X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/6263c7c36c662b7292f20f38a2d491e15524faff..c10611ed4e0ff0ebb77b00ff06f9b496c701546b:/debian/changelog diff --git a/debian/changelog b/debian/changelog index 421880931..cacb65aed 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,282 @@ -ikiwiki (2.41) UNRELEASED; urgency=low +ikiwiki (2.53.4) stable-security; urgency=high + + * teximg: Replace the insufficient blacklist with the built-in security + mechanisms of TeX. + * img: Don't generate new verison of image if it is scaled to be + larger in either dimension. + + -- Joey Hess Fri, 28 Aug 2009 23:42:51 -0400 + +ikiwiki (2.53.3) testing-proposed-updates; urgency=low + + * Avoid crash on malformed utf-8 discovered by intrigeri. + * orphans: Fix unquoted page name in regexp. + + -- Joey Hess Thu, 09 Oct 2008 19:12:18 -0400 + +ikiwiki (2.53.2) testing-proposed-updates; urgency=low + + * Fix bad patch backport that broke generation of rss/atom feeds. Closes: #498224 + + -- Joey Hess Mon, 08 Sep 2008 11:40:27 -0400 + +ikiwiki (2.53.1) testing-proposed-updates; urgency=low + + * Backported all relevant bug fixes from mainline to debian testing. + * ikiwiki-transition: Fix command-line processing so the prefix_directives + transition works again. + * Fixes creation of pages when clicking on WikiLinks starting with "/". + * Change deb dependencies to list Text::Markdown before markdown, since + the former, while slower, has a much better html parser that avoids + numerous bugs. + * smileys: Some fixes for escaped smileys. + * smileys: Note that smileys need to be double-escaped for the escaping to + work. Markdown removes one level of escaping. + * Add a postscan hook. + * search: Use postscan hook, avoid updating index when previewing. + * search: Fixes for title stemming, and use better term for tags. + (Gabriel McManus) + (Rebuilding the wiki on upgrade to this version is recommended if you + use the search plugin.) + * meta: fix title() PageSpec (DOS). Closes: #497444 + * Really fix bug with links to pages with names containing colons. + Previous fix mised a few cases. + * toggle: Fix incompatability between javascript and webkit. + * toggle: Fix for when html got tidied. Closes: #492529 (Enrico Zini) + * inline: Ignore parent dirs when sorting pages by title. + * external: Fix support for hooks called in an array context. + * edittemplate: Don't wipe out edits on preview. + * map: The fix for #449285 was buggy and broke display of parents in certian + circumstances. + * Work around perl $_ scoping nonsense that caused breakage when loading + external plugins. + + -- Joey Hess Fri, 05 Sep 2008 20:55:53 -0400 + +ikiwiki (2.53) unstable; urgency=low + + * search: generate configuration files once only when rebuilding + (Gabriel McManus) + * attachment: Fix an uninitialised value warning when editing a page + that currently has no attachments. + * Fix a bug with links to pages whose names contained colons. + * attachment: Support old versions of CGI.pm that lack an upload method. + * Include ikiwiki.setup in examples in the debian package. + * attachment: Support perl 5.8's buggy version of CGI.pm. + * otl: Support utf-8 files. (Recai Oktaş) + + -- Joey Hess Wed, 09 Jul 2008 16:45:33 -0400 + +ikiwiki (2.52) unstable; urgency=low + + * attachment: New plugin for uploading and managing attachments. + This includes a fairly powerful PageSpec based admin pref for deciding + whether to accept a given upload, and an attachment management interface + on the edit page. + (Sponsored by The TOVA Company.) + * If attachments are not enabled, configure CGI.pm to disable file + uploads by default. (An anti-DOS measure.) + * toggle: Add support for toggles that are open by default. + * toggle: Fix to work in preview mode. + * toggle: Add javascript to top of page, not to end. This avoids flicker + since closed toggles will not be displayed as the page is loading. + * The editpage form now uses the raw page name, not the page title, in its + 'page' cgi parameter. Using the title was ambiguous and made it + impossible to tell between some pages, like "foo/bar" and "foo__47__bar", + sometimes causing the wrong page to be edited. + * This change means that some edit links need to be updated. + Force a rebuild on upgrade to this version. + * Above change also allowed really fixing escaped slashes from the blogpost + form. + + -- Joey Hess Sun, 06 Jul 2008 19:15:37 -0400 + +ikiwiki (2.51) unstable; urgency=low + + * Improve toplevel parentlink to link directly to index.html when usedirs is + disabled. + * map: Add a "show" parameter. "show=title" can be used to display page + titles, rather than the default page name. Based on a patch from + Jaldhar H. Vyas, Closes: #484510 + * hnb: New plugin, contributed by Axel Beckert. + * meta: Store "description" in pagestate for use by other plugins. + * map: Support show=description. + * textile: The Text::Textile perl module has some regexps that fail if + input is flagged as utf-8, but contains invalid characters such as 0x92. + To prevent it from crashing, re-encode the content before calling it, + which will ensure that it's really utf-8. + * Version the suggests of xapian-omega to a version known to be new enough + to work with ikiwiki. Reportedly, version 0.9.9 is too old to work. + Closes: #486592 + * creole: New plugin from Bernd Zeimetz. Closes: #486930 + * aggregate: Add template parameter. + * Add support for the universal edit button + (To get this on all pages of an exiting wiki, rebuild the wiki.) + * txt: New plugin, contributed by Gabriel McManus. + * smiley: Generate links relative to the destpage. (Fixes a reversion from + 2.41.) + * toc: Revert change in 2.45 that made it run at sanitize time. That broke + use of toc in a sidebar. + * Call format hooks when generating page previews, thus fixing toc display + there, as well as fixing inlins to again display in page previews, since + it's started using format hooks. This also allows several other things, + like embed, that use format hooks, to work during page preview time. + * Format hooks should not rely on getting an entire html document, as they + will only get the body during page preview. + * toggle: Deal with preview mode when adding javascript. + + -- Joey Hess Sun, 29 Jun 2008 14:09:37 -0400 + +ikiwiki (2.50) unstable; urgency=low + + * img: Support captions. + * img: Don't generate empty title attributes, etc. + * img: Allow setting defaults for class and id too. + * ikiwiki-mass-rebuild: Make group list comparison more robust. + * search: Work around xapian bug #486138 by only stemming locales + in a whitelist. + + -- Joey Hess Fri, 13 Jun 2008 15:17:30 -0400 + +ikiwiki (2.49) unstable; urgency=low + + * haiku: Generate valid xhtml. + * ikiwiki-mass-rebuild: Don't trust $! when setting $) + * inline: The optimisation in 2.41 broke nested inlines. Detect those + and avoid overoptimising. + * search: Converted to use xapian-omega. + * Filter hooks are no longer called during the scan phase. This will + prevent wikilinks added by filters from being scanned properly. But + no known filter hook does that, so let's not waste time on it. + * Pass a destpage parameter to the sanitize hook. + * The search interface now allows searching for a page by title + ("title:foo"), as well as for pages that contain a given link + ("link:bar"). + + -- Joey Hess Sat, 07 Jun 2008 15:22:41 -0400 + +ikiwiki (2.48) unstable; urgency=high + + * Fix security hole that occurred if openid and passwordauth were both + enabled. passwordauth would allow logging in as a known openid, with an + empty password. Closes: #483770 (CVE-2008-0169) + * Add rel=nofollow to edit links. This may prevent some spiders from + pounding on the cgi following edit links. + * passwordauth: If Authen::Passphrase is installed, use it to store + password hashes, crypted with Eksblowfish. + * `ikiwiki-transiition hashpassword /path/to/srcdir` can be used to + hash existing plaintext passwords. + * Passwords will no longer be mailed, but instead a password reset link. + * The password_cost config setting is provided as a "more security" knob. + * teximg: Fix logurl. + * teximg: If the log isn't written, avoid ugly error messages. + * Updated French translation. Closes: #478530 + + -- Joey Hess Fri, 30 May 2008 17:36:07 -0400 + +ikiwiki (2.47) unstable; urgency=low + + * mdwn: Add a multimarkdown setup file option. + * If PERL5LIB is set to the libdir when building ikiwiki, calculate and + hardcode a proper 'use lib' statement anyway. This fixes a gotcha, + since PERL5LIB won't work once ikiwiki is running via a wrapper or as + a cgi. + * orphans: As a special case, the toplevel index page is never considered + an orphaned page. + * inline: Display a message if the 'pages' parameter is missing, before + it just expanded to nothing. + * git: Skip over signed-off-by and similar lines in commit messages + when generating recentchanges. + * ENV can be used in the setup file to override environment variable + settings, such as TZ or PATH. + * Perls older than 5.10 need to use the old method of decoding utf-8 in CGI + values. Neither method will work for all versions of perl, so check + version number at runtime. + * Avoid unsightly warning message when evaling broken pagespecs. + * Improve error message when a pagespec fails to parse. + + -- Joey Hess Sun, 25 May 2008 14:25:42 -0400 + +ikiwiki (2.46) unstable; urgency=low + + * amazon_s3: New plugin, which injects wiki pages into Amazon S3, allowing + ikiwiki to be used without a dedicated web server. + * aggregate: Add support for web-based triggering of aggregation + for people stuck on shared hosting without cron. (Sheesh.) Enabled + via the `aggregate_webtrigger` configuration optiom. + * Add pinger and pingee plugins, which allow setting up mirrors and branched + wikis that automatically ping one another to stay up to date. + * Optimised file statting code when scanning for modified pages; + cut the number of system calls in half. (Still room for improvement.) + * Fixes for behavior changes in perl 5.10's CGI that broke utf-8 support + in several interesting ways. + + -- Joey Hess Mon, 12 May 2008 20:51:50 -0400 + +ikiwiki (2.45) unstable; urgency=low + + * toc: Add the table of contents at sanitize time, rather than at format + time. This allows the toc to be displayed when previewing an edit. It also + avoids headers in the page template from showing up in the toc. + * Add PREFIX/bin to the hardcoded PATH within ikiwiki. + * Deal with different paths to perl when removing -T flag. + * Add missing de.po. Closes: #471540 + * img: Support a title attribute, will be passed through to html. + Closes: #478718 + * anonk: Add anonok_pagespec configuration setting that can be used to + allow anonymous users to edit only matching pages. Closes: #478892 + * Fix ugly display when editing a page that has vanished. + * srcfile now has an optional second parameter to avoid it throwing an error + if the source file does not exist. + * git: Put -- before the filename when calling git rev-list to avoid + warning message when the file doesn't exist. + * Add a Bundle::IkiWiki and Bundle::IkiWiki::Extras to the source for use + with CPAN to install perl modules. + * Add a cpan directory containing a CPAN::MyConfig that can ease use of + CPAN to install in a home directory on shared hosting providers. + * With these changes, it's pretty easy to install onto nearlyfreespeech.net + and probably other shared hosting providers like dreamhost. Added + a page documenting the process for nearlyfreespeech. + + -- Joey Hess Mon, 05 May 2008 15:06:05 -0400 + +ikiwiki (2.44) unstable; urgency=medium + + * Bring back the svnrepo setup file option. This is needed for + recentchangediff to work with svn repos. + * Allow libtext-markdown-perl to satisfy dependencies, as a + an alternative to the markdown package. + * Correct a bug in pagespec matching, where a empty pagespec matched all + pages. This manifested as wikis with no locked pages treating them all as + locked. The bug was introduced in version 2.41. + * Medium urgency upload due to above fix. + + -- Joey Hess Thu, 17 Apr 2008 14:33:54 -0400 + +ikiwiki (2.43) unstable; urgency=low + + * Fix missing import of escapeHTML in userlink. (Scott Bronson) + * Fix broken rcs_update for bzr. (Scott Bronson) + * Use bzr --quiet to avoid it outputting stuff and messing up http headers. + (Scott Bronson) + * Give the full path to the hyperestraier helpfile in estseek.conf. + * Recommend a recent git-core for git init. Closes: 475609 + + -- Joey Hess Wed, 16 Apr 2008 18:35:13 -0400 + +ikiwiki (2.42) unstable; urgency=high + + * aggregate: Correct a mistake in the code that dummy up a guid for feeds + lacking one. + * inline: Correct handling of urls relative to baseurl in feeds. + * Fix CSRF attacks against the preferences and edit forms. The fix involved + embedding the session id in the forms, and not allowing the forms to be + submitted if the embedded id does not match the session id. Closes: #475445 + (CVE-2008-0165) + + -- Joey Hess Thu, 03 Apr 2008 02:35:39 -0400 + +ikiwiki (2.41) unstable; urgency=low [ Adeodato Simó ] * Preprocessor directives generated by the shortcut plugin accept a `desc` @@ -15,6 +293,7 @@ ikiwiki (2.41) UNRELEASED; urgency=low patch does. Closes: #470517 * meta: Also generate openid2 headers. * Handle SimpleXMLRPCDispatcher arg count change in python 2.5 + * Provide XML-RPC proxy abstraction for Python plugins. [ Joey Hess ] * Add recentchangesdiff plugin that adds diffs to the recentchanges feeds. @@ -38,8 +317,35 @@ ikiwiki (2.41) UNRELEASED; urgency=low * Use absolute url for feedurl when filling out the feed templates. Closes: #470530 * Fix expiry of old recentchanges changeset pages. - - -- martin f. krafft Sun, 02 Mar 2008 17:46:38 +0100 + * French translation update. Closes: #471010 + * external: Fix support of XML::RPC::fault. + * htmltidy: Pass --markup yes, in case tidy's config file disabled it. + * external: Add getargv and setargv methods to allow access to ikiwiki's + @ARGV. + * Correct bug in encoding of %pagestate keys, fixes edittemplate. + * Detect invalid pagespecs and do not merge them in add_depends, + as that can result in a broken merged pagespec that matches nothing. + * Record new pages in %pagesources temporarily when previewing so that + things that need to know the page source or type can query it from there. + Fixes previewing of tables when creating a new page. + * German translation update. Closes: #471540 + * Time::Duration is no longer used, remove from docs and recommends. + * Store userinfo in network byte order for easy portability. + (Old files will be automatically converted.) + * Close meta tag for redir properly. + * smiley: Detect smileys inside pre and code tags, and do not expand. + * inline: Crazy optimisation to work around slow markdown. + * Precompile pagespecs, about 10% overall speedup. + * Changed to a binary index file, written using Storable, for speed. + * external: Work around XML RPC's lack of support for null by passing + a special sentinal value. + * inline: Allow the "feedshow" parameter to take values greater than the + value for "show". + * Added a hardlink option in the setup file, useful if the source and + dest are on the same filesystem and the wiki includes large media files, + which would normally be copied, wasting time and space. + + -- Joey Hess Sat, 29 Mar 2008 21:07:22 -0400 ikiwiki (2.40) unstable; urgency=low