-ikiwiki (2.51) UNRELEASED; urgency=low
+ikiwiki (2.53.5) stable-security; urgency=high
+
+ * htmlscrubber: Security fix: In data:image/* uris, only allow a few
+ whitelisted image types. No svg.
+
+ -- Joey Hess <joeyh@debian.org> Fri, 12 Mar 2010 15:19:29 -0500
+
+ikiwiki (2.53.4) stable-security; urgency=high
+
+ * teximg: Replace the insufficient blacklist with the built-in security
+ mechanisms of TeX. (CVE-2009-2944)
+ * img: Don't generate new verison of image if it is scaled to be
+ larger in either dimension.
+
+ -- Joey Hess <joeyh@debian.org> Fri, 28 Aug 2009 23:42:51 -0400
+
+ikiwiki (2.53.3) testing-proposed-updates; urgency=low
+
+ * Avoid crash on malformed utf-8 discovered by intrigeri.
+ * orphans: Fix unquoted page name in regexp.
+
+ -- Joey Hess <joeyh@debian.org> Thu, 09 Oct 2008 19:12:18 -0400
+
+ikiwiki (2.53.2) testing-proposed-updates; urgency=low
+
+ * Fix bad patch backport that broke generation of rss/atom feeds. Closes: #498224
+
+ -- Joey Hess <joeyh@debian.org> Mon, 08 Sep 2008 11:40:27 -0400
+
+ikiwiki (2.53.1) testing-proposed-updates; urgency=low
+
+ * Backported all relevant bug fixes from mainline to debian testing.
+ * ikiwiki-transition: Fix command-line processing so the prefix_directives
+ transition works again.
+ * Fixes creation of pages when clicking on WikiLinks starting with "/".
+ * Change deb dependencies to list Text::Markdown before markdown, since
+ the former, while slower, has a much better html parser that avoids
+ numerous bugs.
+ * smileys: Some fixes for escaped smileys.
+ * smileys: Note that smileys need to be double-escaped for the escaping to
+ work. Markdown removes one level of escaping.
+ * Add a postscan hook.
+ * search: Use postscan hook, avoid updating index when previewing.
+ * search: Fixes for title stemming, and use better term for tags.
+ (Gabriel McManus)
+ (Rebuilding the wiki on upgrade to this version is recommended if you
+ use the search plugin.)
+ * meta: fix title() PageSpec (DOS). Closes: #497444
+ * Really fix bug with links to pages with names containing colons.
+ Previous fix mised a few cases.
+ * toggle: Fix incompatability between javascript and webkit.
+ * toggle: Fix for when html got tidied. Closes: #492529 (Enrico Zini)
+ * inline: Ignore parent dirs when sorting pages by title.
+ * external: Fix support for hooks called in an array context.
+ * edittemplate: Don't wipe out edits on preview.
+ * map: The fix for #449285 was buggy and broke display of parents in certian
+ circumstances.
+ * Work around perl $_ scoping nonsense that caused breakage when loading
+ external plugins.
+
+ -- Joey Hess <joeyh@debian.org> Fri, 05 Sep 2008 20:55:53 -0400
+
+ikiwiki (2.53) unstable; urgency=low
+
+ * search: generate configuration files once only when rebuilding
+ (Gabriel McManus)
+ * attachment: Fix an uninitialised value warning when editing a page
+ that currently has no attachments.
+ * Fix a bug with links to pages whose names contained colons.
+ * attachment: Support old versions of CGI.pm that lack an upload method.
+ * Include ikiwiki.setup in examples in the debian package.
+ * attachment: Support perl 5.8's buggy version of CGI.pm.
+ * otl: Support utf-8 files. (Recai Oktaş)
+
+ -- Joey Hess <joeyh@debian.org> Wed, 09 Jul 2008 16:45:33 -0400
+
+ikiwiki (2.52) unstable; urgency=low
+
+ * attachment: New plugin for uploading and managing attachments.
+ This includes a fairly powerful PageSpec based admin pref for deciding
+ whether to accept a given upload, and an attachment management interface
+ on the edit page.
+ (Sponsored by The TOVA Company.)
+ * If attachments are not enabled, configure CGI.pm to disable file
+ uploads by default. (An anti-DOS measure.)
+ * toggle: Add support for toggles that are open by default.
+ * toggle: Fix to work in preview mode.
+ * toggle: Add javascript to top of page, not to end. This avoids flicker
+ since closed toggles will not be displayed as the page is loading.
+ * The editpage form now uses the raw page name, not the page title, in its
+ 'page' cgi parameter. Using the title was ambiguous and made it
+ impossible to tell between some pages, like "foo/bar" and "foo__47__bar",
+ sometimes causing the wrong page to be edited.
+ * This change means that some edit links need to be updated.
+ Force a rebuild on upgrade to this version.
+ * Above change also allowed really fixing escaped slashes from the blogpost
+ form.
+
+ -- Joey Hess <joeyh@debian.org> Sun, 06 Jul 2008 19:15:37 -0400
+
+ikiwiki (2.51) unstable; urgency=low
* Improve toplevel parentlink to link directly to index.html when usedirs is
disabled.
* txt: New plugin, contributed by Gabriel McManus.
* smiley: Generate links relative to the destpage. (Fixes a reversion from
2.41.)
- * toc: Revert change in 2.45 that made it run at sanitize time. This breaks
+ * toc: Revert change in 2.45 that made it run at sanitize time. That broke
use of toc in a sidebar.
* Call format hooks when generating page previews, thus fixing toc display
there, as well as fixing inlins to again display in page previews, since
will only get the body during page preview.
* toggle: Deal with preview mode when adding javascript.
- -- Joey Hess <joeyh@debian.org> Sun, 15 Jun 2008 15:03:33 -0400
+ -- Joey Hess <joeyh@debian.org> Sun, 29 Jun 2008 14:09:37 -0400
ikiwiki (2.50) unstable; urgency=low