X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/de8c34df59891dd06bb79777536bc9a92f919b0a..e56dd17bcf7408ade4897fb2cbcce94fb051a2ef:/debian/changelog

diff --git a/debian/changelog b/debian/changelog
index eed7940fe..bcf3c9ac5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,7 +1,44 @@
-ikiwiki (2.42) UNRELEASED; urgency=low
+ikiwiki (2.45) UNRELEASED; urgency=low
+
+  * toc: Add the table of contents at sanitize time, rather than at format
+    time. This allows the toc to be displayed when previewing an edit. It also
+    avoids headers in the page template from showing up in the toc.
+
+ -- Joey Hess <joeyh@debian.org>  Sat, 26 Apr 2008 15:09:36 -0400
+
+ikiwiki (2.44) unstable; urgency=medium
+
+  * Bring back the svnrepo setup file option. This is needed for
+    recentchangediff to work with svn repos.
+  * Allow libtext-markdown-perl to satisfy dependencies, as a
+    an alternative to the markdown package.
+  * Correct a bug in pagespec matching, where a empty pagespec matched all
+    pages. This manifested as wikis with no locked pages treating them all as
+    locked. The bug was introduced in version 2.41.
+  * Medium urgency upload due to above fix.
+
+ -- Joey Hess <joeyh@debian.org>  Thu, 17 Apr 2008 14:33:54 -0400
+
+ikiwiki (2.43) unstable; urgency=low
+
+  * Fix missing import of escapeHTML in userlink. (Scott Bronson)
+  * Fix broken rcs_update for bzr. (Scott Bronson)
+  * Use bzr --quiet to avoid it outputting stuff and messing up http headers.
+    (Scott Bronson)
+  * Give the full path to the hyperestraier helpfile in estseek.conf.
+  * Recommend a recent git-core for git init. Closes: 475609
+
+ -- Joey Hess <joeyh@debian.org>  Wed, 16 Apr 2008 18:35:13 -0400
+
+ikiwiki (2.42) unstable; urgency=high
 
   * aggregate: Correct a mistake in the code that dummy up a guid for feeds
     lacking one.
+  * inline: Correct handling of urls relative to baseurl in feeds.
+  * Fix CSRF attacks against the preferences and edit forms. The fix involved
+    embedding the session id in the forms, and not allowing the forms to be
+    submitted if the embedded id does not match the session id. Closes: #475445
+    (CVE-2008-0165)
 
  -- Joey Hess <joeyh@debian.org>  Thu, 03 Apr 2008 02:35:39 -0400