cve

author: Joey Hess <joey@kitenet.net> 2012-05-16 21:18:40 -0400
committer: Joey Hess <joey@kitenet.net> 2012-05-16 21:18:40 -0400
commit: 22acf1872a746af65b2f5487991ff008e52ed1c2 (patch)
tree: f9b520b20def3c54435a934c12b5a3dbd6015988 /doc/security.mdwn
parent: 6f897f53dacca6487932858b35b8d47ad8379abd (diff)
download: ikiwiki-22acf1872a746af65b2f5487991ff008e52ed1c2.tar
ikiwiki-22acf1872a746af65b2f5487991ff008e52ed1c2.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/doc/security.mdwn b/doc/security.mdwn
index 99f40d3f1..c221c8c6d 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -492,6 +492,8 @@ and whose admins run `ikiwiki-mass-rebuild`.
 ## javascript insertion via meta tags
 
 Raúl Benencia discovered an additional XSS exposure in the meta plugin.
+([[!cvs CVE-2012-0220]])
 
 This hole was discovered on 16 May 2012 and fixed the same day with
-the release of ikiwiki 3.20120516.
+the release of ikiwiki 3.20120516. A fix was backported to Debian squeeze,
+as version 3.20100815.9. An upgrade is recommended for all sites.
author	Joey Hess <joey@kitenet.net>	2012-05-16 21:18:40 -0400
committer	Joey Hess <joey@kitenet.net>	2012-05-16 21:18:40 -0400
commit	22acf1872a746af65b2f5487991ff008e52ed1c2 (patch)
tree	f9b520b20def3c54435a934c12b5a3dbd6015988 /doc/security.mdwn
parent	6f897f53dacca6487932858b35b8d47ad8379abd (diff)
download	ikiwiki-22acf1872a746af65b2f5487991ff008e52ed1c2.tar ikiwiki-22acf1872a746af65b2f5487991ff008e52ed1c2.tar.gz