diff options
| author | Joey Hess <joey@gnu.kitenet.net> | 2010-03-12 14:49:13 -0500 |
|---|---|---|
| committer | Joey Hess <joey@gnu.kitenet.net> | 2010-03-12 14:50:26 -0500 |
| commit | 2ad3e60ee8272b7cccfd83ae02d5b45e2cec003d (patch) | |
| tree | ac6f6c025cb14790773f8530c6356dfa4c5b1b0c /debian | |
| parent | 556181d417e3461de56c43445ec9b2b0aefc7141 (diff) | |
| download | ikiwiki-2ad3e60ee8272b7cccfd83ae02d5b45e2cec003d.tar ikiwiki-2ad3e60ee8272b7cccfd83ae02d5b45e2cec003d.tar.gz | |
htmlscrubber: Security fix: In data:image/* uris, only allow a few whitelisted image types. No svg.
Diffstat (limited to 'debian')
| -rw-r--r-- | debian/changelog | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/debian/changelog b/debian/changelog index bae0e7ee0..7fdbbcb63 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -ikiwiki (3.20100303) UNRELEASED; urgency=low +ikiwiki (3.20100312) unstable; urgency=HIGH * Fix utf8 issues in calls to md5_hex. * moderatedcomments: Added moderate_pagespec that can be used @@ -12,6 +12,8 @@ ikiwiki (3.20100303) UNRELEASED; urgency=low * Fix missing span on recentchanges page template. * search: Avoid '$' in the wikiname appearing unescaped on omega's query template, where it might crash omega. + * htmlscrubber: Security fix: In data:image/* uris, only allow a few + whitelisted image types. No svg. -- Joey Hess <joeyh@debian.org> Tue, 09 Mar 2010 19:46:35 -0500 |