From: Simon McVittie Date: Mon, 5 Sep 2016 20:50:12 +0000 (+0100) Subject: Merge branch 'master' into debian-jessie-backports X-Git-Tag: debian/3.20170111_bpo8+1~6 X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/commitdiff_plain/d3c15aed18ef9e67c3e785ac3cc0426c56e59ac7?hp=f5a1550441a9d58652d93deacc333f143a7ecfbd Merge branch 'master' into debian-jessie-backports --- diff --git a/IkiWiki/Plugin/git.pm b/IkiWiki/Plugin/git.pm index bfca933fd..249338d4d 100644 --- a/IkiWiki/Plugin/git.pm +++ b/IkiWiki/Plugin/git.pm @@ -469,7 +469,7 @@ sub git_commit_info ($;$) { my @raw_lines = run_or_die('git', 'log', @opts, '--pretty=raw', '--raw', '--abbrev=40', '--always', '-c', - '-r', $sha1, '--', '.'); + '-r', $sha1, '--no-renames', '--', '.'); my @ci; while (my $parsed = parse_diff_tree(\@raw_lines)) { diff --git a/debian/changelog b/debian/changelog index 59322743a..d9782380d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,11 +1,23 @@ -ikiwiki (3.20160728~bpo8+1) jessie-backports; urgency=medium +ikiwiki (3.20160905~bpo8+1) jessie-backports; urgency=medium * Rebuild for jessie-backports - debian/tests/control: set INSTALLED_TESTS=1 here, pkg-perl-autopkgtest in jessie didn't support debian/tests/pkg-perl/smoke-env - -- Simon McVittie Thu, 28 Jul 2016 10:48:11 +0100 + -- Simon McVittie Mon, 05 Sep 2016 21:49:22 +0100 + +ikiwiki (3.20160905) unstable; urgency=medium + + [ Joey Hess ] + * Fix installation when prefix includes a string metacharacter. + Thanks, Sam Hathaway. + + [ Simon McVittie ] + * Use git log --no-renames to generate recentchanges, fixing the git + test-case with git 2.9 (Closes: #835612) + + -- Simon McVittie Mon, 05 Sep 2016 21:26:19 +0100 ikiwiki (3.20160728) unstable; urgency=medium diff --git a/doc/forum/Attachment_file_doesn__39__t_get_attached_to_page/comment_3_b3a75eeea04757b56c793d0d987f11c1._comment b/doc/forum/Attachment_file_doesn__39__t_get_attached_to_page/comment_3_b3a75eeea04757b56c793d0d987f11c1._comment new file mode 100644 index 000000000..918292a81 --- /dev/null +++ b/doc/forum/Attachment_file_doesn__39__t_get_attached_to_page/comment_3_b3a75eeea04757b56c793d0d987f11c1._comment @@ -0,0 +1,15 @@ +[[!comment format=mdwn + username="https://me.yahoo.com/zoredache#d4929" + nickname="Zoredache" + subject="I have narrowed this problem down." + date="2016-08-23T20:51:51Z" + content=""" +The attachments do not seem to get attached to the page, if the page has a space in the name. + +For comparability with a wiki I had imported content from I adjusted the `wiki_file_chars` to `wiki_file_chars: '-[:alnum:]+/._ '`. + +Attachments work work fine when being attached to a page that matches '-[:alnum:]+/._', but if you have a space in the page name attachments fail. + +Is there anyway to fix Ikiwiki attachments to work when the above `wiki_file_chars` value that permits space characters? + +"""]] diff --git a/doc/forum/How_to_add_additional_math_delimites_for_pandoc_plugin.mdwn b/doc/forum/How_to_add_additional_math_delimites_for_pandoc_plugin.mdwn new file mode 100644 index 000000000..4b429f95c --- /dev/null +++ b/doc/forum/How_to_add_additional_math_delimites_for_pandoc_plugin.mdwn @@ -0,0 +1 @@ +In my ikiwiki + pandoc + mathjax setup the delimiters $ for inline math and $$ for display math are currently recognized. How can I add additional delimiters, for example \( and \) for inline and \[ \] for display math? diff --git a/doc/forum/Using_ikiwiki_via_command_line:_Workflow_and_permission_problem.mdwn b/doc/forum/Using_ikiwiki_via_command_line:_Workflow_and_permission_problem.mdwn new file mode 100644 index 000000000..12d1ab9fb --- /dev/null +++ b/doc/forum/Using_ikiwiki_via_command_line:_Workflow_and_permission_problem.mdwn @@ -0,0 +1,23 @@ +I use my ikiwiki for personal notes only on my laptop locally (the html pages are under ~/public_html/mywiki) and now I am trying to edit it with emacs and push from command line. + +I have some questions about this: + +1\. Is the following workflow correct: + + +- goto ~/mywiki +- edit and save ~/mypage.mdwm with emacs +- git add ~/mypage.mdwm +- git commit -m "mypage edit" +- git push + +Since I also sometimes want to edit it from the web interface, I tested it and noticed that it doesn't seem that I have to pull before editing. If I save an edit from the web interface the directory ~/mywiki is updated magically without using git pull. + +Is this correct so far or is there a better workflow? + +2\. After editing and saving the page from the web interface it is saved with root permissions in ~/mywiki how can I make ikiwiki to save everything with my username as group and owner? + +3\. What's the best and fastest way to preview a page in my browser after editing it with emacs without updating the whole wiki? + + +-- anna19 -- diff --git a/doc/forum/emailauth:_Not_enough_arguments_for_IkiWiki::cgi__95__getsession.mdwn b/doc/forum/emailauth:_Not_enough_arguments_for_IkiWiki::cgi__95__getsession.mdwn new file mode 100644 index 000000000..60da378fb --- /dev/null +++ b/doc/forum/emailauth:_Not_enough_arguments_for_IkiWiki::cgi__95__getsession.mdwn @@ -0,0 +1,20 @@ +I'm doing a (belated) update from a version before emailauth was available, +and I get the error: + + Failed to load plugin IkiWiki::Plugin::emailauth: Not enough arguments for IkiWiki::cgi_getsession + +and sure enough, emailauth.pm line 175 has + + my $session=IkiWiki::cgi_getsession(); + +while `cgi_getsession` is declared in CGI.pm as + + sub cgi_getsession ($) { + my $q=shift; + ... + +and browsing through git history, it looks like it has always been that way. +Now, I have some local mods merged in, so it is possible one of them has +broken something, but before I begin questioning my sanity, just by looking +at these lines in the unmodified ikiwiki repo, um, has this ever worked? +And, why? diff --git a/doc/git.mdwn b/doc/git.mdwn index 85e3e07bc..4808e5718 100644 --- a/doc/git.mdwn +++ b/doc/git.mdwn @@ -84,6 +84,7 @@ think about merging them. This is recommended. :-) * [[users/mjd]] `https://github.com/mjdominus/ikiwiki.git` ([[browse|https://github.com/mjdominus/ikiwiki]]) * [[users/kjs]] `git://src.kalleswork.net/ikiwiki.git` * bfree `git://github.com/bfree/ikiwiki.git` +* [[users/leg]] `git://at.magma-soft.at/ikiwiki.info` ## branches diff --git a/doc/ikiwikiusers.mdwn b/doc/ikiwikiusers.mdwn index a26c0e514..f79b4498b 100644 --- a/doc/ikiwikiusers.mdwn +++ b/doc/ikiwikiusers.mdwn @@ -105,6 +105,10 @@ Projects & Organizations * [Hacklab Independência](https://hi.ato.br) - radical tech collective * [Piratas XYZ](http://piratas.xyz) - one of [pirate party of brazil](http://partidopirata.org)'s sites * [Bürgerinitiative S4-Ausbau](https://www.s4-ausbau.de/) - A initative in the larger munich area to improve the public transport line S4 +* [MagmaSoft](http://magma-soft.at/), as well as the support site and the [Software Wiki](http://at.magma-soft.at/sw/) +* [[voice in time|http://voice-in-time.com]] a voice recording studio located in Hamburg, Germany (rather complex build using ikiwiki only, providing CGI access for the customer) +* [[nb instrument|http://nb-instrument.com]] a workshop for beautifully handcrafted musical instruments, located in Hamburg, Germany (also one of our rather complex builds using ikiwiki only, providing CGI access for the customer) +* [[coido architects|http://coido.de]] architectural company, located in Hamburg, Germany and Rotterdam, Netherlands (also rather complex build adding masonry and gallery scripts and some pjaxing to the picture, providing CGI access for the customer) Personal sites and blogs ======================== diff --git a/doc/news/version_3.20150329.mdwn b/doc/news/version_3.20150329.mdwn deleted file mode 100644 index 7e0d3e0bc..000000000 --- a/doc/news/version_3.20150329.mdwn +++ /dev/null @@ -1,34 +0,0 @@ -ikiwiki 3.20150329 released with [[!toggle text="these changes"]]. This is a -security update fixing a cross-site scripting vulnerability. - -[[!toggleable text=""" - [ [[Joey Hess|joey]] ] - - * Fix NULL ptr deref on ENOMEM in wrapper. (Thanks, igli) - - [ [[Simon McVittie|smcv]] ] - - * Really don't double-decode CGI submissions, even on Perl versions that - bundle an old enough Encode.pm for that not to be a problem: the - system might have a newer Encode.pm installed separately, like Fedora 20. - (Closes: [[!debbug 776181]]; thanks, Anders Kaseorg) - * If neither timezone nor TZ is set, set both to :/etc/localtime if - we're on a GNU system and that file exists, or GMT otherwise - * t/inline.t: accept translations of "Add a new post titled:" - (Closes: [[!debbug 779365]]) - * Consistently document command-line options as e.g. --refresh, not -refresh - - [ [[Amitai Schlair|schmonz]] ] - - * In VCS-committed anonymous comments, link to url. - - [ [[Joey Hess|joey]] ] - - * Fix XSS in openid selector. Thanks, Raghav Bisht. - (Closes: [[!debbug 781483]]) -"""]] - -In addition, version 3.20141016.2 was released on the same day to backport -the cross-site-scripting fix to Debian 8. - -[[!meta date="2015-03-29 22:46:39 +0100"]] diff --git a/doc/news/version_3.20160728.mdwn b/doc/news/version_3.20160728.mdwn new file mode 100644 index 000000000..6836a9b79 --- /dev/null +++ b/doc/news/version_3.20160728.mdwn @@ -0,0 +1,9 @@ +ikiwiki 3.20160728 released with [[!toggle text="these changes"]] +[[!toggleable text=""" + * Explicitly remove current working directory from Perl's library + search path, mitigating [[!cve CVE-2016-1238]] (see [[!debbug 588017]]) + * wrappers: allocate new environment dynamically, so we won't overrun + the array if third-party plugins add multiple environment variables. + * Standards-Version: 3.9.8 (no changes required) + +--[[smcv]]"""]] diff --git a/doc/plugins/contrib/irker.mdwn b/doc/plugins/contrib/irker.mdwn index 603ee0dd8..9e1dabf7d 100644 --- a/doc/plugins/contrib/irker.mdwn +++ b/doc/plugins/contrib/irker.mdwn @@ -3,7 +3,7 @@ This plugin will configure your wiki to send IRC notifications using the [irker](http://www.catb.org/esr/irker/) notification bot. -It is fairly simple and requires no configuration but installation of the irker package. For template configuration, patches from [Debian bug #824512](https://bugs.debian.org/824512) are necessary. +It is fairly simple and requires no configuration but installation of the irker package. For template configuration, patches from [Debian bug #824512](https://bugs.debian.org/824512) are necessary. Note that they have been factored into irker 2.18. [[!format perl """ package IkiWiki::Plugin::irker; diff --git a/doc/plugins/emailauth.mdwn b/doc/plugins/emailauth.mdwn index 463666535..4df9700c5 100644 --- a/doc/plugins/emailauth.mdwn +++ b/doc/plugins/emailauth.mdwn @@ -17,5 +17,5 @@ like commits of changes, the email address is cloaked using the foaf:mbox_sha1sum spec. -This plugin needs the [[!cpan Mail::SendMail]] perl module installed, +This plugin needs the [[!cpan Mail::Sendmail]] perl module installed, and able to send outgoing email. diff --git a/doc/sandbox.mdwn b/doc/sandbox.mdwn index d7f866c76..e3b8412df 100644 --- a/doc/sandbox.mdwn +++ b/doc/sandbox.mdwn @@ -213,3 +213,5 @@ Räksmörgås. Testing. Test. 試験として書き込みします。 Καλημέρα! + +test diff --git a/doc/security.mdwn b/doc/security.mdwn index 055e1d006..6d68fac00 100644 --- a/doc/security.mdwn +++ b/doc/security.mdwn @@ -531,3 +531,13 @@ resize. An upgrade is recommended for sites where an untrusted user is able to attach images. Upgrading ImageMagick to a version where CVE-2016-3714 has been fixed is also recommended, but at the time of writing no such version is available. + +## Perl CVE-2016-1238 (current working directory in search path) + +ikiwiki 3.20160728 attempts to mitigate [[!cve CVE-2016-1238]] by +removing `'.'` from the Perl library search path. An attacker with write +access to ikiwiki's current working directory could potentially use this +vulnerability to execute arbitrary Perl code. An upgrade is recommended +for sites where an untrusted user is able to attach files with arbitrary +names and/or run a setuid ikiwiki wrapper with a working directory of +their choice. diff --git a/doc/todo/BrowserID.mdwn b/doc/todo/BrowserID.mdwn index 04a9166a8..239d33eec 100644 --- a/doc/todo/BrowserID.mdwn +++ b/doc/todo/BrowserID.mdwn @@ -23,3 +23,6 @@ Some additional information on BrowserID: > program (haskell would be fine ;), > of . > --[[Joey]] + +BrowserID, or Mobilla Persona, is shutting down with 30th of November 2016. +Seen at --[[leg]] diff --git a/doc/todo/Track_Markdown_Standardisation_Efforts.mdwn b/doc/todo/Track_Markdown_Standardisation_Efforts.mdwn index 85dfddf26..90aba7a25 100644 --- a/doc/todo/Track_Markdown_Standardisation_Efforts.mdwn +++ b/doc/todo/Track_Markdown_Standardisation_Efforts.mdwn @@ -3,6 +3,7 @@ Just a quick note that some people are making noise about Markdown standardisati * * * + * It might be worth following... @@ -15,3 +16,22 @@ It might be worth following... > Markdown unless someone either changes the behaviour of Discount, > or recommends a different (and hopefully better) third-party library. > --[[smcv]] + +> I am not sure the noise is so much "recent" anymore: that article +> announcing Commonmark is from 2012 and markdown.github.com is from +> around 2014. Presumably, Commonmark will become official in 2016, +> but you know what they say about [standards][]... +> +> I guess the only thing that Ikiwiki would need to do would be to +> somewhat support Commonmark. There's a [Perl library][] that wraps +> the C library, but nothing native yet. +> +> I guess we would need to test how it performs and compares with +> Discount, but having it as a third party module is up for anyone's +> grab. It should be a fairly simple implementation after all... +> Then it should probably be mentionned in [this discussion][] for +> everyone's benefit as well. --[[anarcat]] + +[standards]: https://xkcd.com/927/ +[Perl library]: https://metacpan.org/release/CommonMark +[this discussion]: https://talk.commonmark.org/t/i-wonder-if-there-is-a-wiki-engine-that-uses-markdown/1281/18 diff --git a/doc/users/SamHathaway.mdwn b/doc/users/SamHathaway.mdwn new file mode 100644 index 000000000..6458c2e91 --- /dev/null +++ b/doc/users/SamHathaway.mdwn @@ -0,0 +1 @@ +Hey, this is my user page. diff --git a/doc/users/leg.mdwn b/doc/users/leg.mdwn new file mode 100644 index 000000000..03d74f612 --- /dev/null +++ b/doc/users/leg.mdwn @@ -0,0 +1,18 @@ +[[!meta title="Georg Lehner"]] + +Georg's [homepage](http://jorge.at.anteris.net/) + +Georg is operating [MagmaSoft](http://magma-soft.at) where he is +using ikiwiki on several websites. + +Ikiwiki projects, all to be documented here: + +- Location aware setup files for ikiwiki. +- Alternate dead simple multilingual support. +- An Ikiwiki local style sheet with dead simple responsive design oriented to optimized reading, see [this post](http://at.magma-soft.at/sw/blog/posts/Simple_Responsive_Design_for_IkiWiki/) +- [Microformats 2](http://microformats.org) support for Ikiwiki blogs, + see [this post](http://at.magma-soft.at/sw/blog/posts/Microformats_for_IkiWiki/) + for a first intro. +- The former is currently based on an approach to allow page metadata + to be imported into the [[plugins/template]] and the [[plugins/inline]] page + processing. diff --git a/doc/users/schmonz.mdwn b/doc/users/schmonz.mdwn index ff594fd12..0cee27ec1 100644 --- a/doc/users/schmonz.mdwn +++ b/doc/users/schmonz.mdwn @@ -17,6 +17,7 @@ pages="!*/Discussion and ((link(users/schmonz) and plugins/* and !plugins/openid authentication](http://www.columbia.edu/acis/rad/authmethods/wind/) plugin) * [A small personal site](http://www.anglofish.net/) (happily hosted at [Branchable](http://www.branchable.com/)) +* [A wiki about Agile in distributed teams](http://shapemywork.com/) ## Non-public diff --git a/pm_filter b/pm_filter index 374e9a44f..7b03418ab 100755 --- a/pm_filter +++ b/pm_filter @@ -7,10 +7,10 @@ BEGIN { } if (/INSTALLDIR_AUTOREPLACE/) { - $_=qq{our \$installdir="$prefix";}; + $_=qq{our \$installdir="\Q$prefix\E";}; } elsif (/VERSION_AUTOREPLACE/) { - $_=qq{our \$version="$ver";}; + $_=qq{our \$version="\Q$ver\E";}; } elsif (/^(?:use FindBin; *)?use lib/) { # The idea here is to figure out if the libdir the Makefile.PL @@ -22,12 +22,12 @@ elsif (/^(?:use FindBin; *)?use lib/) { $_=""; } else { - $_="use lib '$libdir';\n"; + $_="use lib \"\Q$libdir\E\";\n"; } } elsif ($. == 1 && ($ENV{NOTAINT}=0) && m{^(#!.*perl.*?)$}) { $_=qq{$1 -T\n}; } elsif (/^\$ENV\{PATH}="(.*)";/) { - $_="\$ENV{PATH}=\"$1:$prefix/bin\";\n"; + $_="\$ENV{PATH}=\"\Q$1\E:\Q$prefix\E/bin\";\n"; }