]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/commit
projects / git.ikiwiki.info.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: aac7073) | patch
img: restrict to JPEG, PNG and GIF images by default
authorSimon McVittie <smcv@debian.org>
Wed, 4 May 2016 07:54:19 +0000 (08:54 +0100)
committerSimon McVittie <smcv@debian.org>
Thu, 5 May 2016 22:44:31 +0000 (23:44 +0100)
commit1ef40ff68370aba85e9816221675a8edd7a308f5
tree69a0c95550fe229ee2a00c13fe73fbfa71d88213tree | snapshot
parentaac7073799bfa9aaa4f8beec3cc37b7ad6a48ca9commit | diff
img: restrict to JPEG, PNG and GIF images by default

This mitigates CVE-2016-3714. Wiki administrators who know that they
have prevented arbitrary code execution via other formats can re-enable
the other formats if desired.
IkiWiki/Plugin/img.pm diff | blob | history
t/img.t diff | blob | history
t/img/redsquare.jpg [new file with mode: 0644] blob
Unnamed repository; edit this file 'description' to name the repository.