diff options
author | Simon McVittie <smcv@debian.org> | 2016-12-21 13:03:32 +0000 |
---|---|---|
committer | Simon McVittie <smcv@debian.org> | 2016-12-21 13:03:36 +0000 |
commit | 28409cd358d5ff17e2c340298988e8baf86fd5f5 (patch) | |
tree | f42bd0dec60138980240397519f2e1e5ef870788 /debian/changelog | |
parent | bec3047aff9bee37f4d56848212f051fcf91cb90 (diff) | |
download | ikiwiki-28409cd358d5ff17e2c340298988e8baf86fd5f5.tar ikiwiki-28409cd358d5ff17e2c340298988e8baf86fd5f5.tar.gz |
Add CVE references for CVE-2016-10026
Diffstat (limited to 'debian/changelog')
-rw-r--r-- | debian/changelog | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/debian/changelog b/debian/changelog index 7490db757..031403830 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +ikiwiki (3.20161220) UNRELEASED; urgency=medium + + * Add CVE references for CVE-2016-10026 + + -- Simon McVittie <smcv@debian.org> Wed, 21 Dec 2016 13:03:07 +0000 + ikiwiki (3.20161219) unstable; urgency=medium [ Joey Hess ] @@ -8,7 +14,7 @@ ikiwiki (3.20161219) unstable; urgency=medium * Security: tell `git revert` not to follow renames. If it does, then renaming a file can result in a revert writing outside the wiki srcdir or altering a file that the reverting user should not be able to alter, - an authorization bypass. Thanks, intrigeri + an authorization bypass. Thanks, intrigeri. (CVE-2016-10026) * cgitemplate: remove some dead code. Thanks, blipvert * Restrict CSS matches against header class to not break Pandoc tables with header rows. Thanks, karsk |