releasing version 2.14

author: Joey Hess <joey@kitenet.net> 2007-11-26 15:30:44 -0500
committer: Joey Hess <joey@kitenet.net> 2007-11-26 15:30:44 -0500
commit: e15e3202eb04048feb302b39d946f1ae1a15c306 (patch)
tree: af286f69e186483a5179e97939fbc2b01fc6932c /debian/changelog
parent: 8df24a447d9bcae138873bc076432e6a69946d7f (diff)
download: ikiwiki-e15e3202eb04048feb302b39d946f1ae1a15c306.tar
ikiwiki-e15e3202eb04048feb302b39d946f1ae1a15c306.tar.gz
1 files changed, 7 insertions, 2 deletions
diff --git a/debian/changelog b/debian/changelog
index 456d4b908..299d7d571 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,9 +1,14 @@
-ikiwiki (2.14) UNRELEASED; urgency=low
+ikiwiki (2.14) unstable; urgency=high
 
   * Let CC be used to control what compiler is used to build wrappers.
   * Use 'cc' instead of gcc as the default compiler.
+  * Security fix: Ensure that there are no symlinks anywhere in the path
+    to the top of the srcdir. In certian unusual configurations, an attacker
+    who could commit to one of the parent directories of the srcdir could
+    use a symlink attack to cause ikiwiki to publish files elsewhere in the
+    filesystem. More details at <http://ikiwiki.info/security/#index29h2>
 
- -- Joey Hess <joeyh@debian.org>  Sun, 25 Nov 2007 15:49:49 -0500
+ -- Joey Hess <joeyh@debian.org>  Mon, 26 Nov 2007 15:26:06 -0500
 
 ikiwiki (2.13) unstable; urgency=low
author	Joey Hess <joey@kitenet.net>	2007-11-26 15:30:44 -0500
committer	Joey Hess <joey@kitenet.net>	2007-11-26 15:30:44 -0500
commit	e15e3202eb04048feb302b39d946f1ae1a15c306 (patch)
tree	af286f69e186483a5179e97939fbc2b01fc6932c /debian/changelog
parent	8df24a447d9bcae138873bc076432e6a69946d7f (diff)
download	ikiwiki-e15e3202eb04048feb302b39d946f1ae1a15c306.tar ikiwiki-e15e3202eb04048feb302b39d946f1ae1a15c306.tar.gz