aboutsummaryrefslogtreecommitdiff
path: root/debian/changelog
diff options
context:
space:
mode:
authorjoey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071>2007-07-11 16:50:59 +0000
committerjoey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071>2007-07-11 16:50:59 +0000
commita8fa52080d8ba1df29543df5c6180b620cae59f6 (patch)
treeb2ec8831da7c39c6ce256b16602274f895e91e87 /debian/changelog
parent68ae662e6fdca019adffbc59ca27418eb39de8da (diff)
downloadikiwiki-a8fa52080d8ba1df29543df5c6180b620cae59f6.tar
ikiwiki-a8fa52080d8ba1df29543df5c6180b620cae59f6.tar.gz
* Allow simple alphanumeric style attribute values in the htmlscrubber. This
should be safe from javascript attacks.
Diffstat (limited to 'debian/changelog')
-rw-r--r--debian/changelog4
1 files changed, 3 insertions, 1 deletions
diff --git a/debian/changelog b/debian/changelog
index 7c1625a41..e1bcc3185 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -7,8 +7,10 @@ ikiwiki (2.4) UNRELEASED; urgency=low
* Support building on systems that lack asprintf.
* mercurial getctime is currently broken, apparently by some change in
mercurial version 0.9.4. Turn the failing test case into a TODO test case.
+ * Allow simple alphanumeric style attribute values in the htmlscrubber. This
+ should be safe from javascript attacks.
- -- Joey Hess <joeyh@debian.org> Sun, 08 Jul 2007 20:25:00 -0400
+ -- Joey Hess <joeyh@debian.org> Wed, 11 Jul 2007 12:23:41 -0400
ikiwiki (2.3) unstable; urgency=low