aboutsummaryrefslogtreecommitdiff
path: root/debian
diff options
context:
space:
mode:
authorSimon McVittie <smcv@debian.org>2016-05-09 21:57:34 +0100
committerSimon McVittie <smcv@debian.org>2016-05-09 21:57:34 +0100
commitab97cd56f30beebc035e0584071c3bef91933da1 (patch)
treee8b826064812439e93550e308e936e45aafb0742 /debian
parent6879e3782854f336bb2aa192a36a049695953245 (diff)
downloadikiwiki-ab97cd56f30beebc035e0584071c3bef91933da1.tar
ikiwiki-ab97cd56f30beebc035e0584071c3bef91933da1.tar.gz
Reference CVE-2016-4561 in 3.20160506 changelog
Diffstat (limited to 'debian')
-rw-r--r--debian/changelog2
1 files changed, 1 insertions, 1 deletions
diff --git a/debian/changelog b/debian/changelog
index 3a73c01c8..c4d4eab46 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,7 +2,7 @@ ikiwiki (3.20160506) unstable; urgency=medium
[ Simon McVittie ]
* HTML-escape error messages, in one case avoiding potential cross-site
- scripting (OVE-20160505-0012)
+ scripting (CVE-2016-4561, OVE-20160505-0012)
* Mitigate ImageMagick vulnerabilities such as CVE-2016-3714:
- img: force common Web formats to be interpreted according to extension,
so that "allowed_attachments: '*.jpg'" does what one might expect