| 2017-01-11 |
Simon McVittie | git: do not fail to commit if committer is anonymous |
commit | commitdiff | tree | snapshot |
| 2017-01-11 |
Simon McVittie | git: don't issue a warning if rcsinfo is undefined |
commit | commitdiff | tree | snapshot |
| 2017-01-11 |
Simon McVittie | Use git log --no-renames for recentchanges |
commit | commitdiff | tree | snapshot |
| 2017-01-11 |
Florian Wagner | Correctly handle filenames starting with a dash in... |
commit | commitdiff | tree | snapshot |
| 2017-01-11 |
Simon McVittie | ensure_committer: don't do anything if we have the... |
commit | commitdiff | tree | snapshot |
| 2017-01-11 |
Simon McVittie | Don't memoize ensure_committer |
commit | commitdiff | tree | snapshot |
| 2017-01-11 |
Simon McVittie | git: if no committer identity is known, set it to ... |
commit | commitdiff | tree | snapshot |
| 2017-01-11 |
Simon McVittie | Revert "Tell `git revert` not to follow renames (CVE... |
commit | commitdiff | tree | snapshot |
| 2017-01-11 |
Simon McVittie | Tell `git revert` not to follow renames (CVE-2016-10026) |
commit | commitdiff | tree | snapshot |
| 2017-01-11 |
Simon McVittie | Update changelog for img backport |
commit | commitdiff | tree | snapshot |
| 2017-01-11 |
Simon McVittie | img test: exercise upper-case extensions for image... |
commit | commitdiff | tree | snapshot |
| 2017-01-11 |
Amitai Schlair | Detect image type from .JPG just like .jpg (etc.). |
commit | commitdiff | tree | snapshot |
| 2017-01-11 |
Simon McVittie | Update changelog |
commit | commitdiff | tree | snapshot |
| 2017-01-11 |
Simon McVittie | CGI, attachment, passwordauth: harden against repeated... |
commit | commitdiff | tree | snapshot |
| 2017-01-11 |
Simon McVittie | Force CGI::FormBuilder->field to scalar context where... |
commit | commitdiff | tree | snapshot |
| 2017-01-11 |
Simon McVittie | passwordauth: avoid userinfo forgery via repeated email... |
commit | commitdiff | tree | snapshot |
| 2017-01-11 |
Simon McVittie | t/passwordauth.t: new automated test for passwordauth |
commit | commitdiff | tree | snapshot |
| 2017-01-11 |
Simon McVittie | passwordauth: prevent authentication bypass via multipl... |
commit | commitdiff | tree | snapshot |
| 2017-01-11 |
Simon McVittie | Reference CVE-2016-4561 in 3.20141016.3 changelog |
commit | commitdiff | tree | snapshot |
| 2016-05-06 |
Simon McVittie | 3.20141016.3 (for jessie-security) debian/3.20141016.3 |
commit | commitdiff | tree | snapshot |
| 2016-05-06 |
Simon McVittie | Do not recommend mimetype(image/*) |
commit | commitdiff | tree | snapshot |
| 2016-05-06 |
Simon McVittie | Document the security fixes in this release |
commit | commitdiff | tree | snapshot |
| 2016-05-06 |
smcv | add more details of CVE-2015-2793 |
commit | commitdiff | tree | snapshot |
| 2016-05-06 |
Joey Hess | update for recent XSS |
commit | commitdiff | tree | snapshot |
| 2016-05-06 |
Simon McVittie | img: make img_allowed_formats case-insensitive |
commit | commitdiff | tree | snapshot |
| 2016-05-06 |
Joey Hess | update test suite for svg passthrough by img directive |
commit | commitdiff | tree | snapshot |
| 2016-05-06 |
Simon McVittie | img: Add back support for SVG images, bypassing ImageMa... |
commit | commitdiff | tree | snapshot |
| 2016-05-05 |
Simon McVittie | Changelog |
commit | commitdiff | tree | snapshot |
| 2016-05-05 |
Simon McVittie | img: check magic number before giving common formats... |
commit | commitdiff | tree | snapshot |
| 2016-05-05 |
Simon McVittie | img: restrict to JPEG, PNG and GIF images by default |
commit | commitdiff | tree | snapshot |
| 2016-05-05 |
Simon McVittie | Update structure of img test from master |
commit | commitdiff | tree | snapshot |
| 2016-05-05 |
Simon McVittie | img test: set old timestamp on source file that will... |
commit | commitdiff | tree | snapshot |
| 2016-05-05 |
Simon McVittie | img test: skip testing PDFs if unsupported |
commit | commitdiff | tree | snapshot |
| 2016-05-05 |
Simon McVittie | img test: use the right filenames when testing that... |
commit | commitdiff | tree | snapshot |
| 2016-05-05 |
Simon McVittie | img: force common Web formats to be interpreted accordi... |
commit | commitdiff | tree | snapshot |
| 2016-05-05 |
Simon McVittie | HTML-escape error messages (OVE-20160505-0012) |
commit | commitdiff | tree | snapshot |
| 2016-05-05 |
Simon McVittie | img: stop ImageMagick trying to be clever if filenames... |
commit | commitdiff | tree | snapshot |
| 2015-03-29 |
Simon McVittie | Release 3.20141016.2 debian/3.20141016.2 |
commit | commitdiff | tree | snapshot |
| 2015-03-29 |
Joey Hess | Fix XSS in openid selector. Thanks, Raghav Bisht. |
commit | commitdiff | tree | snapshot |
| 2015-01-07 |
Simon McVittie | note that the two potential FTBFSs do not actually... debian/3.20141016.1 |
commit | commitdiff | tree | snapshot |
| 2015-01-07 |
Simon McVittie | release candidate |
commit | commitdiff | tree | snapshot |
| 2015-01-07 |
Simon McVittie | Work around Debian #771047: use a non-blank SVG for... |
commit | commitdiff | tree | snapshot |
| 2015-01-07 |
Joey Hess | close debian bug I opened about blogspam |
commit | commitdiff | tree | snapshot |
| 2015-01-07 |
Amitai Schlair | blogspam uses JSON instead of RPC::XML now. |
commit | commitdiff | tree | snapshot |
| 2015-01-07 |
Amitai Schlair | Update blogspam to the 2.0 API. |
commit | commitdiff | tree | snapshot |
| 2015-01-07 |
Joey Hess | Set Debian package maintainer to Simon McVittie as... |
commit | commitdiff | tree | snapshot |
| 2015-01-07 |
Joey Hess | Add missing build-depends on libcgi-formbuilder-perl... |
commit | commitdiff | tree | snapshot |
| 2014-10-16 |
Simon McVittie | Merge remote-tracking branch 'refs/remotes/dgit/dgit... 3.20141016 debian/3.20141016 |
commit | commitdiff | tree | snapshot |
| 2014-10-16 |
Simon McVittie | release |
commit | commitdiff | tree | snapshot |
| 2014-10-16 |
Simon McVittie | debian: fix some wrong paths in the copyright file |
commit | commitdiff | tree | snapshot |
| 2014-10-16 |
Simon McVittie | debian: rename debian/link to debian/links so the inten... |
commit | commitdiff | tree | snapshot |
| 2014-10-16 |
Simon McVittie | close a bug |
commit | commitdiff | tree | snapshot |
| 2014-10-16 |
Simon McVittie | Drop unused python-support dependency |
commit | commitdiff | tree | snapshot |
| 2014-10-16 |
Simon McVittie | changelog so far |
commit | commitdiff | tree | snapshot |
| 2014-10-16 |
Simon McVittie | build-depend on libcgi-pm-perl too, for tests |
commit | commitdiff | tree | snapshot |
| 2014-10-16 |
Simon McVittie | Explicitly depend on CGI.pm, which is no longer in... |
commit | commitdiff | tree | snapshot |
| 2014-10-16 |
Amitai Schlair | IkiWiki::Plugin::openid: as a precaution, do not call... |
commit | commitdiff | tree | snapshot |
| 2014-10-16 |
Amitai Schlair | Call CGI->param_fetch instead of CGI->param in array... |
commit | commitdiff | tree | snapshot |
| 2014-10-16 |
Simon McVittie | Make sure we do not pass multiple CGI parameters in... |
commit | commitdiff | tree | snapshot |
| 2014-10-16 |
https://www... | Added a comment: It was an Apache problem... |
commit | commitdiff | tree | snapshot |
| 2014-10-16 |
smcv | branch |
commit | commitdiff | tree | snapshot |
| 2014-10-16 |
smcv | comment |
commit | commitdiff | tree | snapshot |
| 2014-10-16 |
Simon McVittie | Replace PayPal and Flattr buttons with text links |
commit | commitdiff | tree | snapshot |
| 2014-10-16 |
http://anastigmatix... | mention pagespec_alias patches |
commit | commitdiff | tree | snapshot |
| 2014-10-15 |
smcv | Added a comment |
commit | commitdiff | tree | snapshot |
| 2014-10-15 |
smcv | Added a comment |
commit | commitdiff | tree | snapshot |
| 2014-10-15 |
openmedi | Added a comment |
commit | commitdiff | tree | snapshot |
| 2014-10-15 |
https://www... | Added a comment |
commit | commitdiff | tree | snapshot |
| 2014-10-15 |
openmedi | Added a comment |
commit | commitdiff | tree | snapshot |
| 2014-10-15 |
https://www... | (no commit message) |
commit | commitdiff | tree | snapshot |
| 2014-10-14 |
Amitai Schlair | as usual, macports hasn't moved |
commit | commitdiff | tree | snapshot |
| 2014-10-14 |
https://www... | Added a comment |
commit | commitdiff | tree | snapshot |
| 2014-10-14 |
https://www... | (no commit message) |
commit | commitdiff | tree | snapshot |
| 2014-10-14 |
https://www... | Added a comment |
commit | commitdiff | tree | snapshot |
| 2014-10-14 |
Amitai Schlair | one report suffices; not yet clear there's a bug |
commit | commitdiff | tree | snapshot |
| 2014-10-14 |
https://www... | (no commit message) |
commit | commitdiff | tree | snapshot |
| 2014-10-14 |
https://www... | (no commit message) |
commit | commitdiff | tree | snapshot |
| 2014-10-13 |
Amitai Schlair | clarify |
commit | commitdiff | tree | snapshot |
| 2014-10-13 |
Amitai Schlair | findings and questions |
commit | commitdiff | tree | snapshot |
| 2014-10-12 |
Simon McVittie | Do not pass ignored sid parameter to checksessionexpiry |
commit | commitdiff | tree | snapshot |
| 2014-10-12 |
Simon McVittie | comments: don't log remote IP address for signed-in... |
commit | commitdiff | tree | snapshot |
| 2014-10-12 |
Simon McVittie | google search plugin: use https for the search |
commit | commitdiff | tree | snapshot |
| 2014-10-12 |
smcv | default User-Agent changed |
commit | commitdiff | tree | snapshot |
| 2014-10-12 |
Simon McVittie | Set default User-Agent to something that doesn't mentio... |
commit | commitdiff | tree | snapshot |
| 2014-10-12 |
smcv | removed |
commit | commitdiff | tree | snapshot |
| 2014-10-12 |
smcv | Added a comment |
commit | commitdiff | tree | snapshot |
| 2014-10-12 |
Amitai Schlair | help Markdown make a list |
commit | commitdiff | tree | snapshot |
| 2014-10-12 |
https://www... | Added a comment: fixed in a recent release, I think |
commit | commitdiff | tree | snapshot |
| 2014-10-12 |
openmedi | (no commit message) |
commit | commitdiff | tree | snapshot |
| 2014-10-12 |
Amitai Schlair | Replace shebang paths with the build-time $(PERL). |
commit | commitdiff | tree | snapshot |
| 2014-10-12 |
Amitai Schlair | Extract test subs for each site. No change meant. |
commit | commitdiff | tree | snapshot |
| 2014-10-12 |
Amitai Schlair | Extract run_cgi(). No functional change intended. |
commit | commitdiff | tree | snapshot |
| 2014-10-11 |
Amitai Schlair | Extract check_generated_content(). Same output. |
commit | commitdiff | tree | snapshot |
| 2014-10-11 |
Amitai Schlair | Extract check_cgi_mode_bits(). No change intended. |
commit | commitdiff | tree | snapshot |
| 2014-10-11 |
Amitai Schlair | Extract thoroughly_rebuild(), a slight test change. |
commit | commitdiff | tree | snapshot |
| 2014-10-11 |
Amitai Schlair | Extract write_setup_file(). No functional change. |
commit | commitdiff | tree | snapshot |
| 2014-10-10 |
https://www... | (no commit message) |
commit | commitdiff | tree | snapshot |
| 2014-10-09 |
smcv | clarify further |
commit | commitdiff | tree | snapshot |
| 2014-10-09 |
smcv | clarify |
commit | commitdiff | tree | snapshot |
| 2014-10-09 |
smcv | That's not how that directive is used, and if you want... |
commit | commitdiff | tree | snapshot |
| next |