-ikiwiki (3.20100815.3) testing; urgency=low
+ikiwiki (3.20100815.8) stable-security; urgency=low
+
+ * ikiwiki-mass-rebuild: Fix tty hijacking vulnerability by using su.
+ (Once su's related bug #628843 is fixed.) Thanks, Ludwig Nussel.
+ (CVE-2011-1408)
+ * po: Make po4a warn, not error on a malformed document. (intrigeri)
+
+ -- Joey Hess <joeyh@debian.org> Wed, 08 Jun 2011 17:34:56 -0400
+
+ikiwiki (3.20100815.7) stable-security; urgency=high
+
+ * meta: Security fix; don't allow alternative stylesheets to be added on
+ pages where the htmlscrubber is enabled. CVE-2011-1401
+
+ -- Joey Hess <joeyh@debian.org> Mon, 28 Mar 2011 12:35:13 -0400
+
+ikiwiki (3.20100815.6) testing; urgency=low
+
+ * comments: Fix commenting, broken by security fix.
+
+ -- Joey Hess <joeyh@debian.org> Mon, 24 Jan 2011 16:56:05 -0400
+
+ikiwiki (3.20100815.5) testing; urgency=low
+
+ * comments: Fix XSS security hole due to missing validation of page name.
+ CVE-2011-0428 (Thanks, Dave B.)
+
+ -- Joey Hess <joeyh@debian.org> Sat, 22 Jan 2011 11:02:59 -0400
+
+ikiwiki (3.20100815.4) testing; urgency=low
* meta: Fix calling of htmlscrubber to pass the page parameter.
The change of the htmlscrubber to look at page rather than destpage