X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/f1228946bd62b7b4528bccabe91f836a16912e28..bdbbca09c3a18510429934ffbad846ae64d7edce:/debian/changelog?ds=inline diff --git a/debian/changelog b/debian/changelog index 2b3b756f8..dfc754d65 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,7 +1,560 @@ -ikiwiki (2.44) UNRELEASED; urgency=low +ikiwiki (2.68) UNRELEASED; urgency=low + + * Add an underlay for javascript, and add ikiwiki.js containing some utility + code. + * toggle: Stop embedding the full toggle code on each page using it, and + move it to toggle.js in the javascript underlay. + * relativedate: New javascript-alicious plugin that makes all dates display + relative, in a very nice way, if I say so myself. + * recentchanges: Make feed links point back to anchors on the recentchanges + page. (JasonBlevins) + * Updated French translation. Closes: #502694 + * Plugins that used to override displaytime should instead override + formattime. displaytime will call that, and may wrap markup around the + formatted time. + * Fix issue with utf-8 in wikiname breaking session cookies, by + entity-encoding the wikiname in the session cookie. + * Use the pure perl Data::Dumper when generating setup files to ensure that + utf-8 characters are written out as such, and not as the encoded perl + strings the C Data::Dumper produces. + * inline: Only the last feed link was put on the page, fix this to include + all feed links. So rss will be included along with atom, and pages with + multiple feeds will get links added for all feeds. + * tag: When tagpage is set, force the links created by tagging to point at + the toplevel tagpage, and not closer subpages. The html links already went + there, but internally the links were not recorded as absolute, which could + cause confusing backlinks etc. + * Add an inject function, that can be used by plugins that want to + replace one of ikiwiki's functions with their own version. + (This is a scary thing that grubs through the symbol table, and replaces + all exported occurances of a function with the injected version.) + * external: RPC functions can be injected to replace exported functions. + * Updated Spanish translation from the ever vigilant Victor Moral. + * Updated Danish translation from Jonas Smedegaard. Closes: #503117 + + -- Joey Hess Fri, 17 Oct 2008 20:11:02 -0400 + +ikiwiki (2.67) unstable; urgency=low + + * remove: Avoid $_ breakage. (Stupid, stupid perl.) + * Updated Spanish translation from Victor Moral. + * lockedit: Support specifying which users (and IP addresses) a page + is locked for. This supports most of the ACL type things users have been + wanting to be done. Closes: #443346 (It does not control who can read a + page, but that's out of scope for ikiwiki.) + * orphans: Fix unquoted page name in regexp. + * google: Plugin provides google site search, contributed by Peter Simons. + * Pass HTTPS variable through the wrapper so that CGI->https can be used + by plugins. Closes: #502047 + * inline: Allow MTIME to be used in inlinepage.tmpl. + * inline: Use the feed's description in the rss and atom links. + Closes: #502113 + * aggregate: Avoid bug that caused immediate expiration of items + with a date in the future. + + -- Joey Hess Fri, 17 Oct 2008 13:13:41 -0400 + +ikiwiki (2.66) unstable; urgency=low + + * recentchanges: Fix redirects to non-page files. + * aggregate: Avoid uninitialized value warnings for pages with no recorded + ctime. + * attachment: Add admin() pagespec to test if the uploading user is a wiki + admin. + * git: Fix handling of utf-8 filenames in recentchanges. + * tag: Make edit link for new tags ensure that the tags are created + inside tagbase, when it's set. + * template: Make edit link for new templates ensure the page is located + under toplevel templates directory. + * htmlscrubber: Add a config setting that can be used to disable the + scrubber acting on a set of pages. + * Expand usage message and add --help. Closes: #500344 + * Beautify urls used in various places. (smcv) + * Export pagetitle, titlepage, linkpage. + * htmltidy: Avoid returning undef if tidy fails. Also avoid returning the + untidied content if tidy crashes. In either case, it seems best to tidy + the content to nothing. + * htmltidy: Avoid spewing tidy errors to stderr. + * Reorganize index file, add a format version field. Upgrades to the new + index format should be transparent. + * Add %wikistate, which is like %pagestate except not specific to a given + page, and is preserved across rebuilds. + * editpage: Be more aggressive (and less buggy) about cleaning up + temporary files rendered during page preview. + * Add an indexpages option, which causes foo/index.mdwn to be the source + for page foo when foo.mdwn doesn't exist. Also, when it's enabled, + creating a new page will save it to foo/index.mdwn by default. + Closes: #474611 + (Sponsored by The TOVA Company.) + * httpauth: Document that ikiwiki.cgi has to be in a directory subject to + authentication. Closes: #500524 + * inline: Fix handling of rootpage that doesn't exist. + * attachment: Support adding attachments to pages even as they are being + created. + * remove, rename: Allow acting on attachments as a page is being created. + * Updated French translation. Closes: #500929 + + -- Joey Hess Sun, 05 Oct 2008 19:11:08 -0400 + +ikiwiki (2.65) unstable; urgency=low + + * aggregate: Expire excess or old items on the same pass that adds them, + not only on subsequent passes. + * editdiff: Broken since 2.62 due to wrong syntax, now fixed. + * aggregate: Support atom feeds with only a summary element, and no content + elements. + * progress: Display an error if the progress cannot be parsed, and allow + the percent parameter to only optionally end with "%". + * Fix reversion in use of ikiwiki -verbose -setup with a setup file that + enables syslog. Setup output is once again output to stdout in this + case. + * edittemplate: Default new page file type to the same type as the template. + (willu) + * edittemplate: Add "silent" parameter. (Willu) + * edittemplate: Link to template, to allow creating it. (Willu) + * editpage: Add a missing check that the page name contains only legal + characters, in addition to the existing check for pruned filenames. + * Print a debug message if a page has multiple source files. + * Add keepextension parameter to htmlize hook. (Willu) + * rename, remove: Don't rely on a form parameter to tell whether the page + should be treated as an attachment. + * rename: Add support for moving SubPages of a page when renaming it. + (Sponsored by The TOVA Company.) + * rename: Hide type field from rename form when renaming attachments. + + -- Joey Hess Wed, 24 Sep 2008 17:55:14 -0400 + +ikiwiki (2.64) unstable; urgency=low + + * Avoid uninitialised value when --dumpsetup is used and no srcdir/destdir + specified. + * ddate: Stop clobbering timeformat when not enabled. + * progress: New plugin to generate progress bars (willu) + * Add allow_symlinks_before_srcdir to config so websetup doesn't eat it. + * img: Support sizes like 200x. Closes: #475149 + * goodstuff: Remove otl plugin from the bundle since it needs a significant + external dependency and is not commonly used. If you use otl, make sure + you explicitly enable it now. + * goodstuff: Add more, progress, and table plugins to the bundle. + * Improve error message if external plugin fails to load. Closes: #498458 + * Directive documentation broken out of the plugin documentation and into + pages suitable to be used as an underlay. Thanks to Willu for doing most + of the tedious work. + * Move the directive documentation into its own underlay, separate from + basewiki, since it's sorta large compared to the rest of basewiki. + * listdirectives: Enable use of the directives underlay. + * Removed the obsolete blog page from the basewiki. ikiwiki/blog still + remains, but is now deprecated too. + * Removed old redirecton pages from basewiki (helponformatting, + markdown, openid, pagespec, preprocessordirective, subpage, wikilink). + * inline: Treat rootpage as a link, so that it can refer to a subpage + without hardcoding the path. + + -- Joey Hess Sun, 14 Sep 2008 16:58:25 -0400 + +ikiwiki (2.63) unstable; urgency=low + + * Set cookies HttpOnly. + * Typo. Closes: #497003 + * Ignore failure to install files into /etc, in case install is running as + non-root. + * Work around perl $_ scoping nonsense that caused breakage when loading + external plugins. + * style.css: Add missing semicolon. Closes: #497176 + * filecheck: Fall back to testing for binary or plain text files + if no mime type is detected. + * table: Support header=column to make the table header be the first + column of the data. (AlexandreDupas) + * For fine control over what characters are allowed, unescaped in + source filenames, the wiki_file_chars setting is added. For example, + set to "-[:alnum:]+/._" to disable colons from being used in source files + (which can cause troubl om Windows). + * po/Makefile: update po files when the pot file has changed. + Closes: #497951 + * editpage: New core plugin factoring out page editing to allow disabling it + if desired. + + -- Joey Hess Mon, 08 Sep 2008 12:17:15 -0400 + +ikiwiki (2.62.1) unstable; urgency=low + + * filecheck: Fixed two bits broken in move from attachment. + + -- Joey Hess Thu, 28 Aug 2008 13:04:47 -0400 + +ikiwiki (2.62) unstable; urgency=low + + * Avoid using cp -a (again). (HenrikBrixAndersen) + * Avoid using hostname -f for portability to eg, OS X, use Net::Domain + instead, and prompt if it fails. + * Fix bug in wikiname sanitisation in the setup automator. + * ikiwiki-makerepo: Added support for monotone. (Thomas Keller) + * map: The fix for #449285 was buggy and broke display of parents in certain + circumstances. + * teximg: The prefix is configurable, and has changed to not include the + nonstandard mhchem by default. (willu) + * teximg: dvipng is used if available to render images. Its output is + antialiased and better than dvips. If not available, the old dvips+convert + chain will be used. (willu) + * Drop suggests on texlive-science, add suggests on dvipng. + * listdirectives: New plugin. (willu) + * filecheck: New plugin factoring out the PageSpec additions that were + originally part of the attachment plugin. + * edittemplate: Don't wipe out edits on preview. + * color: New plugin from ptecza. + * autoindex: Avoid re-adding previously deleted (or renamed) pages. + + -- Joey Hess Wed, 27 Aug 2008 15:14:09 -0400 + +ikiwiki (2.61) unstable; urgency=low + + * poll: Fix typo that broke plugin. + * graphviz: Fix breakage of the name of the preprocessor directive. + + -- Joey Hess Thu, 14 Aug 2008 18:13:22 -0400 + +ikiwiki (2.60) unstable; urgency=low + + [ Joey Hess ] + * Starting with this version, "ikiwiki -setup /etc/ikiwiki/auto.setup" + can be used create a new wiki in seconds. + * websetup: New plugin providing a setup form on the web. + * ikiwiki --dumpsetup can generate a nice setup file snapshotting ikiwiki's + current configuration. + * The way wrappers are defined in the setup file has changed. Old setup + files will continue to work, for now. + * ikiwiki-transition setupformat can be used to convert a setup file to the + new format. + * Version control backends promoted to first-class plugins. + * ikiwiki-update-wikilist: Add -r switch to remove. Default behavior is now + always to add. + * Start moving admin preferences from the web interface to the setup file. + * Add getsetup hook, all plugins should use it to record information about + themselves and any fields they add to %config + * Large amounts of internal config data reorg. + * ikiwiki-makerepo: Bail if both srcdir and repository are not specified. + Closes: #493628 + * Clarify some wording in the setup documentation that could maybe lead + users to putting paths with "~/" in the setup file, which doesn't work. + Closes: #493835 + * autoindex: Ignore internal pages, and take underlay directories into + account. Also, avoid making index pages for directories that contain + no files. + * external: Fix support for hooks called in an array context. + * Options set in the setup file are now immediatly loaded by ikiwiki -setup. + This allows later switches to override them. Previously, setup file + options overrode most command line options. + * Added a small icon to the search input box. + + [ Josh Triplett ] + * Add Suggests on texlive and texlive-science for the teximg plugin + + [ Joey Hess ] + * inline: Ignore parent dirs when sorting pages by title. + * rename: Support changing page extensions. (willu) + * Danish update. Closes: #494632 + + -- Joey Hess Tue, 12 Aug 2008 14:20:25 -0400 + +ikiwiki (2.56) unstable; urgency=low + + * autoindex: New plugin that generates missing index pages. + (Sponsored by The TOVA Company.) + * Escape HTML is rss and atom feeds instead of respectively using CDATA and + treating it as XHTML. This avoids problems with escaping the end of the + CDATA when the htmlscrubber is not used, and it avoids problems with atom + XHTML using named entity references that are not in the atom DTD. + (Simon McVittie) + * Add test for old versions of git that don't support --cleanup=verbatim, + and munge empty commit messages. + + -- Joey Hess Thu, 31 Jul 2008 19:25:24 -0400 + +ikiwiki (2.55) unstable; urgency=low + + * remove: New plugin that adds the ability to remove pages via the web. + (Sponsored by The TOVA Company.) + * rename: New plugin that adds the ability to rename pages via the web. + (Sponsored by The TOVA Company.) (This one's for you, Kyle.) + * All rcs backends need to implement rcs_remove, rcs_commitstaged, + and rcs_rename. (Done for svn, git). + * This version adds renamepage hooks, which can be used to modify page + content, including links, during renames. + * prefix_directives enabled in doc wiki, all preprocessor directives + converted. (Simon McVittie) + * editpage: Don't show attachments link when attachments are disabled. + * tag: Allow tagbase to be overridden by starting a tag with "./" or "/". + (Simon McVittie) + * Really fix bug with links to pages with names containing colons. + Previous fix mised a few cases. + * Avoid troublesome abs_path calls in wrapper setup. + * Add allow_symlinks_before_srcdir config setting that can be used to avoid + a security check that is a good safe default, but problimatic overkill in + some situations. + * Don't allow uploading an attachment with the same name as an existing + page, to avoid confusion. + * Split out error messages from editpage.tmpl into several separate + templates. + * attachment: Do not escape _ when determining attachment filenames. + * Rebuild pages that change their type. (Gabriel McManus) + * monotone: Add support for rename, delete, and also diff. (William Uther) + * toggle: Fix incompatability between javascript and webkit. + * bzr: Add support for rename and delete. (Jelmer Vernooij) + * attachment: Use relative paths when inserting links. + * toggle: Fix for when html got tidied. Closes: #492529 (Enrico Zini) + * cutpaste: New plugin by Enrico Zini + + -- Joey Hess Sun, 27 Jul 2008 11:23:13 -0400 + +ikiwiki (2.54) unstable; urgency=low + + [ Joey Hess ] + * Make it possible to load setup files w/o running them. Code + needing to do so can call IkiWiki::Setup::load, which will return + a hash of values. + + [ Josh Triplett ] + * ikiwiki-transition: Fix command-line processing so the prefix_directives + transition works again. + + [ Joey Hess ] + * template: Add support for a BASENAME variable. + * Fixes creation of pages when clicking on WikiLinks starting with "/". + * Change deb dependencies to list Text::Markdown before markdown, since + the former, while slower, has a much better html parser that avoids + numerous bugs. + * Move yesno function out of inline and into IkiWiki core, not exported. + * Error handling improvement for preprocess hooks. It's now safe to call + error() from such hooks; it will cause a nicely formatted error message + to be inserted into the page. + * Cut the size of the binary package in half by excluding pages for bugs + and todo items from the html shipped in it. + * parentlinks: New plugin, split out of ikiwiki core and enabled by default, + and several new fields added to allow for advanced styling. (intrigeri) + * smileys: Some fixes for escaped smileys. + * smileys: Note that smileys need to be double-escaped for the escaping to + work. Markdown removes one level of escaping. + * Add a postscan hook. + * search: Use postscan hook, avoid updating index when previewing. + * git: Put web committer name/openid/address in the git author field. + The committer's email address is not used (because leaking email addresses + is not liked by many users). Closes: #451023 + * git: Fix parsing of git logs with no commit messages at all. + * search: Fixes for title stemming, and use better term for tags. + (Gabriel McManus) + (Rebuilding the wiki on upgrade to this version is recommended if you + use the search plugin.) + + [ Simon McVittie ] + * meta, inline: Support guid options, to allow forcing a particular url or + uuid in feeds. + * meta: fix title() PageSpec + * Some footer style changes. + * aggregate: Add an `aggregateinternal` option, which allows storing + aggregated data to internal-use files, rather than wiki pages. This + can save disk space, and be faster. + * ikiwiki-transition: Add a `aggregateinternal` transition to rename + the aggregated files. + + -- Joey Hess Mon, 21 Jul 2008 10:10:52 -0400 + +ikiwiki (2.53) unstable; urgency=low + + * search: generate configuration files once only when rebuilding + (Gabriel McManus) + * attachment: Fix an uninitialised value warning when editing a page + that currently has no attachments. + * Fix a bug with links to pages whose names contained colons. + * attachment: Support old versions of CGI.pm that lack an upload method. + * Include ikiwiki.setup in examples in the debian package. + * attachment: Support perl 5.8's buggy version of CGI.pm. + * otl: Support utf-8 files. (Recai Oktaş) + + -- Joey Hess Wed, 09 Jul 2008 16:45:33 -0400 + +ikiwiki (2.52) unstable; urgency=low + + * attachment: New plugin for uploading and managing attachments. + This includes a fairly powerful PageSpec based admin pref for deciding + whether to accept a given upload, and an attachment management interface + on the edit page. + (Sponsored by The TOVA Company.) + * If attachments are not enabled, configure CGI.pm to disable file + uploads by default. (An anti-DOS measure.) + * toggle: Add support for toggles that are open by default. + * toggle: Fix to work in preview mode. + * toggle: Add javascript to top of page, not to end. This avoids flicker + since closed toggles will not be displayed as the page is loading. + * The editpage form now uses the raw page name, not the page title, in its + 'page' cgi parameter. Using the title was ambiguous and made it + impossible to tell between some pages, like "foo/bar" and "foo__47__bar", + sometimes causing the wrong page to be edited. + * This change means that some edit links need to be updated. + Force a rebuild on upgrade to this version. + * Above change also allowed really fixing escaped slashes from the blogpost + form. + + -- Joey Hess Sun, 06 Jul 2008 19:15:37 -0400 + +ikiwiki (2.51) unstable; urgency=low + + * Improve toplevel parentlink to link directly to index.html when usedirs is + disabled. + * map: Add a "show" parameter. "show=title" can be used to display page + titles, rather than the default page name. Based on a patch from + Jaldhar H. Vyas, Closes: #484510 + * hnb: New plugin, contributed by Axel Beckert. + * meta: Store "description" in pagestate for use by other plugins. + * map: Support show=description. + * textile: The Text::Textile perl module has some regexps that fail if + input is flagged as utf-8, but contains invalid characters such as 0x92. + To prevent it from crashing, re-encode the content before calling it, + which will ensure that it's really utf-8. + * Version the suggests of xapian-omega to a version known to be new enough + to work with ikiwiki. Reportedly, version 0.9.9 is too old to work. + Closes: #486592 + * creole: New plugin from Bernd Zeimetz. Closes: #486930 + * aggregate: Add template parameter. + * Add support for the universal edit button + (To get this on all pages of an exiting wiki, rebuild the wiki.) + * txt: New plugin, contributed by Gabriel McManus. + * smiley: Generate links relative to the destpage. (Fixes a reversion from + 2.41.) + * toc: Revert change in 2.45 that made it run at sanitize time. That broke + use of toc in a sidebar. + * Call format hooks when generating page previews, thus fixing toc display + there, as well as fixing inlins to again display in page previews, since + it's started using format hooks. This also allows several other things, + like embed, that use format hooks, to work during page preview time. + * Format hooks should not rely on getting an entire html document, as they + will only get the body during page preview. + * toggle: Deal with preview mode when adding javascript. + + -- Joey Hess Sun, 29 Jun 2008 14:09:37 -0400 + +ikiwiki (2.50) unstable; urgency=low + + * img: Support captions. + * img: Don't generate empty title attributes, etc. + * img: Allow setting defaults for class and id too. + * ikiwiki-mass-rebuild: Make group list comparison more robust. + * search: Work around xapian bug #486138 by only stemming locales + in a whitelist. + + -- Joey Hess Fri, 13 Jun 2008 15:17:30 -0400 + +ikiwiki (2.49) unstable; urgency=low + + * haiku: Generate valid xhtml. + * ikiwiki-mass-rebuild: Don't trust $! when setting $) + * inline: The optimisation in 2.41 broke nested inlines. Detect those + and avoid overoptimising. + * search: Converted to use xapian-omega. + * Filter hooks are no longer called during the scan phase. This will + prevent wikilinks added by filters from being scanned properly. But + no known filter hook does that, so let's not waste time on it. + * Pass a destpage parameter to the sanitize hook. + * The search interface now allows searching for a page by title + ("title:foo"), as well as for pages that contain a given link + ("link:bar"). + + -- Joey Hess Sat, 07 Jun 2008 15:22:41 -0400 + +ikiwiki (2.48) unstable; urgency=high + + * Fix security hole that occurred if openid and passwordauth were both + enabled. passwordauth would allow logging in as a known openid, with an + empty password. Closes: #483770 (CVE-2008-0169) + * Add rel=nofollow to edit links. This may prevent some spiders from + pounding on the cgi following edit links. + * passwordauth: If Authen::Passphrase is installed, use it to store + password hashes, crypted with Eksblowfish. + * `ikiwiki-transition hashpassword /path/to/srcdir` can be used to + hash existing plaintext passwords. + * Passwords will no longer be mailed, but instead a password reset link. + * The password_cost config setting is provided as a "more security" knob. + * teximg: Fix logurl. + * teximg: If the log isn't written, avoid ugly error messages. + * Updated French translation. Closes: #478530 + + -- Joey Hess Fri, 30 May 2008 17:36:07 -0400 + +ikiwiki (2.47) unstable; urgency=low + + * mdwn: Add a multimarkdown setup file option. + * If PERL5LIB is set to the libdir when building ikiwiki, calculate and + hardcode a proper 'use lib' statement anyway. This fixes a gotcha, + since PERL5LIB won't work once ikiwiki is running via a wrapper or as + a cgi. + * orphans: As a special case, the toplevel index page is never considered + an orphaned page. + * inline: Display a message if the 'pages' parameter is missing, before + it just expanded to nothing. + * git: Skip over signed-off-by and similar lines in commit messages + when generating recentchanges. + * ENV can be used in the setup file to override environment variable + settings, such as TZ or PATH. + * Perls older than 5.10 need to use the old method of decoding utf-8 in CGI + values. Neither method will work for all versions of perl, so check + version number at runtime. + * Avoid unsightly warning message when evaling broken pagespecs. + * Improve error message when a pagespec fails to parse. + + -- Joey Hess Sun, 25 May 2008 14:25:42 -0400 + +ikiwiki (2.46) unstable; urgency=low + + * amazon_s3: New plugin, which injects wiki pages into Amazon S3, allowing + ikiwiki to be used without a dedicated web server. + * aggregate: Add support for web-based triggering of aggregation + for people stuck on shared hosting without cron. (Sheesh.) Enabled + via the `aggregate_webtrigger` configuration optiom. + * Add pinger and pingee plugins, which allow setting up mirrors and branched + wikis that automatically ping one another to stay up to date. + * Optimised file statting code when scanning for modified pages; + cut the number of system calls in half. (Still room for improvement.) + * Fixes for behavior changes in perl 5.10's CGI that broke utf-8 support + in several interesting ways. + + -- Joey Hess Mon, 12 May 2008 20:51:50 -0400 + +ikiwiki (2.45) unstable; urgency=low + + * toc: Add the table of contents at sanitize time, rather than at format + time. This allows the toc to be displayed when previewing an edit. It also + avoids headers in the page template from showing up in the toc. + * Add PREFIX/bin to the hardcoded PATH within ikiwiki. + * Deal with different paths to perl when removing -T flag. + * Add missing de.po. Closes: #471540 + * img: Support a title attribute, will be passed through to html. + Closes: #478718 + * anonk: Add anonok_pagespec configuration setting that can be used to + allow anonymous users to edit only matching pages. Closes: #478892 + * Fix ugly display when editing a page that has vanished. + * srcfile now has an optional second parameter to avoid it throwing an error + if the source file does not exist. + * git: Put -- before the filename when calling git rev-list to avoid + warning message when the file doesn't exist. + * Add a Bundle::IkiWiki and Bundle::IkiWiki::Extras to the source for use + with CPAN to install perl modules. + * Add a cpan directory containing a CPAN::MyConfig that can ease use of + CPAN to install in a home directory on shared hosting providers. + * With these changes, it's pretty easy to install onto nearlyfreespeech.net + and probably other shared hosting providers like dreamhost. Added + a page documenting the process for nearlyfreespeech. + + -- Joey Hess Mon, 05 May 2008 15:06:05 -0400 + +ikiwiki (2.44) unstable; urgency=medium * Bring back the svnrepo setup file option. This is needed for recentchangediff to work with svn repos. + * Allow libtext-markdown-perl to satisfy dependencies, as a + an alternative to the markdown package. + * Correct a bug in pagespec matching, where a empty pagespec matched all + pages. This manifested as wikis with no locked pages treating them all as + locked. The bug was introduced in version 2.41. + * Medium urgency upload due to above fix. -- Joey Hess Thu, 17 Apr 2008 14:33:54 -0400 @@ -24,6 +577,7 @@ ikiwiki (2.42) unstable; urgency=high * Fix CSRF attacks against the preferences and edit forms. The fix involved embedding the session id in the forms, and not allowing the forms to be submitted if the embedded id does not match the session id. Closes: #475445 + (CVE-2008-0165) -- Joey Hess Thu, 03 Apr 2008 02:35:39 -0400