From: Simon McVittie Date: Mon, 9 May 2016 21:34:58 +0000 (+0100) Subject: Reference CVE-2016-4561 in 3.20141016.3 changelog X-Git-Tag: debian/3.20141016.4~2^2~3 X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/commitdiff_plain/f4e2bd9c142d16b99a893b755111090c3d01186f Reference CVE-2016-4561 in 3.20141016.3 changelog --- diff --git a/debian/changelog b/debian/changelog index c6d92d117..5dd17a958 100644 --- a/debian/changelog +++ b/debian/changelog @@ -4,7 +4,7 @@ ikiwiki (3.20141016.3) jessie-security; urgency=high * img: stop ImageMagick trying to be clever if filenames contain a colon, avoiding mis-processing * HTML-escape error messages, in one case avoiding potential cross-site - scripting (OVE-20160505-0012) + scripting (CVE-2016-4561, OVE-20160505-0012) * Mitigate ImageMagick vulnerabilities such as CVE-2016-3714: - img: force common Web formats to be interpreted according to extension, so that "allowed_attachments: '*.jpg'" does what one might expect