CVE assigned

diff --git a/debian/changelog b/debian/changelog
index 1f73523a4af65737337f5c667297c596c449942a..db6f95f43e6adab1882e8389e09d95d8030007ed 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -14,7 +14,7 @@ ikiwiki (3.20110328) unstable; urgency=low
   * comment: Better fix to avoid showing comments of subpages, while
     not breaking manual inlining of comments.
   * meta: Security fix; don't allow alternative stylesheets to be added
   * comment: Better fix to avoid showing comments of subpages, while
     not breaking manual inlining of comments.
   * meta: Security fix; don't allow alternative stylesheets to be added

-    on pages where the htmlscrubber is enabled.
+    on pages where the htmlscrubber is enabled. CVE-2011-1401

 
  -- Joey Hess <joeyh@debian.org>  Mon, 28 Mar 2011 12:23:26 -0400
 
 
  -- Joey Hess <joeyh@debian.org>  Mon, 28 Mar 2011 12:23:26 -0400
 

diff --git a/doc/security.mdwn b/doc/security.mdwn
index 916bd048440b252232fc4e8b3bd21ebad6d5c7ff..35385465607929108d488eff73fa395e71d82467 100644 (file)
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -473,3 +473,4 @@ page as an alternate stylesheet, or replacing the default stylesheet.
 This hole was discovered on 28 Mar 2011 and fixed the same hour with
 the release of ikiwiki 3.20110328. An upgrade is recommended for sites
 that have untrusted committers, or have the attachments plugin enabled.
 This hole was discovered on 28 Mar 2011 and fixed the same hour with
 the release of ikiwiki 3.20110328. An upgrade is recommended for sites
 that have untrusted committers, or have the attachments plugin enabled.

+([[!cve CVE-2011-1401]])