plugins.
+ Thanks, chrysn
+ * Improve performance and correctness of the [[!if]] directive
+ * Let [[!inline rootpage=foo postform=no]] disable the posting form
+ * Switch default [[!man]] shortcut to manpages.debian.org. Closes: #700322
+ * Add UUID and TIME variables to edittemplate. Closes: #752827
+ Thanks, Jonathon Anderson
+ * Display pages in linkmaps as their pagetitle (no underscore escapes).
+ Thanks, chrysn
+ * Fix aspect ratio when scaling small images, and add support for
+ converting SVG and PDF graphics to PNG.
+ Thanks, chrysn
+ - suggest ghostscript (required for PDF-to-PNG thumbnailing)
+ and libmagickcore-extra (required for SVG-to-PNG thumbnailing)
+ - build-depend on ghostscript so the test for scalable images can be run
+ * In the CGI wrapper, incorporate $config{ENV} into the environment
+ before executing Perl code, so that PERL5LIB can point to a
+ non-system-wide installation of IkiWiki.
+ Thanks, Lafayette Chamber Singers Webmaster
+ * filecheck: accept MIME types not containing ';'
+ * autoindex: index files in underlays if the resulting pages aren't
+ going to be committed. Closes: #611068
+ * Add [[!templatebody]] directive so template pages don't have to be
+ simultaneously a valid template and valid HTML
+ * Add myself to Uploaders and release to Debian
+
+ -- Simon McVittie <smcv@debian.org> Fri, 12 Sep 2014 21:23:58 +0100
+
+ikiwiki (3.20140831) unstable; urgency=medium
+
+ * Make --no-gettime work in initial build. Closes: #755075
+
+ -- Joey Hess <joeyh@debian.org> Sun, 31 Aug 2014 14:17:24 -0700
+
+ikiwiki (3.20140815) unstable; urgency=medium
+
+ * Add google back to openid selector. Apparently this has gotten a stay
+ of execution until April 2015. (It may continue to work until 2017.)
+ * highlight: Add compatibility with highlight 3.18, while still supporting
+ 3.9+. Closes: #757679
+ Thanks, David Bremner
+ * highlight: Add support for multiple language definition directories
+ Closes: #757680
+ Thanks, David Bremner
+
+ -- Joey Hess <joeyh@debian.org> Fri, 15 Aug 2014 12:58:08 -0400
+
+ikiwiki (3.20140613) unstable; urgency=medium
+
+ * only_committed_changes could fail in a git repository merged
+ with git merge -s ours.
+ * Remove google from openid selector, per http://xkcd.com/1361/
+
+ -- Joey Hess <joeyh@debian.org> Fri, 13 Jun 2014 10:09:10 -0400
+
+ikiwiki (3.20140227) unstable; urgency=medium
+
+ * Added useragent config setting. Closes: #737121
+ Thanks, Tuomas Jormola
+ * po: Add html_lang_code and html_lang_dir template variables
+ for the language code and direction of text.
+ Thanks, Mesar Hameed
+ * Allow up to 8 levels of nested directives, rather than previous 3
+ in directive infinite loop guard.
+ * git diffurl: Do not escape / in paths to changed files, in order to
+ interoperate with cgit (gitweb works either way)
+ Thanks, intrigeri.
+ * git: Explicity push master branch, as will be needed by git 2.0's
+ change to push.default=matching by default.
+ Thanks, smcv
+ * Deal with nasty issue with gettext clobbering $@ while printing
+ error message containing it.
+ Thanks, smcv
+ * Cleanup of the openid login widget, including replacing of hotlinked
+ images from openid providers with embedded, freely licensed artwork.
+ Thanks, smcv
+ * Improve templates testing.
+ Thanks, smcv
+ * python proxy: Avoid utf-8 related crash.
+ Thanks, Antoine Beaupré
+ * Special thanks to Simon McVittie for being the patchmeister for this
+ release.
+
+ -- Joey Hess <joeyh@debian.org> Thu, 27 Feb 2014 11:55:35 -0400
+
+ikiwiki (3.20140125) unstable; urgency=medium
+
+ * inline: Allow overriding the title of the feed. Closes: #735123
+ Thanks, Christophe Rhodes
+ * osm: Escape name parameter. Closes: #731797
+
+ -- Joey Hess <joeyh@debian.org> Sat, 25 Jan 2014 16:40:32 -0400
+
+ikiwiki (3.20140102) unstable; urgency=low
+
+ * aggregate: Improve display of post author.
+ * poll: Fix behavior of poll buttons when inlined.
+ * Fixed unncessary tight loop hash copy in saveindex where a pointer
+ can be used instead. Can speed up refreshes by nearly 50% in some
+ circumstances.
+ * Optimized loadindex by caching the page name in the index.
+ * Added only_committed_changes config setting, which speeds up wiki
+ refresh by querying git to find the files that were changed, rather
+ than looking at the work tree. Not enabled by default as it can
+ break some setups where not all files get committed to git.
+ * comments: Write pending moderation comments to the transient underlay
+ to avoid conflict with only_committed_changes.
+ * search: Added google_search option, which makes it search google
+ rather than using the internal xapain database.
+ (googlesearch plugin is too hard to turn on when xapain databases
+ corrupt themselves, which happens all too frequently).
+ * osm: Remove invalid use of charset on embedded javascript tags.
+ Closes: #731197
+ * style.css: Add compatibility definitions for more block-level
+ html5 elements. Closes: #731199
+ * aggregrate: Fix several bugs in handling of empty and colliding
+ titles when generating filenames.
+
+ -- Joey Hess <joeyh@debian.org> Thu, 02 Jan 2014 12:22:22 -0400
+
+ikiwiki (3.20130904.1) unstable; urgency=low
+
+ * Fix cookiejar default setting.
+
+ -- Joey Hess <joeyh@debian.org> Wed, 04 Sep 2013 10:15:37 -0400
+
+ikiwiki (3.20130904) unstable; urgency=low
+
+ * calendar: Display the popup mouseover when there is only 1 page for a
+ given day, for better UI consistency.
+ * meta: Can now be used to add an enclosure to a page, which is a fancier
+ way to do podcasting than just inlining the media files directly;
+ this way you can write a post about the podcast episode with show notes,
+ author information, etc.
+ (schmonz)
+ * aggregate: Show author in addition to feedname, if different.
+ (schmonz)
+ * Consistently configure LWP::UserAgent to allow use of http_proxy
+ and no_proxy environment variables, as well as ~/.ikiwiki/cookies
+ (schmonz)
+ * Fix test suite to work with perl 5.18. Closes: #719969
+
+ -- Joey Hess <joeyh@debian.org> Wed, 04 Sep 2013 08:54:31 -0400
+