names and/or run a setuid ikiwiki wrapper with a working directory of
their choice.
-## Editing restriction bypass for git revert
+## <span id="cve-2016-9645">Editing restriction bypass for git revert</span>
intrigeri discovered that a web or git user could revert a change to a
page they are not allowed to edit, if the change being reverted was made
This bug was reported on 2016-12-17. A partially fixed version
3.20161219 was released on 2016-12-19, but the solution used in that
version was not effective with git versions older than 2.8.0.
+A more complete fix was released on 2016-12-29 in version 3.20161229.
+A backport to Debian 8 'jessie' is in progress.
([[!cve CVE-2016-10026]] represents the original vulnerability.
[[!cve CVE-2016-9645]]/OVE-20161226-0002 represents the vulnerability
in 3.20161219 caused by the incomplete fix.)
-## Commit metadata forgery via CGI::FormBuilder context-dependent APIs
+## <span id="cve-2016-9646">Commit metadata forgery via CGI::FormBuilder context-dependent APIs</span>
When CGI::FormBuilder->field("foo") is called in list context (and
in particular in the arguments to a subroutine that takes named
could potentially forge commit authorship (attribute their edit to
someone else) by crafting multiple values for the rcsinfo field
+This was fixed in ikiwiki 3.20161229. A backport to Debian 8
+'jessie' is in progress.
+
([[!cve CVE-2016-9646]]/OVE-20161226-0001)