]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/commit
projects / git.ikiwiki.info.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 54a9f8d) | patch
img: restrict to JPEG, PNG and GIF images by default
authorSimon McVittie <smcv@debian.org>
Wed, 4 May 2016 07:54:19 +0000 (08:54 +0100)
committerSimon McVittie <smcv@debian.org>
Thu, 5 May 2016 22:43:50 +0000 (23:43 +0100)
commit545a7bbbf07dd2375a96eae09f9abd6329a919e5
tree87d4952a8d68b4d65a05b4ee6681a088d7cf9519tree | snapshot
parent54a9f8d07de3bf853a74c34ca98bcb3ec9bc8ac7commit | diff
img: restrict to JPEG, PNG and GIF images by default

This mitigates CVE-2016-3714. Wiki administrators who know that they
have prevented arbitrary code execution via other formats can re-enable
the other formats if desired.
IkiWiki/Plugin/img.pm diff | blob | history
t/img.t diff | blob | history
t/img/redsquare.jpg [new file with mode: 0644] blob
Unnamed repository; edit this file 'description' to name the repository.