+ikiwiki (3.20120629.3) UNRELEASED; urgency=medium
+
+ * HTML-escape error messages, in one case avoiding potential cross-site
+ scripting (CVE-2016-4561, OVE-20160505-0012)
+
+ -- Simon McVittie <smcv@debian.org> Sun, 08 May 2016 15:33:51 +0100
+
+ikiwiki (3.20120629.2) wheezy; urgency=medium
+
+ [ Joey Hess ]
+ * Fix XSS in openid selector. Thanks, Raghav Bisht. (Closes: #781483;
+ CVE-2015-2793)
+
+ -- Simon McVittie <smcv@debian.org> Mon, 06 Apr 2015 20:34:51 +0100
+
+ikiwiki (3.20120629.1) wheezy; urgency=medium
+
+ Backport blogspam plugin from experimental, because the version in
+ wheezy is no longer usable:
+
+ [ Joey Hess ]
+ * Set Debian package maintainer to Simon McVittie as I'm retiring from
+ Debian.
+
+ [ Amitai Schlair ]
+ * blogspam: use the 2.0 JSON API (the 1.0 XML-RPC API has been EOL'd).
+ Closes: #774441
+
+ -- Simon McVittie <smcv@debian.org> Sat, 17 Jan 2015 11:53:33 +0000
+
+ikiwiki (3.20120629) unstable; urgency=low
+
+ * mirrorlist: Add mirrorlist_use_cgi setting that avoids usedirs or
+ other config differences by linking to the mirror's CGI. (intrigeri)
+
+ -- Joey Hess <joeyh@debian.org> Fri, 29 Jun 2012 10:16:08 -0400
+
ikiwiki (3.20120516) unstable; urgency=high
* meta: Security fix; add missing sanitization of author and authorurl.
- Thanks, Raúl Benencia
+ CVE-2012-0220 Thanks, Raúl Benencia
-- Joey Hess <joeyh@debian.org> Wed, 16 May 2012 19:51:27 -0400