X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/30c23b5e72028d97253cc5ba027f4c8314c9008a..37296bcb5a2a64626dc77083b75dd97d15faf948:/debian/changelog

diff --git a/debian/changelog b/debian/changelog
index 99ad23d53..1e287264c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,40 @@
-ikiwiki (3.20140912) UNRELEASED; urgency=medium
+ikiwiki (3.20141016) UNRELEASED; urgency=medium
+
+  [ Joey Hess ]
+  * Fix crash that can occur when only_committed_changes is set and a
+    file is deleted from the underlay.
+
+  [ Simon McVittie ]
+  * core: avoid dangerous use of CGI->param in list context, which led
+    to a security flaw in Bugzilla; as far as we can tell, ikiwiki
+    is not vulnerable to a similar attack, but it's best to be safe
+  * core: new reverse_proxy option prevents ikiwiki from trying to detect
+    how to make self-referential URLs by using the CGI environment variables,
+    for instance when it's deployed behind a HTTP reverse proxy
+    (Closes: #745759)
+  * core: the default User-Agent is now "ikiwiki/$version" to work around
+    ModSecurity rules assuming that only malware uses libwww-perl
+  * core: use protocol-relative URLs (e.g. //www.example.com/wiki) so that
+    https stays on https and http stays on http, particularly if the
+    html5 option is enabled
+  * core: avoid mixed content when a https cgiurl links to http static pages
+    on the same server (the static pages are assumed to be accessible via
+    https too)
+  * core: force the correct top URL in w3mmode
+  * google plugin: Use search form
+  * docwiki: replace Paypal and Flattr buttons with text links
+  * comments: don't record the IP address in the wiki if the user is
+    logged in via passwordauth or httpauth
+  * templates: add ARIA roles to some page elements, if html5 is enabled.
+    Thanks, Patrick
+  * debian: build-depend on libmagickcore-6.q16-2-extra | libmagickcore-extra
+    so we can thumbnail SVGs in the docwiki
+  * debian: explicitly depend and build-depend on libcgi-pm-perl
+  * debian: drop unused python-support dependency
+
+ -- Simon McVittie <smcv@debian.org>  Tue, 16 Sep 2014 11:21:16 +0100
+
+ikiwiki (3.20140916) unstable; urgency=low
 
   * Don't double-decode CGI submissions with Encode.pm >= 2.53,
     fixing "Error: Cannot decode string with wide characters".
@@ -30,6 +66,7 @@ ikiwiki (3.20140912) UNRELEASED; urgency=medium
     going to be committed. Closes: #611068
   * Add [[!templatebody]] directive so template pages don't have to be
     simultaneously a valid template and valid HTML
+  * Add myself to Uploaders and release to Debian
 
  -- Simon McVittie <smcv@debian.org>  Fri, 12 Sep 2014 21:23:58 +0100