From: Joey Hess <joey@kitenet.net>
Date: Fri, 12 Nov 2010 14:24:20 +0000 (-0400)
Subject: add CVE
X-Git-Tag: 3.20100815.2~2
X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/commitdiff_plain/9cb99a7a6a516dccc2de017dfd1140c4eb01a0cf

add CVE
---

diff --git a/debian/changelog b/debian/changelog
index 89d919501..2f352ffa2 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,11 +3,11 @@ ikiwiki (3.20100815.2) UNRELEASED; urgency=low
   * Bugfix-only cherry-pick release for Debian squeeze.
   * Fix htmlscrubber_skip to be matched on the source page, not the page it is
     inlined into. Should allow setting to "* and !comment(*)" to scrub
-    comments, but leave your blog posts unscrubbed, etc.
+    comments, but leave your blog posts unscrubbed, etc. CVE-2010-1673
   * comments: Make postcomment() pagespec work when previewing a comment,
-    including during moderation.
+    including during moderation. CVE-2010-1673
   * comments: Make comment() pagespec also match comments that are being
-    posted.
+    posted. CVE-2010-1673
   * openid: Syntax tweak to the javascript code to make it work with MSIE 7
     (and MSIE 8 in compat mode). Thanks to Iain McLaren for reporting
     the bug and providing access to debug it.