aboutsummaryrefslogtreecommitdiff
path: root/debian/changelog
diff options
context:
space:
mode:
authorSimon McVittie <smcv@debian.org>2016-12-21 13:03:32 +0000
committerSimon McVittie <smcv@debian.org>2016-12-21 13:03:36 +0000
commit28409cd358d5ff17e2c340298988e8baf86fd5f5 (patch)
treef42bd0dec60138980240397519f2e1e5ef870788 /debian/changelog
parentbec3047aff9bee37f4d56848212f051fcf91cb90 (diff)
downloadikiwiki-28409cd358d5ff17e2c340298988e8baf86fd5f5.tar
ikiwiki-28409cd358d5ff17e2c340298988e8baf86fd5f5.tar.gz
Add CVE references for CVE-2016-10026
Diffstat (limited to 'debian/changelog')
-rw-r--r--debian/changelog8
1 files changed, 7 insertions, 1 deletions
diff --git a/debian/changelog b/debian/changelog
index 7490db757..031403830 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+ikiwiki (3.20161220) UNRELEASED; urgency=medium
+
+ * Add CVE references for CVE-2016-10026
+
+ -- Simon McVittie <smcv@debian.org> Wed, 21 Dec 2016 13:03:07 +0000
+
ikiwiki (3.20161219) unstable; urgency=medium
[ Joey Hess ]
@@ -8,7 +14,7 @@ ikiwiki (3.20161219) unstable; urgency=medium
* Security: tell `git revert` not to follow renames. If it does, then
renaming a file can result in a revert writing outside the wiki srcdir
or altering a file that the reverting user should not be able to alter,
- an authorization bypass. Thanks, intrigeri
+ an authorization bypass. Thanks, intrigeri. (CVE-2016-10026)
* cgitemplate: remove some dead code. Thanks, blipvert
* Restrict CSS matches against header class to not break
Pandoc tables with header rows. Thanks, karsk