]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/log
git.ikiwiki.info.git
7 years agoAdded a comment
smcv [Sun, 14 May 2017 12:01:09 +0000 (08:01 -0400)]
Added a comment

7 years ago(no commit message)
smcv [Sun, 14 May 2017 11:53:24 +0000 (07:53 -0400)]

7 years agorecommend discount over multimarkdown
smcv [Sun, 14 May 2017 11:51:56 +0000 (07:51 -0400)]
recommend discount over multimarkdown

7 years agomultimarkdown: it's a trap!
smcv [Sun, 14 May 2017 11:47:42 +0000 (07:47 -0400)]
multimarkdown: it's a trap!

7 years agoAdded a comment: Use an underlay instead
smcv [Sun, 14 May 2017 11:37:14 +0000 (07:37 -0400)]
Added a comment: Use an underlay instead

7 years agoremoved
smcv [Sun, 14 May 2017 11:28:50 +0000 (07:28 -0400)]
removed

7 years agoAdded a comment: You can do almost this with an underlay
smcv [Sun, 14 May 2017 11:27:54 +0000 (07:27 -0400)]
Added a comment: You can do almost this with an underlay

7 years agoAdded a comment
smcv [Sun, 14 May 2017 11:00:48 +0000 (07:00 -0400)]
Added a comment

7 years agoAdded a comment: you can't use and/or/! inside the page() parameter, move them outside
smcv [Sun, 14 May 2017 10:49:54 +0000 (06:49 -0400)]
Added a comment: you can't use and/or/! inside the page() parameter, move them outside

7 years agofix syntax
smcv [Sun, 14 May 2017 10:41:21 +0000 (06:41 -0400)]
fix syntax

7 years agoPiny: mothballing
Joe Rayhawk [Sat, 13 May 2017 16:23:56 +0000 (09:23 -0700)]
Piny: mothballing

7 years ago(no commit message)
STrRedWolf [Thu, 11 May 2017 00:52:32 +0000 (20:52 -0400)]

7 years ago(no commit message)
qazwsx [Tue, 9 May 2017 17:45:51 +0000 (13:45 -0400)]

7 years agoAdded a comment
DataComputist [Mon, 8 May 2017 21:16:18 +0000 (17:16 -0400)]
Added a comment

7 years ago(no commit message)
DataComputist [Mon, 8 May 2017 18:04:22 +0000 (14:04 -0400)]

7 years agoUpdating links
desci [Mon, 1 May 2017 19:18:15 +0000 (15:18 -0400)]
Updating links

7 years agoUpdating links
desci [Mon, 1 May 2017 19:14:33 +0000 (15:14 -0400)]
Updating links

7 years agoAdded a comment
openmedi [Tue, 18 Apr 2017 13:13:42 +0000 (09:13 -0400)]
Added a comment

7 years ago(no commit message)
openmedi [Tue, 18 Apr 2017 12:19:44 +0000 (08:19 -0400)]

7 years agoInitial commit.
STrRedWolf [Sun, 16 Apr 2017 21:38:24 +0000 (17:38 -0400)]
Initial commit.

7 years ago(no commit message)
STrRedWolf [Sun, 16 Apr 2017 20:53:43 +0000 (16:53 -0400)]

7 years agoFirst time theme help needed.
STrRedWolf [Sun, 16 Apr 2017 20:53:21 +0000 (16:53 -0400)]
First time theme help needed.

7 years agoadd list of pending patches
anarcat [Thu, 13 Apr 2017 13:27:10 +0000 (09:27 -0400)]
add list of pending patches

7 years agomark this as a real plugin: forgot the plugin template!
anarcat [Thu, 13 Apr 2017 13:23:21 +0000 (09:23 -0400)]
mark this as a real plugin: forgot the plugin template!

7 years agomark this as ready for merging
anarcat [Thu, 13 Apr 2017 13:22:28 +0000 (09:22 -0400)]
mark this as ready for merging

7 years agoclarify that "patch" on contrib plugins means the author wants to merge
anarcat [Thu, 13 Apr 2017 13:21:09 +0000 (09:21 -0400)]
clarify that "patch" on contrib plugins means the author wants to merge

7 years agothis is a patch - i'd like this in core, or at least a discussion on how to merge...
anarcat [Thu, 13 Apr 2017 13:19:23 +0000 (09:19 -0400)]
this is a patch - i'd like this in core, or at least a discussion on how to merge it with the main plugin

7 years agoadd a patch to make this happen
anarcat [Wed, 12 Apr 2017 20:15:23 +0000 (16:15 -0400)]
add a patch to make this happen

7 years agorename plugins/contrib/i18nheadinganchor.mdwn to plugins/contrib/i18nheadinganchors...
anarcat [Wed, 12 Apr 2017 20:14:30 +0000 (16:14 -0400)]
rename plugins/contrib/i18nheadinganchor.mdwn to plugins/contrib/i18nheadinganchors.mdwn

7 years agoadd i18nheadinganchors plugin
anarcat [Wed, 12 Apr 2017 20:14:13 +0000 (16:14 -0400)]
add i18nheadinganchors plugin

7 years agomove my repo to gitlab
anarcat [Wed, 12 Apr 2017 20:13:47 +0000 (16:13 -0400)]
move my repo to gitlab

7 years agorespond to an old question
anarcat [Wed, 12 Apr 2017 19:40:09 +0000 (15:40 -0400)]
respond to an old question

7 years agotodo
Joey Hess [Tue, 4 Apr 2017 16:51:40 +0000 (12:51 -0400)]
todo

7 years agoFixing format
desci [Wed, 29 Mar 2017 19:37:02 +0000 (15:37 -0400)]
Fixing format

7 years agoAs requested
desci [Wed, 29 Mar 2017 19:36:28 +0000 (15:36 -0400)]
As requested

7 years agoAnswering questions and updating links
desci [Wed, 29 Mar 2017 19:35:54 +0000 (15:35 -0400)]
Answering questions and updating links

7 years ago(no commit message)
tuxillo [Mon, 20 Mar 2017 00:33:38 +0000 (20:33 -0400)]

7 years ago(no commit message)
tuxillo [Mon, 20 Mar 2017 00:32:47 +0000 (20:32 -0400)]

7 years agoMyUserPage
martymcfly@55267c498da1bbb4b9fe2a8baadc45dc1bd8f57a [Thu, 9 Mar 2017 14:01:37 +0000 (10:01 -0400)]
MyUserPage

7 years agoAdded a comment: PS
martymcfly@55267c498da1bbb4b9fe2a8baadc45dc1bd8f57a [Thu, 9 Mar 2017 14:00:23 +0000 (10:00 -0400)]
Added a comment: PS

7 years agoIkiwiki error with Asciidoc
martymcfly@55267c498da1bbb4b9fe2a8baadc45dc1bd8f57a [Thu, 9 Mar 2017 13:59:06 +0000 (09:59 -0400)]
Ikiwiki error with Asciidoc

7 years agocleanup
Joey Hess [Tue, 7 Mar 2017 15:53:39 +0000 (11:53 -0400)]
cleanup

7 years ago(no commit message)
kw_ikiwiki1@64633d204c198f52735247ca119bddbcbfaafdef [Tue, 7 Mar 2017 14:04:42 +0000 (10:04 -0400)]

7 years agotest test blah blah
kw_ikiwiki1@64633d204c198f52735247ca119bddbcbfaafdef [Tue, 7 Mar 2017 13:59:48 +0000 (09:59 -0400)]
test test blah blah

7 years agospeed up commenting by optionally providing a comment form in static pages
jmtd@d79be1606aba831a3b476d5fff7d99f4b321eab2 [Fri, 3 Mar 2017 14:52:14 +0000 (10:52 -0400)]
speed up commenting by optionally providing a comment form in static pages

7 years agoAdded a comment
jmtd@d79be1606aba831a3b476d5fff7d99f4b321eab2 [Fri, 3 Mar 2017 14:48:03 +0000 (10:48 -0400)]
Added a comment

7 years agoAdded a comment
jmtd@d79be1606aba831a3b476d5fff7d99f4b321eab2 [Fri, 3 Mar 2017 14:29:13 +0000 (10:29 -0400)]
Added a comment

7 years agomy github mirror of ikiwiki has been deleted due to their horrible anti-free-software TOS
Joey Hess [Wed, 1 Mar 2017 17:34:42 +0000 (13:34 -0400)]
my github mirror of ikiwiki has been deleted due to their horrible anti-free-software TOS

7 years agoAdded a comment
svetlana@192500fb6a2e2ef8e78d1a08cca64b1bca9833b9 [Tue, 21 Feb 2017 22:02:45 +0000 (18:02 -0400)]
Added a comment

7 years ago+aka use page/index.mdwn source files
svetlana@192500fb6a2e2ef8e78d1a08cca64b1bca9833b9 [Tue, 21 Feb 2017 21:51:59 +0000 (17:51 -0400)]
+aka use page/index.mdwn source files

7 years agoAdded a comment
smcv [Tue, 21 Feb 2017 18:21:19 +0000 (14:21 -0400)]
Added a comment

7 years agoAdded a comment
smcv [Tue, 21 Feb 2017 18:17:35 +0000 (14:17 -0400)]
Added a comment

7 years agoAdded a comment
svetlana@192500fb6a2e2ef8e78d1a08cca64b1bca9833b9 [Tue, 21 Feb 2017 03:56:19 +0000 (23:56 -0400)]
Added a comment

7 years agoAdded a comment
svetlana@192500fb6a2e2ef8e78d1a08cca64b1bca9833b9 [Tue, 21 Feb 2017 03:47:35 +0000 (23:47 -0400)]
Added a comment

7 years agoAdded a comment
svetlana@192500fb6a2e2ef8e78d1a08cca64b1bca9833b9 [Mon, 20 Feb 2017 23:42:13 +0000 (19:42 -0400)]
Added a comment

7 years agoAdded a comment
openmedi [Mon, 20 Feb 2017 15:43:13 +0000 (11:43 -0400)]
Added a comment

7 years agoAdded a comment
svetlana@192500fb6a2e2ef8e78d1a08cca64b1bca9833b9 [Sun, 19 Feb 2017 21:59:26 +0000 (17:59 -0400)]
Added a comment

7 years agoremoved
svetlana@192500fb6a2e2ef8e78d1a08cca64b1bca9833b9 [Sun, 19 Feb 2017 21:52:54 +0000 (17:52 -0400)]
removed

7 years agoAdded a comment
svetlana@192500fb6a2e2ef8e78d1a08cca64b1bca9833b9 [Sun, 19 Feb 2017 21:48:23 +0000 (17:48 -0400)]
Added a comment

7 years agoMerge branch 'master' of git://ikiwiki.branchable.com
Louis [Sat, 18 Feb 2017 21:56:06 +0000 (22:56 +0100)]
Merge branch 'master' of git://ikiwiki.branchable.com

7 years agoUpdate my (spalax) information
Louis [Sat, 18 Feb 2017 20:11:47 +0000 (21:11 +0100)]
Update my (spalax) information

7 years agoApology about the poor choice for the name of the sidebar2 plugin
Louis [Sat, 18 Feb 2017 20:05:48 +0000 (21:05 +0100)]
Apology about the poor choice for the name of the sidebar2 plugin

7 years agoNew plugin: verboserpc
Louis [Sat, 18 Feb 2017 19:59:54 +0000 (20:59 +0100)]
New plugin: verboserpc

7 years agoNew plugin: pageversion
Louis [Sat, 18 Feb 2017 19:56:04 +0000 (20:56 +0100)]
New plugin: pageversion

7 years agoNew plugin: redirect
Louis [Sat, 18 Feb 2017 19:43:52 +0000 (20:43 +0100)]
New plugin: redirect

7 years ago(no commit message)
krqt.kndy@eb44788e4eb202f3e68eeb8ba175d3897c3979a9 [Fri, 17 Feb 2017 21:15:00 +0000 (17:15 -0400)]

7 years agoAdded a comment
vegardv@75ae889e836bda8ce69bc038d8335c398a2f6f40 [Fri, 10 Feb 2017 08:33:42 +0000 (04:33 -0400)]
Added a comment

7 years agoAdded a comment
svetlana@192500fb6a2e2ef8e78d1a08cca64b1bca9833b9 [Thu, 9 Feb 2017 21:48:06 +0000 (17:48 -0400)]
Added a comment

7 years agoAdded a comment
smcv [Thu, 9 Feb 2017 12:13:03 +0000 (08:13 -0400)]
Added a comment

7 years ago(no commit message)
svetlana@192500fb6a2e2ef8e78d1a08cca64b1bca9833b9 [Thu, 9 Feb 2017 11:22:48 +0000 (07:22 -0400)]

7 years ago+update broken uris
svetlana [Wed, 8 Feb 2017 00:36:02 +0000 (20:36 -0400)]
+update broken uris

7 years ago(no commit message)
svetlana [Tue, 7 Feb 2017 23:15:02 +0000 (19:15 -0400)]

7 years agoConfuses a map
svetlana [Tue, 7 Feb 2017 23:11:17 +0000 (19:11 -0400)]
Confuses a map

7 years ago(no commit message)
svetlana [Mon, 6 Feb 2017 05:39:02 +0000 (01:39 -0400)]

7 years agoremoved
svetlana [Mon, 6 Feb 2017 02:37:01 +0000 (22:37 -0400)]
removed

7 years ago(no commit message)
svetlana@192500fb6a2e2ef8e78d1a08cca64b1bca9833b9 [Sun, 5 Feb 2017 19:31:24 +0000 (15:31 -0400)]

7 years agochange `pwd` to $HOME so assumptions are met even if you cd elsewhere
smcv [Fri, 3 Feb 2017 20:48:48 +0000 (16:48 -0400)]
change `pwd` to $HOME so assumptions are met even if you cd elsewhere

7 years agoNo longer using ikiwiki
me@4eb1b66f86170ba2ff0690b93ad01f46bfc8eac4 [Fri, 3 Feb 2017 16:54:47 +0000 (12:54 -0400)]
No longer using ikiwiki

7 years ago(no commit message)
smcv [Thu, 26 Jan 2017 11:38:48 +0000 (07:38 -0400)]

7 years agoDoes not show up in the setup
svetlana [Tue, 24 Jan 2017 04:59:27 +0000 (00:59 -0400)]
Does not show up in the setup

7 years ago* [[guppy|http://guppy.branchable.com]] an internationalized modular Python IRC bot
svetlana [Wed, 18 Jan 2017 23:27:48 +0000 (19:27 -0400)]
* [[guppy|http://guppy.branchable.com]] an internationalized modular Python IRC bot

7 years agoAdded a comment
smcv [Wed, 18 Jan 2017 21:46:14 +0000 (17:46 -0400)]
Added a comment

7 years agoAdded a comment: Do that through your web server, not ikiwiki
smcv [Wed, 18 Jan 2017 21:45:30 +0000 (17:45 -0400)]
Added a comment: Do that through your web server, not ikiwiki

7 years ago(no commit message)
openmedi [Tue, 17 Jan 2017 12:44:20 +0000 (08:44 -0400)]

7 years agoNote another Debian 8 backport
Simon McVittie [Thu, 12 Jan 2017 00:31:10 +0000 (00:31 +0000)]
Note another Debian 8 backport

7 years agoFix typo
Simon McVittie [Wed, 11 Jan 2017 19:02:10 +0000 (19:02 +0000)]
Fix typo

7 years agoRelease 3.20170111 3.20170111 debian/3.20170111
Simon McVittie [Wed, 11 Jan 2017 18:18:38 +0000 (18:18 +0000)]
Release 3.20170111

7 years agoDocument the security fix soon to be released in 3.20170111
Simon McVittie [Wed, 11 Jan 2017 18:16:42 +0000 (18:16 +0000)]
Document the security fix soon to be released in 3.20170111

7 years agoremove: make it clearer that repeated page parameter is OK here
Simon McVittie [Wed, 11 Jan 2017 13:24:00 +0000 (13:24 +0000)]
remove: make it clearer that repeated page parameter is OK here

ikiwiki's web interface does not currently have UI for removing
multiple pages simultaneously, but the remove plugin is robust
against doing so. Use a clearer idiom to make that obvious.

7 years agoCGI, attachment, passwordauth: harden against repeated parameters
Simon McVittie [Wed, 11 Jan 2017 13:22:03 +0000 (13:22 +0000)]
CGI, attachment, passwordauth: harden against repeated parameters

These instances of code similar to OVE-20170111-0001 are not believed
to be exploitable, because defined(), length(), setpassword(),
userinfo_set() and the binary "." operator all have prototypes that
force the relevant argument to be evaluated in scalar context. However,
using a safer idiom makes mistakes less likely.

(cherry picked from commit 69230a2220f673c66b5ab875bfc759b32a241c0d)

7 years agopasswordauth: avoid userinfo forgery via repeated email parameter
Simon McVittie [Wed, 11 Jan 2017 13:19:13 +0000 (13:19 +0000)]
passwordauth: avoid userinfo forgery via repeated email parameter

OVE-20170111-0001

(cherry picked from commit bffb71d6a7d28f6dd5f0be241f214e79eea7bb91)

7 years agot/passwordauth.t: new automated test for passwordauth
Simon McVittie [Wed, 11 Jan 2017 13:16:37 +0000 (13:16 +0000)]
t/passwordauth.t: new automated test for passwordauth

In particular this includes an exploit for OVE-20170111-0001.

(cherry picked from commit fbe207212b1f4a395dc297fb274ef07afd7d68f3)

7 years agopasswordauth: prevent authentication bypass via multiple name parameters
Simon McVittie [Wed, 11 Jan 2017 13:12:50 +0000 (13:12 +0000)]
passwordauth: prevent authentication bypass via multiple name parameters

Calling CGI::FormBuilder::field with a name argument in list context
returns zero or more user-specified values of the named field, even
if that field was not declared as supporting multiple values.
Passing the result of field as a function parameter counts as list
context. This is the same bad behaviour that is now discouraged
for CGI::param.

In this case we pass the multiple values to CGI::Session::param.
That accessor has six possible calling conventions, of which four are
documented. If an attacker passes (2*n + 1) values for the 'name'
field, for example name=a&name=b&name=c, we end up in one of the
undocumented calling conventions for param:

    # equivalent to: (name => 'a', b => 'c')
    $session->param('name', 'a', 'b', 'c')

and the 'b' session parameter is unexpectedly set to an
attacker-specified value.

In particular, if an attacker "bob" specifies
name=bob&name=name&name=alice, then authentication is carried out
for "bob" but the CGI::Session ends up containing {name => 'alice'},
an authentication bypass vulnerability.

This vulnerability is tracked as OVE-20170111-0001.

(cherry picked from commit e909eb93f4530a175d622360a8433e833ecf0254)

7 years ago3.20170110 3.20170110 debian/3.20170110
Simon McVittie [Tue, 10 Jan 2017 13:22:13 +0000 (13:22 +0000)]
3.20170110

7 years agoSset libmagickcore-6.q16-3-extra as preferred build-dependency
Simon McVittie [Tue, 10 Jan 2017 13:21:46 +0000 (13:21 +0000)]
Sset libmagickcore-6.q16-3-extra as preferred build-dependency

The virtual package libmagickcore-extra is now merely an alternative,
to help autopkgtest to do the right thing.

7 years agod/ikiwiki.doc-base: register the documentation with doc-base
Simon McVittie [Tue, 10 Jan 2017 11:39:56 +0000 (11:39 +0000)]
d/ikiwiki.doc-base: register the documentation with doc-base

7 years agod/ikiwiki.lintian-overrides: silence false positive spelling warning for Moin Moin
Simon McVittie [Tue, 10 Jan 2017 11:36:23 +0000 (11:36 +0000)]
d/ikiwiki.lintian-overrides: silence false positive spelling warning for Moin Moin

7 years agod/ikiwiki.lintian-overrides: override script-not-executable warnings
Simon McVittie [Tue, 10 Jan 2017 11:35:57 +0000 (11:35 +0000)]
d/ikiwiki.lintian-overrides: override script-not-executable warnings

7 years agodocwiki.setup: exclude TourBusStop from offline documentation
Simon McVittie [Tue, 10 Jan 2017 11:30:52 +0000 (11:30 +0000)]
docwiki.setup: exclude TourBusStop from offline documentation

It does not make much sense there.

7 years agolintian: Override obsolete-url-in-packaging for OpenID Selector
Simon McVittie [Tue, 10 Jan 2017 11:27:48 +0000 (11:27 +0000)]
lintian: Override obsolete-url-in-packaging for OpenID Selector

It does not seem to have any more current URL, and in any case our
version is a fork.