aboutsummaryrefslogtreecommitdiff
path: root/debian/changelog
diff options
context:
space:
mode:
authorJoey Hess <joey@gnu.kitenet.net>2009-05-18 15:25:10 -0400
committerJoey Hess <joey@gnu.kitenet.net>2009-05-18 15:25:10 -0400
commit23a4ee6d15dbd9b8e8c6588a829dd30a26a8de32 (patch)
tree5d7d76ba25bd6331e1f2940c481477ecb4de9d12 /debian/changelog
parent0516ba04d014628be983dbd3e4c28a8f52a2c3e7 (diff)
downloadikiwiki-23a4ee6d15dbd9b8e8c6588a829dd30a26a8de32.tar
ikiwiki-23a4ee6d15dbd9b8e8c6588a829dd30a26a8de32.tar.gz
Allow curly braces to be used in pagespecs
And avoid a whole class of potential security problems (though none that I know of actually existing..), by avoiding performing any string interpolation on user-supplied data when translating pagespecs.
Diffstat (limited to 'debian/changelog')
-rw-r--r--debian/changelog3
1 files changed, 3 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index c2819d0c5..7efa31cf1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -6,6 +6,9 @@ ikiwiki (3.13) UNRELEASED; urgency=low
of other underlays via add_underlay.
* More friendly display of markdown, textile in edit form selector
(jmtd)
+ * Allow curly braces to be used in pagespecs, and avoid a whole class
+ of potential security problems, by avoiding performing any string
+ interpolation on user-supplied data when translating pagespecs.
-- Joey Hess <joeyh@debian.org> Wed, 06 May 2009 20:45:44 -0400