backport

author: Joey Hess <joey@kitenet.net> 2011-01-22 11:51:00 -0400
committer: Joey Hess <joey@kitenet.net> 2011-01-22 11:51:00 -0400
commit: 394e8fdb5e787c42ef2a85aa08d5123cf6e87086 (patch)
tree: cde0abf6ca993e853f5c876e8ad5093efd3a9954 /doc/security.mdwn
parent: 0e224058e73308ddc67f5a403b0cc5aaa5345d7d (diff)
download: ikiwiki-394e8fdb5e787c42ef2a85aa08d5123cf6e87086.tar
ikiwiki-394e8fdb5e787c42ef2a85aa08d5123cf6e87086.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/doc/security.mdwn b/doc/security.mdwn
index 5fb85a469..52d9d3dc0 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -460,5 +460,6 @@ Dave B noticed that attempting to comment on an illegal page name could be
 used for an XSS attack.
 
 This hole was discovered on 22 Jan 2011 and fixed the same day with
-the release of ikiwiki 3.20110122. An upgrade is recommended for sites
+the release of ikiwiki 3.20110122. A fix was backported to Debian squeeze,
+as version 3.20100815.5. An upgrade is recommended for sites
 with the comments plugin enabled. ([[!cve CVE-2011-0428]])
author	Joey Hess <joey@kitenet.net>	2011-01-22 11:51:00 -0400
committer	Joey Hess <joey@kitenet.net>	2011-01-22 11:51:00 -0400
commit	394e8fdb5e787c42ef2a85aa08d5123cf6e87086 (patch)
tree	cde0abf6ca993e853f5c876e8ad5093efd3a9954 /doc/security.mdwn
parent	0e224058e73308ddc67f5a403b0cc5aaa5345d7d (diff)
download	ikiwiki-394e8fdb5e787c42ef2a85aa08d5123cf6e87086.tar ikiwiki-394e8fdb5e787c42ef2a85aa08d5123cf6e87086.tar.gz