From 55c0e557d9904721fb35479e139a853f90fe39b4 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Fri, 27 Mar 2015 12:17:39 -0400 Subject: [PATCH] Fix XSS in openid selector. Thanks, Raghav Bisht. Conflicts: debian/changelog doc/bugs/XSS_Alert...__33____33____33__.html --- debian/changelog | 7 +++++++ templates/openid-selector.tmpl | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/debian/changelog b/debian/changelog index 720ddb1e0..1897414c4 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +ikiwiki (3.20141016.2) UNRELEASED; urgency=high + + [ Joey Hess ] + * Fix XSS in openid selector. Thanks, Raghav Bisht. + + -- Simon McVittie Sun, 29 Mar 2015 22:28:15 +0100 + ikiwiki (3.20120629.1) wheezy; urgency=medium Backport blogspam plugin from experimental, because the version in diff --git a/templates/openid-selector.tmpl b/templates/openid-selector.tmpl index b6be2720c..0fd833042 100644 --- a/templates/openid-selector.tmpl +++ b/templates/openid-selector.tmpl @@ -23,7 +23,7 @@ $(document).ready(function() {
- +
-- 2.39.5